Tuesday, March 11, 2014

Microsoft Security Bulletin Release for March 2014

Microsoft released five (5) bulletins.  Two of the bulletins are identified as Critical with the remaining three as Important.

The security updates address 23 unique CVEs in Microsoft Windows, Internet Explorer and Silverlight.  Information about non-Security updates is available in KB864199.


  • MS14-012 -- Cumulative Security Update for Internet Explorer (2925418)
  • MS14-013 -- Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2929961)


  • MS14-015 -- Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275)
  • MS14-016 -- Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
  • MS14-014 -- Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677)


Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.  The MSRT was updated to include detections for the Wysotot and Spacekito malware families.

Windows XP End of Support

Users of Windows XP are reminded that support ends for Windows XP on April 8, 2014.  See Tim Rains article, The Countdown Begins: Support for Windows XP Ends on April 8, 2014.

Also note that after April 8, 2014, technical assistance for Windows XP will no longer be available.  This includes automatic updates that help protect your PC. Microsoft will also stop providing Microsoft Security Essentials for download.  Note, however, that definitions will be available until July 15, 2015.  See Microsoft antimalware support for Windows XP.

The following additional information is provided in the Security Bulletin:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: