{"id":5710,"date":"2014-06-10T17:30:23","date_gmt":"2014-06-10T21:30:23","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=5710"},"modified":"2014-06-10T17:30:23","modified_gmt":"2014-06-10T21:30:23","slug":"microsoft-pushes-out-massive-security-update-for-internet-explorer","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/06\/10\/microsoft-pushes-out-massive-security-update-for-internet-explorer\/","title":{"rendered":"Microsoft pushes out massive security update for Internet Explorer"},"content":{"rendered":"

\"\"<\/a><\/p>\n

Microsoft pushes out massive security update for Internet Explorer<\/p>\n

Six down, six to go. Today is the Microsoft Patch Tuesday for June, and it comes with seven new security bulletins. The good news is that five of the seven are only rated as Important, but one of the two Critical security bulletins\u2014the cumulative update for Internet Explorer\u2014is huge.<\/p>\n

In all, the seven security bulletins address a total of 66 specific vulnerabilities. The Cumulative Security Update for Internet Explorer (MS14-035) accounts for 59 of them\u2014a record for a single Microsoft security bulletin.<\/p>\n

Microsoft issued fixes for flaws in remote desktop, Lync Server, XML Core Services, Word, the TCP protocol, and the Microsoft Graphics Component that affect a range of products and services including versions of Windows and Office. The impact of a successful exploit ranges from denial of service, to information disclosure, to remote code execution, but the \u201cstar\u201d of the show is Internet Explorer.<\/p>\n

\u201cLast month, IE saw a lot of activity, first with the out-of-band patch released on May 1, a point fix released as part of May\u2019s Patch Tuesday, and a vulnerability that was publicly disclosed by the Zero-Day Initiative on May 21,\u201d says Russ Ernst, director of product management for Lumension.<\/p>\n

The cumulative update from Microsoft includes a fix for the vulnerability reported to ZDI. Thankfully, none of the vulnerabilities fixed by this update are actively under attack as far as we know. Even the two flaws that are already publicly disclosed are not facing any known active attacks.<\/p>\n

That said, with 59 separate vulnerabilities in the most widely-used browser, it is an absolute certainty that malware developers will be working diligently to reverse-engineer the patches and craft exploits to target those flaws. It is absolutely imperative that you apply the patch for MS14-035 as soon as possible.<\/p>\n

The other Critical security bulletin this month\u2014MS14-036\u2014addresses a couple vulnerabilities in Microsoft Graphics component that could enable remote code execution if successfully exploited. The list of affected applications is extensive, including all versions of Windows and Office.<\/p>\n

Tyler Reguly, manager of security research for Tripwire, stresses that upgrading to more current operating systems and applications has perks from a security perspective. \u201cMS14-034, which affects only Office 2007, is a reminder that Microsoft’s Security Development Lifecycle really does work,” he says. “It would be nice to see them shorten their support Windows, forcing consumers and enterprises to upgrade more frequently. This would remove older, more vulnerable software from the picture.\u201d<\/p>\n

Review the security bulletins from Microsoft and figure out which ones apply to you. I recommend you install all applicable updates to fix vulnerabilities before malware developers figure out how to exploit them. Start with the two Critical updates\u2014MS14-035 and MS14-036\u2014but then move as quickly as possible to implement the rest of the updates as well.<\/p>\n

