Microsoft Security Bulletins For January 2014 overview

Martin Brinkmann
Jan 14, 2014
Updated • Feb 15, 2014
Microsoft, Windows Updates
|
16

Welcome to the overview of Microsoft's January 2014 patch Tuesday. Microsoft has released a total of four bulletins on the first patch day of the year 2014, all of which have received the maximum severity rating of important.

A severity rating of important is the second-highest possible rating after critical. It means that at least one Microsoft product has received the severity rating, while others may have received the same rating, a lower rating, or none at all if they are not affected by the vulnerability.

The information below provide you with everything there is to know about the security patches and non-security patches that Microsoft has released this month, or after the last patch day.

We list the operating system and Office distribution so that you can easily look up the products that matter to you, provide you with a deployment guide, link to all security and non-security updates on the Microsoft website, and describe the various ways they can be downloaded and installed.

Operating System Distribution

Only two bulletins address issues in Microsoft server or client operating systems. Several operating systems, Windows Vista and all Windows 8 versions on the client side, and Windows Server 2008, Windows Server 2012 and Windows Server 2012 R2 on the server side are not affected at all this month.

All remaining operating systems, Windows XP and Windows 7 on the client side, and Windows Server 2003 and Windows Server 2008 R2 on the server side are affected by one of the bulletins only.

  • Windows XP:  1 important
  • Windows Vista: not affected
  • Windows 7:  1 important
  • Windows 8:  not affected
  • Windows 8.1: not affected
  • Windows RT: not affected
  • Windows RT 8.1:  not affected
  • Windows Server 2003: 1 important
  • Windows Server 2008: not affected
  • Windows Server 2008 R2: 1 important
  • Windows Server 2012: not affected
  • Windows Server 2012 R2: not affected

Office Distribution

One of the remaining two bulletins impacts all Microsoft Office versions. It is interesting to note that it affects them all in the same way.

Each Office version has received the same severity rating of important.

  • Microsoft Office 2003: 1 important
  • Microsoft Office 2007: 1 important
  • Microsoft Office 2010: 1 important
  • Microsoft Office 2013: 1 important
  • Microsoft SharePoint Server 2010: 1 important
  • Microsoft SharePoint Server 2013: 1 important
  • Microsoft Office Web Apps 2010: 1 important
  • Microsoft Office Web Apps 2013: 1 important

Deployment Guide

deployment-priority-guide-january-2014

Microsoft releases a deployment guide each month that system administrators can use as a guideline for deployment.

The top priority this month is the MS14-002 vulnerability in Windows Kernel that could allow an elevation or privileges.

The company suggests the following deployment priority for this month's bulletins.

  • Tier 1 updates: MS14-002 Kernel
  • Tier 2 updates: MS14-001 Word, MS14-003 KMD
  • Tier 3 updates: MS14-004 Dynamics AX

Security Bulletins

  • MS14-001 - Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)
  • MS14-002 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368)
  • MS14-003 - Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2913602)
  • MS14-004 - Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service (2880826)

Other security-related information

  • Windows Malicious Software Removal Tool - January 2014 (KB890830)/Windows Malicious Software Removal Tool - January 2014 (KB890830) - Internet Explorer Version
  • Microsoft security advisory: Improperly issued digital certificates could allow spoofing - (KB2917500) - Security Update for Windows 8.1, Windows 8, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP
  • Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (revised) - (KB2755801)
  • Re-release of MS13-081 for systems where the initial update failed on (MS13-081)

