Patch Tuesday Wednesday (Jun-2014)

patch-tuesday This month Microsoft have released seven (7) security bulletins of which two (2) have a maximum rating of Critical and five (5) have a maximum rating of Important.

❝ Speaking of the here and now, today we release seven security bulletins, two rated Critical and five rated Important in severity, addressing 66 Common Vulnerabilities and Exposures (CVEs) for Microsoft Windows, Internet Explorer, and Microsoft Office customers. … Let’s look at an example from this month’s release. The security bulletin for Internet Explorer (IE) resolves 59 items, including CVE-2014-1770. The most serious of these could allow remote code execution if a user views a webpage specially crafted by a cybercriminal. We still haven’t seen any active attacks attempting to exploit any of the other CVEs addressed by this bulletin. … ❞ [1]

Bulletin KB number Description Impact / Severity Software
MS14-030 2969259 Vulnerability in Remote Desktop Could Allow Tampering Important :
Tampering
Microsoft Windows
MS14-031 2962478 Vulnerability in TCP Protocol Could Allow Denial of Service Important :
Denial of Service
Microsoft Windows
MS14-032 2969258 Vulnerability in Microsoft Lync Server Could Allow Information Disclosure Important :
Information Disclosure
Microsoft Lync Server
MS14-033 2966061 Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure Important :
Information Disclosure
Microsoft Windows
MS14-034 2969261 Vulnerability in Microsoft Word Could Allow Remote Code Execution Important :
Remote Code Execution
Microsoft Office
MS14-035 2969262 Cumulative Security Update for Internet Explorer Critical :
Remote Code Execution
Microsoft Windows, Internet Explorer
MS14-036 2967487 Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution Critical :
Remote Code Execution
Microsoft Windows, Microsoft Office, Microsoft Lync

PATCH NOW:
* MS14-034 (MS Word): CVE-2014-2778 is a remote code execution vulnerability affecting Microsoft Word 2007 and the Microsoft Office Compatibility Pack.
* MS14-035 (Internet Explorer): This bulletin resolves 59 distinct vulnerabilities

Advertisements
This entry was posted in microsoft, patch, Patch_Tuesday, security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s