Welcome to the overview of Microsoft's Patch Tuesday for July 2014. It lists all information about this month's security and non-security updates for Microsoft operating systems and other company products.
A total of six bulletins are released this month that fix 29 vulnerabilities in Microsoft Windows, Internet Explorer and Microsoft Server Software.
Two of the bulletins have received the highest severity rating of critical, three a severity rating of important, and one of moderate. This means that at least one Microsoft product is affected by the severity in this way, while other products may be affected in the same way, less, or not at all.
Check out the executive summary below if you are in a hurry, or read all sections of the guide for the complete picture.
Executive Summary
Video Summary
Operating System Distribution
All Windows client-based operating systems with the exception of Windows RT and RT 8.1 share the same vulnerability distribution. All are affected by two critical and three important bulletins. Windows RT and RT 8.1 are affected by two critical and two important bulletins.
The server distribution is identical as well except for Windows Server 2003 which is affected less severely. All server-based Windows products except 2003 are affected by one critical, three important and one moderate bulletin. Server 2003 is only affected by one important and one moderate vulnerability.
Windows Vista: 2 critical, 3 important
Windows 7: 2 critical, 3 important
Windows 8: 2 critical, 3 important
Windows 8.1: 2 critical, 3 important
Windows RT: 2 critical, 2 important
Windows RT 8.1: 2 critical, 2 important
Windows Server 2003: 1 important, 1 moderate
Windows Server 2008: 1 critical, 3 important, 1 moderate
Windows Server 2008 R2: 1 critical, 3 important, 1 moderate
Windows Server 2012: 1 critical, 3 important, 1 moderate
Windows Server 2012 R2: 1 critical, 3 important, 1 moderate
Server Core installation: 2 important
Deployment Guide
Microsoft suggests the following deployment priority for this month's bulletins:
Security Bulletins
Security Advisories
Non-security related updates
How to download and install the July 2014 security updates
Downloads are offered via Windows Update and Microsoft's Download Center. If Windows update has not been modified, updates are downloaded and installed automatically on target systems.
It may still be worthwhile to check for updates manually since it may take a while before Windows runs an automatic check for updates.
The easiest way to do so is to tap on the Windows-key, tape Windows Update, and select the results from the list. Here you need to click on check for updates to run the check manually.
You can download all updates individually or in form of a monthly security ISO image from Microsoft's Download Center as well.
Additional information
Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
You use Windows 7 ? In one of your posts you mentioned you had moved to Windows 8/8.1 :/
I have two PCs, one with Windows 7 for work, the other with Windows 8 for testing and gaming ;)
No Linux ?
No, I’m a Windows guy.
Which one do you prefer ? I just moved to Windows 8.1 two days ago .I am kind of liking it .
I’m using W7 for work and like it a bit better even though W8 is not as bad as some say it is. You can limit the interface switching to a minimum. But, if I would have a choice, I’d disable the Start Screen as I don’t really use it.
Shitty Microsoft. Out of 10 updates (including Defender update) 8 have failed on Windows 7 64bit sp1.
The only two to pass : Defender update and MRT.
I read a week ago that Microsoft issued an update to Windows update. I didn’t get it.
Out of 9 updates all installed successfully here. Running Windows 7 Enterprise x64 SP1.
Managed to install 5 update. 3 updates : IE10 update and 2 related to SSL/TLS.. failed with 8007054F.
Mine installed fine on W7 64-bit Pro
Martin,
It is about time that after 20 years Windows Update will present simple readable error report stating exactly what went wrong : a corrupt/missing registry key, missing file,.. an application blocking the update…
But that is wishful thinking as no one at Microsoft knows any more what the OS, which is really Windows 2000/NT in a new clothing, with the same copied security holes… does..
I use XP, so I don’t have to worry about this anymore :))
The best advice at this point is to not install any updates that are problematic. Even if these updates are so-called “security” updates, it doesn’t matter—you are far safer tightening up your system security while you wait for a work-around or fix to the problem update. Sometimes these updates are unnecessary anyway depending upon your system (i.e. – server vs. desktop).
In the meantime, it would be a good idea to spend some time researching the problem updates further to determine if you really need to apply the update as opposed to simply skipping it and also hiding it within your Windows Update module.
After last year’s update roll-out fiasco from Microsoft——-it just makes technical sense nowadays to scrutinize every update from Microsoft. Obviously they’re not too concerned with thorough testing and secure implementation prior to releasing these updates——-for if they were, it logically stands to reason that we would not encounter nearly half as many problems as we have already been exposed to due to Micro-Money’s negligence in this regard.
To say that Microsoft had no way of anticipating any of the botched updates it pushed last year is like trying to convince people that pigs can fly——-that’s just complete and utter nonsense!
http://www.infoworld.com/article/2607451/microsoft-windows/microsoft-ships-replacement-patch-kb-2993651-with-two-known-bugs.html
http://www.zdnet.com/article/microsoft-reissues-flawed-windows-security-update-with-new-flaws/
http://windowsitpro.com/security/what-you-should-know-about-kb2993651-installing-it
As long as you have a good system security suite and good supplemental Antispyware/Antimalware software installed and up to date and they’re also properly configured, you don’t have to worry about holding off a little while before installing any questionable updates from Microsoft.
Trust me——-being scrupulous with Microsoft updates has essentially now become a Windows PC best practice, in order to avert any potential problems caused by these poorly constructed and poorly tested updates.
It really is amazing how some in IT still live in a Microsoft bubble——-believing that Microsoft does the absolute best they can to ensure that updates are released without problems and when found that Microsoft is quick to resolve the problem——-realistically speaking, that couldn’t be further from the truth, especially when one considers Microsoft’s recent history of update failures, which by the way, caused some very serious system failures across multiple Windows platforms that spanned several months last year with August and September bringing forth the absolute worst of it. And even after Microsoft issued supposed patches for these egregious update errors, a majority of those also flopped and/or caused even more problems.
Can someone from Microsoft say…”poor management?!”
To say the very least…that phrase is an understatement…