Welcome to the April edition of Microsoft Patch Tuesday Summary. In this edition there are 11 updates; 4 are marked "Critical" and 7 are rated "Important". A total of 26 CVE's (Common Vulnerability and Exposure) were fixed over 11 bulletins this month. One of the Critical update MS15-033 addresses publicly disclosed Microsoft Office vulnerability (CVE-2014-6352) which is currently being exploited in the wild.
Here is a list of Security bulletins which were rolled out in today's Patch Tuesday release.
Cumulative Security Update for Internet Explorer
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
Vulnerability in HTTP.sys Could Allow Remote Code Execution
Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution
Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege
Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege
Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege
Vulnerability in XML Core Services Could Allow Security Feature Bypass
Vulnerability in Active Directory Federation Services Could Allow Information Disclosure
Vulnerability in .NET Framework Could Allow Information Disclosure
Vulnerability in Windows Hyper-V Could Allow Denial of Service
Tracking Microsoft Vulnerability Patches 2015
As shown in the chart above, number of vulnerabilities which were patched this month is much lower than that of previous month's where 45 vulnerabilities were patched. As we do every month, we’ve released a signature update #2483 to address vulnerabilities fixed in this month's patches. Happy patching!