Non-security related updates

  • Update for Windows 8.1, Windows RT 8.1, Windows 8, and Windows RT (KB2894853)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2904440)
  • Windows RT, Windows 8, and Windows Server 2012 update rollup: January 2014 -  (KB2911101) - Update for Windows 8, Windows RT, and Windows Server 2012
  • Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update rollup: January 2014 - (KB2911106) - Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2913270)
  • Update for Windows 7 and Windows Server 2008 R2 (KB2913431)
  • Dynamic Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2914220)
  • Update for Windows 8, Windows RT, and Windows Server 2012 (KB2917499)
  • Screen turns black when it rotates from portrait orientation to landscape orientation in Windows - (KB2917993) - Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
  • Description of Windows SharePoint Services 3.0 SP3 and of Windows SharePoint Services 3.0 Language Pack SP3 - (KB2526305) - Windows SharePoint Services 3.0 Service Pack 3 x64 Edition
  • Windows RT, Windows 8, and Windows Server 2012 update rollup: December 2013 - (KB2903938) - Update for Windows 8, Windows RT, and Windows Server 2012
  • Surface 2 prompts you for the BitLocker recovery key when you restart the device - (KB2921482) -  Update for Windows RT 8.1
  • AV_NULL_IP_BTHUSB!USBD_CreateHandle" Stop error on a Windows 8.1-based computer that has certain MediaTek drivers installed - (KB2917488) - Dynamic Update for Windows 8.1
  • Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update rollup: November 2013 - (KB2887595) - Update for Windows 8.1
  • Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update rollup: December 2013 - (KB2903939) - Update for Windows 8.1

How to download and install the January 2014 security updates

All security-related updates are available via Microsoft's Windows Update service which means that the updates will be delivered automatically to most home users.

Users who have blocked the automatic update feature can download the latest security updates and regular updates from Microsoft's Download Center website instead.

A DVD image containing all security updates of the month will also be made available soon.

It may make sense to download updates from Microsoft if they need to be deployed on multiple systems as it will save bandwidth in the progress.

It is alternatively possible to use third-party download tools to download all patches for Windows and other Microsoft products.

Additional information

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Some Dude said on March 19, 2023 at 11:42 am
    Reply

    Are these articles AI generated?

    Now the duplicates are more obvious.

    1. boris said on March 19, 2023 at 11:48 pm
      Reply

      This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.

  2. Paul(us) said on March 20, 2023 at 1:32 am
    Reply

    Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
    1.) Excel Keyboard Shortcuts by Trevor Monteiro.
    2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro

    Why oh why?

    1. Clairvaux said on September 6, 2023 at 11:30 am
      Reply

      Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?

  3. John G. said on August 18, 2023 at 4:36 pm
    Reply

    Probably they will announce that the taskbar will be placed at top, right or left, at your will.

    Special event by they is a special crap for us.

  4. yanta said on August 18, 2023 at 11:59 pm
    Reply

    If it’s Microsoft, don’t buy it.
    Better brands at better prices elsewhere.

  5. John G. said on August 20, 2023 at 4:22 am
    Reply

    All new articles have zero count comments. :S

  6. Anonymous said on September 5, 2023 at 7:48 am
    Reply

    WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
    It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage

    I have O365 until end of this year, mostly for onedrive and probably will jump into google one

  7. St Albans Digital Printing Inc said on September 5, 2023 at 11:53 am
    Reply

    Photo storage must be kept free because customers chose gadgets just for photos and photos only.

  8. Anonymous said on September 5, 2023 at 12:47 pm
    Reply

    What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?

    1. GG said on September 6, 2023 at 8:24 am
      Reply

      Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.

      I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.

      And now that they discovered what poor management results in do they go back and do the album feature properly?

      Nope, just charge the customer twice.

      Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.

  9. d3x said on September 5, 2023 at 7:33 pm
    Reply

    When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?

  10. Scroogled said on September 5, 2023 at 10:47 pm
    Reply

    Instead of a software company, Microsoft is now a fraud company.

  11. ard said on September 7, 2023 at 4:59 pm
    Reply

    For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
    quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
    unquote

    so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.

  12. Andy Prough said on September 7, 2023 at 6:52 pm
    Reply

    >”Now You: what is your theory?”

    That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.

    Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.

  13. TelV said on September 8, 2023 at 12:04 pm
    Reply

    Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.

  14. Anonymous said on September 18, 2023 at 1:23 pm
    Reply

    The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.