On Tuesday, April 8, 2014, Microsoft is planning to release four (4) bulletins. Two of the bulletins are identified as Critical with the other two as Important.
The updates address vulnerabilities in Microsoft Windows, Office and Internet Explorer.
The update provided through MS14-017 fully addresses the Microsoft Word issue first described in Security Advisory 2953095. If the Fix it was installed on your computer, after installing the update, it will be necessary to disable the Fix it to ensure RTF files will again render normally. Although update will fully address all affected versions of Microsoft Word, at this time, Microsoft is still only aware of limited, targeted attacks directed at Microsoft Word 2010.
ReminderAs has been widely publicized, support ends for Windows XP and Office 2003 on April 8, 2014. Thus, this will be the last security updates for those products. See Tim Rains article, The Risk of Running Windows XP After Support Ends April 2014. Note also that Microsoft Security Essentials will no longer be available for download for Windows XP.
As happens each month, Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.
- MSRC: Advance Notification Service for April 2014 Security Bulletin Release
- TechNet: Microsoft Security Bulletin Advance Notification for April 2014
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...