Microsoft recently issued an out of band update to patch the widely exploited IE 6-11 vulnerabliity (CVE-2014-1766) and now its time for their scheduled monthly Patch Tuesday updates. In the May edition there are 8 updates out of which 2 are marked "Crticial" and 6 are rated "Important". A total of 13 vulnerabilities got fixed over 8 bulletins this month.
Here is a list of vulnerabilities fixed in today's Patch Tuesday release
Bulletin ID |
CVE ID |
Vulnerability Description |
MS14-023 |
CVE-2014-1756 |
Vulnerability in Microsoft Office Could Allow Remote Code Execution |
MS14-023 |
CVE-2014-1808 |
Vulnerability in Microsoft Office Could Allow Remote Code Execution |
MS14-024 |
CVE-2014-1809 |
Vulnerability in a Microsoft Common Control Could Allow Security Feature Bypass |
MS14-025 |
CVE-2014-1812 |
Vulnerability in Active Directory Could Allow Elevation of Privilege |
MS14-026 |
CVE-2014-1806 |
Vulnerability in .NET could allow Remote Code Execution |
MS14-027 |
CVE-2014-1807 |
Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege |
MS14-028 |
CVE-2014-0255 |
Vulnerability in iSCSI Could Allow Denial of Service |
MS14-028 |
CVE-2014-0256 |
Vulnerability in iSCSI Could Allow Denial of Service |
MS14-029 |
CVE-2014-0310 |
Cumulative Security Update for Internet Explorer |
MS14-029 |
CVE-2014-1815 |
Cumulative Security Update for Internet Explorer |
MS14-022 |
CVE-2014-0251 |
Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution |
MS14-022 |
CVE-2014-1754 |
Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution |
MS14-022 |
CVE-2014-1813 |
Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution |
Tracking Microsoft Vulnerability Patches 2014
As shown in the chart above, number of vulnerabilties which were patched this month is slightly higher than that of April's release. As we do every month, we’ve released a signature update #2373 to address the vulnerabilities fixed in today’s patches. Happy patching!
For additional information on how you can protect your network from emerging threats, please visit http://www.juniper.net/as/en/security/