Home | Articles | Microsoft | Patches | Microsoft Security Bulletin Advance Notification for July 2014

Microsoft Security Bulletin Advance Notification for July 2014

Microsoft is getting ready for their latest round of patches.  Patch Tuesday will see six in total with varying degrees of importance.

The following table summarizes the security bulletins for this month in order of severity.

For details on affected software, see the next section, Affected Software.

Bulletin IDMaximum Severity Rating and Vulnerability ImpactRestart RequirementAffected Software
Bulletin 1Critical
Remote Code Execution
Requires restartMicrosoft Windows,
Internet Explorer
Bulletin 2Critical
Remote Code Execution
May require restartMicrosoft Windows
Bulletin 3Important
Elevation of Privilege
Requires restartMicrosoft Windows
Bulletin 4Important
Elevation of Privilege
Requires restartMicrosoft Windows
Bulletin 5Important
Elevation of Privilege
May require restartMicrosoft Windows
Bulletin 6Moderate
Denial of Service
Does not require restartMicrosoft Server Software

The following table details Microsoft’s classification for severity

RatingDefinition
CriticalA vulnerability whose exploitation could allow code execution without user interaction. These scenarios include self-propagating malware (e.g. network worms), or unavoidable common use scenarios where code execution occurs without warnings or prompts. This could mean browsing to a web page or opening email.

Microsoft recommends that customers apply Critical updates immediately.

ImportantA vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of user data, or of the integrity or availability of processing resources. These scenarios include common use scenarios where client is compromised with warnings or prompts regardless of the prompt’s provenance, quality, or usability. Sequences of user actions that do not generate prompts or warnings are also covered.

Microsoft recommends that customers apply Important updates at the earliest opportunity.

ModerateImpact of the vulnerability is mitigated to a significant degree by factors such as authentication requirements or applicability only to non-default configurations.

Microsoft recommends that customers consider applying the security update.

LowImpact of the vulnerability is comprehensively mitigated by the characteristics of the affected component. Microsoft recommends that customers evaluate whether to apply the security update to the affected systems.

About Joe DiFiglia

I have always had a passion for everything computing. In early 2000, I decided to take my passion to the web. Thus, C.O.D. was born. Through the years we have made many great friends at C.O.D. and hope to continue our journey for years to come.