dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1188
share rss forum feed


dp
Premium,MVM
join:2000-12-08
Greensburg, PA
kudos:7

5 recommendations

Microsoft Security Bulletin(s) for April 8, 2014

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»technet.microsoft.com/en-us/secu···ms14-apr

Critical(2)

Microsoft Security Bulletin MS14-017
Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2949660)
»technet.microsoft.com/en-us/secu···ms14-017

Microsoft Security Bulletin MS14-018
Cumulative Security Update for Internet Explorer (2950467)
»technet.microsoft.com/en-us/secu···ms14-018

Important (2)

Microsoft Security Bulletin MS14-019
Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2922229)
»technet.microsoft.com/en-us/secu···ms14-019

Microsoft Security Bulletin MS14-020
Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (2950145)
»technet.microsoft.com/en-us/secu···ms14-020

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
--
Microsoft® Consumer Security MVP, 2004 - 2014
DP's Security Bits



NICK ADSL UK
Premium,MVM
join:2004-02-22
kudos:16
Reviews:
·Zen Internet

1 recommendation

thank you Don

Microsoft Webcast: Information about the April 2014 Security Bulletin Release

Starts: Wednesday, April 09, 2014 11:00 AM

Time zone: (GMT-08:00) Pacific Time (US & Canada)

Duration: 1 hour(s)

Event ID: 1032572978

Language(s):English.

Product(s): computer security and information security.

Audience(s): IT Decision Maker and IT Manager.

Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.

Presented by:

Dustin Childs, Group Manager, Response Communications, Microsoft Corporation

and

TBD

Register now for the April Security Bulletin webcast
»msevents.microsoft.com/CUI/Event···32572978
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security


art22gg
Premium
join:2005-02-16
Courtenay, BC
kudos:6
reply to dp

Thanks dp...



Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to dp

Click for full size
Thanks for the update dp See Profile!


MarkAW
Barry White
Premium
join:2001-08-27
Canada
kudos:16
reply to dp

Click for full size
Thanks dp See Profile got 7 for my Win7.


Babar
Premium
join:2001-05-09
Washington
reply to dp

Thanks, dp!



Pentangle
With our thoughts we make the world.
Premium
join:2006-06-01
Vancouver BC
kudos:2
reply to dp

Thanks DP.



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to dp

Click for full size
The update provided through MS14-017
Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2949660)
quote:
This advisory also included a Fix it to disable opening rich-text format (RTF) files within Microsoft Word. Once the security update is applied, you should disable the Fix it to ensure RTF files will again render normally. At this time, we are still only aware of limited, targeted attacks directed at Microsoft Word 2010. The update will fully address all affected versions.
Original MS Fix It provided as reference for those that may want to undo the Fix It.
»support.microsoft.com/kb/2953095

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to dp

Thanks!

Anyone know why ONLY IE 10 does NOT need the Cumulative IE update (going all the way back to IE 6) especially since IE 11 is vulnerable?

I can't recall the last time I only needed ONE patch on MS Tuesday (plus, Flash Player update).
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


GuruGuy

join:2002-12-16
Atlanta, GA

said by Mele20:

Thanks!

Anyone know why ONLY IE 10 does NOT need the Cumulative IE update (going all the way back to IE 6) especially since IE 11 is vulnerable?

I can't recall the last time I only needed ONE patch on MS Tuesday (plus, Flash Player update).

I had nine, rebooted, then had one (the one for IE 11). Win 7.
--
GuruGuy


Tamarisk

@arkomnet.eu
reply to dp

One laptop still running Vista 32-bit had Aero disabled and no way to re-enable it.

Anyone else hear or see anything like this after this months updates?



therube

join:2004-11-11
Randallstown, MD

1 recommendation

reply to Dustyn

Security Update for IE 11 for Win7, defaulted.

Then separately, Cumulative Security Update for IE 11 for Win7, available but not defaulted.

Ideas on why?
(I put in the one, thinking the other may go away, but on reboot, it was still there, so put that in, also. And the rebooted again...!)



Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11

I'm not sure... but it's odd.
I left it unchecked and installed all the other updates first.
Rebooted then installed unchecked update. Rebooted again... all is well.
--
"Graffiti Wall" Dustyn's Wall »[Serious] RIP



therube

join:2004-11-11
Randallstown, MD

1 recommendation

reply to therube

(probably mentioned in these parts too, but) Internet Explorer 11.0.7 Released for Windows 7, Windows 8.1 Update.

quote:
11.0.7 is not available as a standalone download for the time being, but you can get it by deploying KB2919355

And I hate when they do that.


Tamarisk

@arkomnet.eu
reply to Tamarisk

Fixed my issue w/ Aero not running on Vista. For some reason after I had applied the security updates, the Desktop Window Manager had quit running. A restart fixed it.



NICK ADSL UK
Premium,MVM
join:2004-02-22
kudos:16
Reviews:
·Zen Internet
reply to dp

Windows 8.1 Update is a cumulative set of security updates, critical updates and updates.

Windows 8.1 Update for x86 (KB2919355)
»www.microsoft.com/en-us/download···id=42327

Windows 8.1 Update for x64 (KB2919355)
»www.microsoft.com/en-us/download···id=42335

Windows Server 2012 R2 Update (KB2919355)
»www.microsoft.com/en-us/download···id=42334

Wilders Security Forum Admin
Microsoft MVP - Consumer Security