It’s Microsoft Patch Tuesday! In the July edition there 6 updates; two are marked "Critical", three are rated "Important" and one is rated "Moderate”. A total of 29 vulnerabilities were fixed over 6 bulletins this month. One of the Critical update MS14-037 is an all version Internet Explorer (IE 6 to 11) patch. This single update resolves 23 CVE's (Common Vulnerability and Exposure) including one publicly disclosed vulnerability.
Here is a list of Security bulletins which were rolled out in today's Patch Tuesday release.
Cumulative Security Update for Internet Explorer
Vulnerability in Windows Journal Could Allow Remote Code Execution
Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege
Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege
Vulnerability in DirectShow Could Allow Elevation of Privilege
Vulnerability in Service Bus Could Allow Denial of Service
Tracking Microsoft Vulnerability Patches 2014
As shown in the chart above, number of vulnerabilities which were patched this month is significantly low in comparison to last month where almost double the number of vulnerabilities was fixed. One common thing between last month and this month is that IE continues to be the most vulnerable among other Microsoft products.
This Patch Tuesday turns out to be an IE dominated release. As we do every month, we’ve released a signature update #2396 to address vulnerabilities fixed in this month's patches. Happy patching!