Microsoft Security Bulletins For January 2014 overview

Welcome to the overview of Microsoft's January 2014 patch Tuesday. Microsoft has released a total of four bulletins on the first patch day of the year 2014, all of which have received the maximum severity rating of important.
A severity rating of important is the second-highest possible rating after critical. It means that at least one Microsoft product has received the severity rating, while others may have received the same rating, a lower rating, or none at all if they are not affected by the vulnerability.
The information below provide you with everything there is to know about the security patches and non-security patches that Microsoft has released this month, or after the last patch day.
We list the operating system and Office distribution so that you can easily look up the products that matter to you, provide you with a deployment guide, link to all security and non-security updates on the Microsoft website, and describe the various ways they can be downloaded and installed.
Operating System Distribution
Only two bulletins address issues in Microsoft server or client operating systems. Several operating systems, Windows Vista and all Windows 8 versions on the client side, and Windows Server 2008, Windows Server 2012 and Windows Server 2012 R2 on the server side are not affected at all this month.
All remaining operating systems, Windows XP and Windows 7 on the client side, and Windows Server 2003 and Windows Server 2008 R2 on the server side are affected by one of the bulletins only.
- Windows XP:Â 1 important
- Windows Vista: not affected
- Windows 7:Â 1 important
- Windows 8:Â not affected
- Windows 8.1: not affected
- Windows RT: not affected
- Windows RT 8.1:Â not affected
- Windows Server 2003: 1 important
- Windows Server 2008: not affected
- Windows Server 2008 R2: 1 important
- Windows Server 2012: not affected
- Windows Server 2012 R2: not affected
Office Distribution
One of the remaining two bulletins impacts all Microsoft Office versions. It is interesting to note that it affects them all in the same way.
Each Office version has received the same severity rating of important.
- Microsoft Office 2003: 1 important
- Microsoft Office 2007: 1 important
- Microsoft Office 2010:Â 1 important
- Microsoft Office 2013: 1 important
- Microsoft SharePoint Server 2010: 1 important
- Microsoft SharePoint Server 2013: 1 important
- Microsoft Office Web Apps 2010: 1 important
- Microsoft Office Web Apps 2013: 1 important
Deployment Guide
Microsoft releases a deployment guide each month that system administrators can use as a guideline for deployment.
The top priority this month is the MS14-002 vulnerability in Windows Kernel that could allow an elevation or privileges.
The company suggests the following deployment priority for this month's bulletins.
- Tier 1 updates: MS14-002 Kernel
- Tier 2 updates: MS14-001 Word, MS14-003 KMD
- Tier 3 updates: MS14-004 Dynamics AX
Security Bulletins
- MS14-001 - Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)
- MS14-002 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368)
- MS14-003 - Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2913602)
- MS14-004 - Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service (2880826)
Other security-related information
- Windows Malicious Software Removal Tool - January 2014 (KB890830)/Windows Malicious Software Removal Tool - January 2014 (KB890830) - Internet Explorer Version
- Microsoft security advisory: Improperly issued digital certificates could allow spoofing -Â (KB2917500) - Security Update for Windows 8.1, Windows 8, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP
- Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (revised) - (KB2755801)
- Re-release of MS13-081 for systems where the initial update failed on (MS13-081)
Non-security related updates
- Update for Windows 8.1, Windows RT 8.1, Windows 8, and Windows RT (KB2894853)
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2904440)
- Windows RT, Windows 8, and Windows Server 2012 update rollup: January 2014 -Â (KB2911101) - Update for Windows 8, Windows RT, and Windows Server 2012
- Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update rollup: January 2014 - (KB2911106) - Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2913270)
- Update for Windows 7 and Windows Server 2008 R2 (KB2913431)
- Dynamic Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2914220)
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2917499)
- Screen turns black when it rotates from portrait orientation to landscape orientation in Windows - (KB2917993) - Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
- Description of Windows SharePoint Services 3.0 SP3 and of Windows SharePoint Services 3.0 Language Pack SP3 - (KB2526305) - Windows SharePoint Services 3.0 Service Pack 3 x64 Edition
- Windows RT, Windows 8, and Windows Server 2012 update rollup: December 2013Â - (KB2903938) - Update for Windows 8, Windows RT, and Windows Server 2012
- Surface 2 prompts you for the BitLocker recovery key when you restart the device - (KB2921482) -Â Update for Windows RT 8.1
- AV_NULL_IP_BTHUSB!USBD_CreateHandle" Stop error on a Windows 8.1-based computer that has certain MediaTek drivers installed - (KB2917488) -Â Dynamic Update for Windows 8.1
- Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update rollup: November 2013 -Â (KB2887595) - Update for Windows 8.1
- Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update rollup: December 2013 - (KB2903939) - Update for Windows 8.1
How to download and install the January 2014 security updates
All security-related updates are available via Microsoft's Windows Update service which means that the updates will be delivered automatically to most home users.
Users who have blocked the automatic update feature can download the latest security updates and regular updates from Microsoft's Download Center website instead.
A DVD image containing all security updates of the month will also be made available soon.
It may make sense to download updates from Microsoft if they need to be deployed on multiple systems as it will save bandwidth in the progress.
It is alternatively possible to use third-party download tools to download all patches for Windows and other Microsoft products.
Additional information
- Microsoft Security Response Center blog on the 2014 Bulletin Release
- Microsoft Security Bulletin Summary for January 2014
- List of software updates for Microsoft products 2014
Are these articles AI generated?
Now the duplicates are more obvious.
This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.
Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
1.) Excel Keyboard Shortcuts by Trevor Monteiro.
2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro
Why oh why?
Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?
Probably they will announce that the taskbar will be placed at top, right or left, at your will.
Special event by they is a special crap for us.
If it’s Microsoft, don’t buy it.
Better brands at better prices elsewhere.
All new articles have zero count comments. :S
WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage
I have O365 until end of this year, mostly for onedrive and probably will jump into google one
Photo storage must be kept free because customers chose gadgets just for photos and photos only.
What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?
Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.
I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.
And now that they discovered what poor management results in do they go back and do the album feature properly?
Nope, just charge the customer twice.
Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.
When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?
Instead of a software company, Microsoft is now a fraud company.
For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
unquote
so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.
>”Now You: what is your theory?”
That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.
Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.
Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.
The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.