Tuesday, July 08, 2014

Microsoft Security Bulletin Release for July, 2014

Microsoft released six (6) bulletins today.  Two of the bulletins are identified as Critical, three as Important and one as Moderate.

The updates address 29 Common Vulnerability and Exposures (CVEs) in Microsoft Windows and Internet Explorer.


  • MS14-037 -- Cumulative Security Update for Internet Explorer (2975687)
  • MS14-038 -- Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689)
  • MS14-039 -- Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685)
  • MS14-040 -- Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege (2975684)
  • MS14-041 -- Vulnerability in DirectShow Could Allow Elevation of Privilege (2975681) 

  • MS14-042 -- Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621)


Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Windows XP and Windows 8.1

As has been widely publicized, support for Windows XP and Office 2003 have ended.  Thus, there will be no further security updates for those products.  See Tim Rains article, The Countdown Begins: Support for Windows XP Ends on April 8, 2014. Although Microsoft has stopped providing Microsoft Security Essentials for download, that definitions will be available until July 15, 2015.  See Microsoft antimalware support for Windows XP. Important note for Windows 8.1 users:  Windows 8.1 Update Requirement Extended ____________ The following additional information is provided in the Security Bulletin:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: