Microsoft June Patch Tuesday Advance Notification

Microsoft is expecting to release 2 critical and 5 important bulletins on Tuesday [1].

There are no patches scheduled for Windows XP even though CVE-2014-1770 does affect Internet Explorer 8, which is the last version of IE to run on Windows XP.

Preliminary Patch Table: (the bulletin numbers and anything else may change in the final release)

#	Affected	Contra Indications - KB	Known Exploits	Microsoft rating(**)	ISC rating(*)
#	Affected	Contra Indications - KB	Known Exploits	Microsoft rating(**)	clients	servers
MS14-030	Cumulative Internet Explorer Update
MS14-030	Internet Explorer CVE-2014-1770	TBD	Vuln. known, but according to MSFT not yet exploited.	Severity: Critical Exploitability: ?	Critical	Critical
MS14-031	Microsoft Office and Lynx Remote Code Execution Vulnerability
MS14-031	Windows, Office, Lync (Client)	TBD	.	Severity: Critical Exploitability: ?	Critical	Important
MS14-032	Microsoft Office Remote Code Execution Vulnerability
MS14-032	Microsoft Office	TBD	.	Severity: Important Exploitability: ?	Critical	Important
MS14-033	Information Disclosure Vulnerability in Windows
MS14-033	Microsoft Windows	TBD	.	Severity: Important Exploitability: ?	Important	Important
MS14-034	Information Disclosure Vulnerability in Lync Server
MS14-034	Lync Server	TBD	.	Severity: Important Exploitability: ?	N/A	Important
MS14-035	Denial of Service Vulnerability in Windows
MS14-035	Microsoft Windows	TBD	.	Severity: Important Exploitability: ?	Important	Important
MS14-036	Tampering Vulnerability in Windows
MS14-036	Microsoft Windows	TBD	.	Severity: Important Exploitability: ?	Important	Important

[1] https://technet.microsoft.com/library/security/ms14-jun

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Winter 2019

Johannes

3681 Posts
ISC Handler

Jun 6th 2014
5 years ago