Tuesday, October 14, 2014

Microsoft Security Bulletin Release for October 2014


Microsoft released eight (8) bulletins.  Three (3) bulletins are identified as Critical and five (5) as Important.

The updates address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). Reminder to those who have problems with .NET updates to install separately with a restart between other updates.

Critical:

  • MS14-056 -- Cumulative Security Update for Internet Explorer (2987107)  
  • MS14-057 -- Vulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414) 
  • MS14-058 -- Vulnerability in Kernel-Mode Driver Could Allow Remote Code Execution (3000061) 

Important:
  • MS14-059 -- Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942) 
  • MS14-060 -- Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869)
  • MS14-061 -- Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) 
  • MS14-062 -- Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254) 
  • MS14-063 -- Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege (2998579)   
Information on non-security update information can be found in KB 894199.

Security Advisories


The following security advisories were released:
Revised advisories:

Notes



The following additional information is provided in the Security Bulletin:

References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...



    No comments: