Welcome to the November edition of Microsoft Patch Tuesday Summary. In this edition there are 14 updates; four are marked "Critical", eight are rated "Important" and two are rated "Moderate”. A total of 33 CVE's (Common Vulnerability and Exposure) were fixed over 14 bulletins this month. One of the Critical update MS14-064 addresses Sandworm related attack CVE-2014-6352 which was seen being exploited in the wild.
Here is a list of Security bulletins which were rolled out in today's Patch Tuesday release.
Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)
Cumulative Security Update for Internet Explorer (3003057)
Vulnerability in Schannel Could Allow Remote Code Execution (2992611)
Vulnerabilities in XML Core Services Could Allow Remote Code Execution (2993958)
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution(3009710)
Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)
Vullnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)
Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)
Vulnerability in Remote Desktop Protocol could allow Security Feature Bypass (3003743)
Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass (2982998)
Vulnerability in Active Directory Federation Services could allow Information Disclosure (3003381)
Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719)
Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (3002885)
Tracking Microsoft Vulnerability Patches 2014
As shown in the chart above, number of vulnerabilities which were patched this month is slightly higher than that of October's release.This Patch Tuesday also turns out to be the heaviest of the year so far from bulletin count perspective. As we do every month, we’ve released a signature update #2439 to address vulnerabilities fixed in this month's patches. Happy patching!