Microsoft Security Bulletins For July 2014 overview

Welcome to the overview of Microsoft's Patch Tuesday for July 2014. It lists all information about this month's security and non-security updates for Microsoft operating systems and other company products.

A total of six bulletins are released this month that fix 29 vulnerabilities in Microsoft Windows, Internet Explorer and Microsoft Server Software.

Two of the bulletins have received the highest severity rating of critical, three a severity rating of important, and one of moderate. This means that at least one Microsoft product is affected by the severity in this way, while other products may be affected in the same way, less, or not at all.

Check out the executive summary below if you are in a hurry, or read all sections of the guide for the complete picture.

Executive Summary

  1. Six bulletins addressing a total of 29 vulnerabilities have been released by Microsoft this month.
  2. Affected products include Windows, Server software and the Internet Explorer browser.
  3. Two bulletins have received the highest severity rating of critical.
  4. The top deployment priorities are MS14-037 addressing vulnerabilities in Internet Explorer and MS14-038 addressing vulnerabilities in Windows Journal.

Video Summary

Operating System Distribution

All Windows client-based operating systems with the exception of Windows RT and RT 8.1 share the same vulnerability distribution. All are affected by two critical and three important bulletins. Windows RT and RT 8.1 are affected by two critical and two important bulletins.

The server distribution is identical as well except for Windows Server 2003 which is affected less severely. All server-based Windows products except 2003 are affected by one critical, three important and one moderate bulletin. Server 2003 is only affected by one important and one moderate vulnerability.

Windows Vista: 2 critical, 3 important
Windows 7: 2 critical, 3 important
Windows 8: 2 critical, 3 important
Windows 8.1: 2 critical, 3 important
Windows RT: 2 critical, 2 important
Windows RT 8.1: 2 critical, 2 important
Windows Server 2003: 1 important, 1 moderate
Windows Server 2008: 1 critical, 3 important, 1 moderate
Windows Server 2008 R2: 1 critical, 3 important, 1 moderate
Windows Server 2012: 1 critical, 3 important, 1 moderate
Windows Server 2012 R2: 1 critical, 3 important, 1 moderate
Server Core installation: 2 important

Deployment Guide

deployment guide july 2014

Microsoft suggests the following deployment priority for this month's bulletins:

  • Tier 1: MS14-037 Internet Explorer and MS14-038 Journal
  • Tier 2: MS14-039 Keyboard, MS14-040 AFD and MS14-041 DirectShow
  • Tier3: MS14-042 Service Bus

Security Bulletins

  • MS14-037 - Cumulative Security Update for Internet Explorer (2975687) - Critical - Remote Code Execution
  • MS14-038 - Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) - Critical - Remove Code Execution
  • MS14-039 -  Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685) - Important - Elevation of Privilege
  • MS14-040 - Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege (2975684)  - Important - Elevation of Privilege
  • MS14-041 - Vulnerability in DirectShow Could Allow Elevation of Privilege (2975681) - Important - Elevation of Privilege
  • MS14-042 - Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621) - Moderate
    Denial of Service

Security Advisories

  • Microsoft Security Advisory 2871997 (revised) - Update to Improve Credentials Protection and Management - Changes default behavior for Restricted Admin mode on Windows 8.1 and Windows Server 2012 R2.
  • Microsoft Security Advisory 2960358 (revised) - Update for Disabling RC4 in .NET TLS.
  • Microsoft Security Advisory 2755801 (revised) - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

