Patch Tuesday Wednesday (May-2014)

patch-tuesday This month Microsoft have released eight (8) security bulletins of which two (2) have a maximum rating of Critical and six (6) have a maximum rating of Important.

❝ Today, we released eight security bulletins – two rated Critical and six rated Important – to address 13 Common Vulnerability & Exposures (CVEs) in .NET Framework, Office, SharePoint, Internet Explorer, and Windows. We encourage you to apply all of these updates, but for those who need to prioritize their deployment planning, we recommend focusing on MS14-024, MS14-025 and MS14-029.
We also have some new security advisories releasing today. Security Advisory 2871997 provides an update for Windows 8 and Windows Server 2012 that enhances credential protection and domain authentication controls to reduce credential theft by making specific improvements. These features are currently available in Windows 8.1 and Windows Server 2012 R2, and we are making them available for other platforms. ❞ [1]

Bulletin KB number Description Impact / Severity Software
MS14-021 2965111 Security Update for Internet Explorer :
(released May 1st)
Critical :
Remote Code Execution
Microsoft Windows, Internet Explorer
MS14-022 2952166 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution Critical :
Remote Code Execution
Microsoft Server Software, Productivity Software
MS14-023 2961037 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution Important :
Remote Code Execution
Microsoft Office
MS14-024 2961033 Vulnerability in a Microsoft Common Control Could Allow Security Feature Bypass Important :
Security Feature Bypass
Microsoft Office
MS14-025 2962486 Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege Important :
Elevation of Privilege
Microsoft Windows
MS14-026 2958732 Vulnerability in .NET Framework Could Allow Elevation of Privilege Important :
Elevation of Privilege
Microsoft Windows, Microsoft .NET Framework
MS14-027 2962488 Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege Important :
Elevation of Privilege
Microsoft Windows
MS14-028 2962485 Vulnerability in iSCSI Could Allow Denial of Service Important :
Denial of Service
Microsoft Windows
MS14-029 2962482 Security Update for Internet Explorer Critical :
Remote Code Execution
Microsoft Windows, Internet Explorer

PATCH NOW:
* MS14-024, MS14-025 and MS14-029.

LINKS:
[1.] The May 2014 Security Updates (2014-May-13) [MS: MSRC]
[2.] Microsoft May 2014 Patch Tuesday (2014-May-13) [SANS]
[3.] Microsoft Security Bulletin Summary for March 2014 (2014-May-13) [MS]
Advertisements
This entry was posted in microsoft, patch, Patch_Tuesday, security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s