via Microsoft pushes out massive security update for Internet Explorer | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Microsoft pushes out massive security update for Internet Explorer Six down, six to go. Today is the Microsoft Patch Tuesday […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[5,7,11],"tags":[536,680,800],"class_list":["post-5710","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-security","category-windows","tag-internet-explorer","tag-microsoft-2","tag-patches"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1u6","jetpack-related-posts":[{"id":9452,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/11\/19\/internal-bug-discovery-security-now-693\/","url_meta":{"origin":5710,"position":0},"title":"Internal Bug Discovery – Security Now 693","author":"NCCT","date":"November 19, 2018","format":false,"excerpt":"https:\/\/youtu.be\/ClVI9PMQGCY Australia vs Encryption, Google+ Bugs Hasten its Demise -- Australia's recently passed anti-encryption legislation -- Details of a couple more mega-breaches including a bit of Marriott follow-up -- A welcome call for legislation from Microsoft -- A new twist on online advertising click fraud -- The DHS is interested\u2026","rel":"","context":"In "Microsoft"","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/ClVI9PMQGCY\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9405,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/10\/07\/odorless-and-weightless-hackers-this-week-in-tech-687\/","url_meta":{"origin":5710,"position":1},"title":"Odorless and Weightless Hackers – This Week in Tech 687","author":"NCCT","date":"October 7, 2018","format":false,"excerpt":"https:\/\/youtu.be\/lb4rnqfNdas Chinese Spy Chips, Microsoft Highs and Lows, Pixel 3 Event Predictions, and More! Bloomberg reports that China used tiny chips to spy on Apple, Amazon, and the US government. Apple and Amazon deny it. How do we know who is right? All the news from the Microsoft Surface event,\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/lb4rnqfNdas\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9902,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/02\/11\/tpm-2-0-is-not-required-for-windows-11\/","url_meta":{"origin":5710,"position":2},"title":"TPM 2.0 Is Not Required for Windows 11","author":"NCCT","date":"February 11, 2025","format":false,"excerpt":"https:\/\/youtu.be\/yjjCbOOpREg On Security Now, Steve Gibson talks about Microsofrt dropping the TPM 2.0 requirement from Windows 11.","rel":"","context":"In "Microsoft"","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/yjjCbOOpREg\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9391,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/08\/12\/this-week-in-tech-679-hotbox-the-waymo\/","url_meta":{"origin":5710,"position":3},"title":"This Week in Tech 679: Hotbox the Waymo","author":"NCCT","date":"August 12, 2018","format":false,"excerpt":"https:\/\/youtu.be\/r0sh0kx0ksQ This Week in Tech Galaxy Note 9, vote hacking, Android Q quandary, robot dogs, and more. --Samsung Announces the Galaxy Note 9, Galaxy Watch, and Galaxy Home musical cauldron. --What is AI? --Self-driving roll-out is increasing. --Amazon wants you to pick up groceries at Whole Foods, and wishes you\u2026","rel":"","context":"In "Microsoft"","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/r0sh0kx0ksQ\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9518,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/02\/10\/between-the-buns-this-week-in-tech-705\/","url_meta":{"origin":5710,"position":4},"title":"Between the Buns – This Week in Tech 705","author":"NCCT","date":"February 10, 2019","format":false,"excerpt":"https:\/\/youtu.be\/KZ52Am221no Improving government websites, blocking the big five, Spotify\u2019s podcast move, and more. -- Alphabet Earnings: Google's Cost Per Click -- Cutting out Google, Apple, Amazon, Facebook, and Microsoft -- The US to Ban Huawei 5GTech -- Germany Outlaws Facebook's Business Model -- What if Google Just Doesn't Pay Its\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/KZ52Am221no\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9511,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/01\/22\/millsplain-it-to-me-this-week-in-tech-702\/","url_meta":{"origin":5710,"position":5},"title":"Millsplain It to Me – This Week in Tech 702","author":"NCCT","date":"January 22, 2019","format":false,"excerpt":"https:\/\/youtu.be\/EtTfFJVBZ6s -Apple's Tim Cook Calls for Data Privacy. -773M Passwords Pwned - How to Find Out If Yours Was. -Amazon Tries to Make Alexa Sound \"Newsy.\" -Google Buys Fossil. -74% of Facebook Users are Clueless. -Facebook's 10 Year Challenge. -Atari Founder Making Alexa Board Games. -Stop Using Windows Phone! -Tokyo\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/EtTfFJVBZ6s\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5710","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=5710"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5710\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=5710"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=5710"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=5710"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}