Non-security related updates

  • Update for Windows 8 and Windows Server 2012 (KB2937636) - Update to Microsoft Update client.
  • Update for Windows 8.1, Windows Server 2012 R2, Windows 8, and Windows Server 2012 (KB2938066)
  • Update for Windows 7 (KB2952664) - Compatibility update for upgrading Windows 7.
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2959626) - Reliability improvements for Remote Desktop Session Host and RemoteApp.
  • Update for Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, and Windows Server 2008 R2 (KB2959936)
  • Update for Windows Embedded POSReady 7 and Windows 8.1 (KB2959943)
  • Update for Windows 8, Windows RT, and Windows Server 2012 (KB2960837) - Excel freezes when you convert Japanese characters in Windows.
  • Update for Windows 8.1 (KB2962183) - Xbox Games app.
  • Update for Windows 8.1 (KB2962184) - Xbox Music app.
  • Update for Windows 8.1 (KB2962185) - Xbox Video app.
  • Update for Windows 8.1 (KB2962186) - Bing Finance app.
  • Update for Windows 8.1 (KB2962187) - Bing Health & Fitness app.
  • Update for Windows 8.1 (KB2962188) - Bing News app.
  • Update for Windows 8.1 (KB2962189) - Bing Sports app.
  • Update for Windows 8.1 (KB2962190) - Bing Travel app.
  • Update for Windows 8.1 (KB2962191) - Bing Weather app.
  • Update for Windows 8.1 (KB2962192) - Bing Mapps app.
  • Update for Windows 8.1 (KB2962195) - Windows Reading List app.
  • Update for Windows 8.1 (KB2962196) - Calculator app.
  • Update for Windows 8.1 (KB2962197) - Alarms app.
  • Update for Windows 8.1 (KB2962198) - Sound Recorder app.
  • Update for Windows 8.1 (KB2962199) - Bing Food & Drink app.
  • Update for Windows 8.1 (KB2962200) - Scan app.
  • Update for Windows 8.1 (KB2962201) - Skype app.
  • Update for Windows 7 and Windows Server 2008 R2 (KB2966583)
  • Update for Windows 8, Windows RT, and Windows Server 2012 (KB2967916) - July 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2967917)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2971203) - July 2014 cumulative update for Windows Store in Windows 8.1 or Windows Server 2012 R2
  • Update for Windows 8.1 and Windows RT 8.1 (KB2972094) - The string of the Family Safety dialog box is not localized in Windows RT 8.1 or Windows 8.1
  • Update for Windows 7 and Windows Server 2008 R2 (KB2973337) - SHA512 is disabled in Windows 7 or Windows Server 2008 R2
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2975061)
  • Update for Windows 8.1 and Windows 8 (KB2976978)
  • Update for Windows 7 (KB2977759)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2980654)
  • Windows Malicious Software Removal Tool - July 2014 (KB890830)/Windows Malicious Software Removal Tool - July 2014 (KB890830) - Internet Explorer Version
  • Update for Windows 8, Windows RT, and Windows Server 2012 (KB2962407) - Windows RT, Windows 8, and Windows Server 2012 update rollup: June 2014.
  • Update for Windows RT (KB2973544) - An update to enable an automatic update from Windows RT to Windows RT 8.1.
  • Update for Windows 8 (KB2962156) - Camera app.
  • Update for Windows 8 (KB2962163) - Xbox Video app.
  • Update for Windows 8 (KB2962168) - Photos app.
  • Update for Windows 8 (KB2962169) - Xbox Games app.
  • Update for Windows 8 (KB2962171) - Xbox Music app.
  • Update for Windows 8 (KB2962173) - Bing Finance app.
  • Update for Windows 8 (KB2962175) - Bing News app.
  • Update for Windows 8 (KB2962176) - Bing Sports app.
  • Update for Windows 8 (KB2962177) - Bing Travel app.
  • Update for Windows 8 (KB2962178) - Bing Weather app.
  • Update for Windows 8 (KB2962179) - Bing Search app.
  • Update for Windows 8 (KB2962180) - Bing Maps app
  • Update for Windows 8 (KB2962181) - Reader app for Windows 8.
  • Update for Windows 8.1 (KB2962182) - Windows Communications Apps (People, Mail, Calendar)
  • Update for Windows 8.1 (KB2962193) . Microsoft Reader.
  • Update for Windows 8.1 (KB2962194) - Help and Tips app.

How to download and install the July 2014 security updates

microsoft security updates july 2014

July 2014 updates

Downloads are offered via Windows Update and Microsoft's Download Center.  If Windows update has not been modified, updates are downloaded and installed automatically on target systems.

It may still be worthwhile to check for updates manually since it may take a while before Windows runs an automatic check for updates.

The easiest way to do so is to tap on the Windows-key, tape Windows Update, and select the results from the list. Here you need to click on check for updates to run the check manually.

You can download all updates individually or in form of a monthly security ISO image from Microsoft's Download Center as well.

Additional information

Summary
Article Name
Microsoft Security Bulletins For July 2014 overview
Author
Description
Find out which security updates and non-security updates Microsoft has released in July 2014. The guide offers information about deployment, downloads and severity of updates.
Please share this article

facebooktwittergoogle_plusredditlinkedinmail


Filed under:

Responses to Microsoft Security Bulletins For July 2014 overview

  1. Niks July 8, 2014 at 7:55 pm #

    You use Windows 7 ? In one of your posts you mentioned you had moved to Windows 8/8.1 :/

    • Martin Brinkmann July 8, 2014 at 8:06 pm #

      I have two PCs, one with Windows 7 for work, the other with Windows 8 for testing and gaming ;)

      • Niks July 10, 2014 at 1:28 pm #

        No Linux ?

      • Martin Brinkmann July 10, 2014 at 1:37 pm #

        No, I'm a Windows guy.

      • Niks July 13, 2014 at 4:46 pm #

        Which one do you prefer ? I just moved to Windows 8.1 two days ago .I am kind of liking it .

      • Martin Brinkmann July 13, 2014 at 5:27 pm #

        I'm using W7 for work and like it a bit better even though W8 is not as bad as some say it is. You can limit the interface switching to a minimum. But, if I would have a choice, I'd disable the Start Screen as I don't really use it.

  2. ilev July 8, 2014 at 8:00 pm #

    Shitty Microsoft. Out of 10 updates (including Defender update) 8 have failed on Windows 7 64bit sp1.
    The only two to pass : Defender update and MRT.

    I read a week ago that Microsoft issued an update to Windows update. I didn't get it.

  3. TheAslan July 9, 2014 at 12:14 am #

    Out of 9 updates all installed successfully here. Running Windows 7 Enterprise x64 SP1.

    • ilev July 9, 2014 at 7:10 am #

      Managed to install 5 update. 3 updates : IE10 update and 2 related to SSL/TLS.. failed with 8007054F.

      • Martin Brinkmann July 9, 2014 at 7:48 am #

        Mine installed fine on W7 64-bit Pro

      • ilev July 9, 2014 at 11:37 am #

        Martin,

        It is about time that after 20 years Windows Update will present simple readable error report stating exactly what went wrong : a corrupt/missing registry key, missing file,.. an application blocking the update...
        But that is wishful thinking as no one at Microsoft knows any more what the OS, which is really Windows 2000/NT in a new clothing, with the same copied security holes... does..

  4. Nebulus July 9, 2014 at 12:23 am #

    I use XP, so I don't have to worry about this anymore :))

Leave a Reply