Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2014-06-06 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft June Patch Tuesday Advance Notification

Published: 2014-06-06
Last Updated: 2014-06-06 16:42:34 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

Microsoft is expecting to release 2 critical and 5 important bulletins on Tuesday [1]. 

There are no patches scheduled for Windows XP even though CVE-2014-1770 does affect Internet Explorer 8, which is the last version of IE to run on Windows XP.

Preliminary Patch Table: (the bulletin numbers and anything else may change in the final release)

# Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*)
clients servers
MS14-030 Cumulative Internet Explorer Update
 
Internet Explorer
CVE-2014-1770
TBD Vuln. known, but according to MSFT not yet exploited. Severity: Critical
Exploitability: ?
Critical Critical
MS14-031 Microsoft Office and Lynx Remote Code Execution Vulnerability
 
Windows, Office, Lync (Client) TBD . Severity: Critical
Exploitability: ?
Critical Important
MS14-032 Microsoft Office Remote Code Execution Vulnerability
 
Microsoft Office TBD . Severity: Important
Exploitability: ?
Critical Important
MS14-033 Information Disclosure Vulnerability in Windows
 
Microsoft Windows TBD . Severity: Important
Exploitability: ?
Important Important
MS14-034 Information Disclosure Vulnerability in Lync Server
 
Lync Server TBD . Severity: Important
Exploitability: ?
N/A Important
MS14-035 Denial of Service Vulnerability in Windows
 
Microsoft Windows TBD . Severity: Important
Exploitability: ?
Important Important
MS14-036 Tampering Vulnerability in Windows
 
Microsoft Windows TBD . Severity: Important
Exploitability: ?
Important Important

 

[1] https://technet.microsoft.com/library/security/ms14-jun

 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

0 comment(s)
Diary Archives