Welcome to the April edition of Microsoft Patch Tuesday Summary. In this edition there are 11 updates; 4 are marked "Critical" and 7 are rated "Important". A total of 26 CVE's (Common Vulnerability and Exposure) were fixed over 11 bulletins this month. One of the Critical update MS15-033 addresses publicly disclosed Microsoft Office vulnerability (CVE-2014-6352) which is currently being exploited in the wild.
Here is a list of Security bulletins which were rolled out in today's Patch Tuesday release.
| Bulletin ID |
Bulletin Title |
Bulletin Severity |
| MS15-032 |
Cumulative Security Update for Internet Explorer |
Critical |
| MS15-033 |
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution |
Critical |
| MS15-034 |
Vulnerability in HTTP.sys Could Allow Remote Code Execution |
Critical |
| MS15-035 |
Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution |
Critical |
| MS15-036 |
Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege |
Important |
| MS15-037 |
Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege |
Important |
| MS15-038 |
Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege |
Important |
| MS15-039 |
Vulnerability in XML Core Services Could Allow Security Feature Bypass |
Important |
| MS15-040 |
Vulnerability in Active Directory Federation Services Could Allow Information Disclosure |
Important |
| MS15-041 |
Vulnerability in .NET Framework Could Allow Information Disclosure |
Important |
| MS15-042 |
Vulnerability in Windows Hyper-V Could Allow Denial of Service |
Important |
Tracking Microsoft Vulnerability Patches 2015
As shown in the chart above, number of vulnerabilities which were patched this month is much lower than that of previous month's where 45 vulnerabilities were patched. As we do every month, we’ve released a signature update #2483 to address vulnerabilities fixed in this month's patches. Happy patching!
For additional information on how you can protect your network from emerging threats, please visit http://www.juniper.net/as/en/security/