Microsoft Security Bulletins For July 2014 overview
Welcome to the overview of Microsoft's Patch Tuesday for July 2014. It lists all information about this month's security and non-security updates for Microsoft operating systems and other company products.
A total of six bulletins are released this month that fix 29 vulnerabilities in Microsoft Windows, Internet Explorer and Microsoft Server Software.
Two of the bulletins have received the highest severity rating of critical, three a severity rating of important, and one of moderate. This means that at least one Microsoft product is affected by the severity in this way, while other products may be affected in the same way, less, or not at all.
Check out the executive summary below if you are in a hurry, or read all sections of the guide for the complete picture.
Executive Summary
- Six bulletins addressing a total of 29 vulnerabilities have been released by Microsoft this month.
- Affected products include Windows, Server software and the Internet Explorer browser.
- Two bulletins have received the highest severity rating of critical.
- The top deployment priorities are MS14-037 addressing vulnerabilities in Internet Explorer and MS14-038 addressing vulnerabilities in Windows Journal.
Video Summary
Operating System Distribution
All Windows client-based operating systems with the exception of Windows RT and RT 8.1 share the same vulnerability distribution. All are affected by two critical and three important bulletins. Windows RT and RT 8.1 are affected by two critical and two important bulletins.
The server distribution is identical as well except for Windows Server 2003 which is affected less severely. All server-based Windows products except 2003 are affected by one critical, three important and one moderate bulletin. Server 2003 is only affected by one important and one moderate vulnerability.
Windows Vista: 2 critical, 3 important
Windows 7: 2 critical, 3 important
Windows 8: 2 critical, 3 important
Windows 8.1: 2 critical, 3 important
Windows RT: 2 critical, 2 important
Windows RT 8.1: 2 critical, 2 important
Windows Server 2003: 1 important, 1 moderate
Windows Server 2008: 1 critical, 3 important, 1 moderate
Windows Server 2008 R2: 1 critical, 3 important, 1 moderate
Windows Server 2012: 1 critical, 3 important, 1 moderate
Windows Server 2012 R2: 1 critical, 3 important, 1 moderate
Server Core installation: 2 important
Deployment Guide
Microsoft suggests the following deployment priority for this month's bulletins:
- Tier 1: MS14-037 Internet Explorer and MS14-038 Journal
- Tier 2: MS14-039 Keyboard, MS14-040 AFD and MS14-041 DirectShow
- Tier3: MS14-042 Service Bus
Security Bulletins
- MS14-037 - Cumulative Security Update for Internet Explorer (2975687) - Critical - Remote Code Execution
- MS14-038 - Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) - Critical - Remove Code Execution
- MS14-039 -Â Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685) - Important - Elevation of Privilege
- MS14-040 - Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege (2975684)Â - Important - Elevation of Privilege
- MS14-041 - Vulnerability in DirectShow Could Allow Elevation of Privilege (2975681) - Important - Elevation of Privilege
- MS14-042 - Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621) -Â Moderate
Denial of Service
Security Advisories
- Microsoft Security Advisory 2871997 (revised) - Update to Improve Credentials Protection and Management - Changes default behavior for Restricted Admin mode on Windows 8.1 and Windows Server 2012 R2.
- Microsoft Security Advisory 2960358 (revised) - Update for Disabling RC4 in .NET TLS.
- Microsoft Security Advisory 2755801 (revised) - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
Non-security related updates
- Update for Windows 8 and Windows Server 2012 (KB2937636) - Update to Microsoft Update client.
- Update for Windows 8.1, Windows Server 2012 R2, Windows 8, and Windows Server 2012 (KB2938066)
- Update for Windows 7 (KB2952664) - Compatibility update for upgrading Windows 7.
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2959626) - Reliability improvements for Remote Desktop Session Host and RemoteApp.
- Update for Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, and Windows Server 2008 R2 (KB2959936)
- Update for Windows Embedded POSReady 7 and Windows 8.1 (KB2959943)
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2960837) - Excel freezes when you convert Japanese characters in Windows.
- Update for Windows 8.1 (KB2962183) - Xbox Games app.
- Update for Windows 8.1 (KB2962184) - Xbox Music app.
- Update for Windows 8.1 (KB2962185) - Xbox Video app.
- Update for Windows 8.1 (KB2962186) - Bing Finance app.
- Update for Windows 8.1 (KB2962187) - Bing Health & Fitness app.
- Update for Windows 8.1 (KB2962188) - Bing News app.
- Update for Windows 8.1 (KB2962189) - Bing Sports app.
- Update for Windows 8.1 (KB2962190) - Bing Travel app.
- Update for Windows 8.1 (KB2962191) - Bing Weather app.
- Update for Windows 8.1 (KB2962192) - Bing Mapps app.
- Update for Windows 8.1 (KB2962195) - Windows Reading List app.
- Update for Windows 8.1 (KB2962196) - Calculator app.
- Update for Windows 8.1 (KB2962197) - Alarms app.
- Update for Windows 8.1 (KB2962198) - Sound Recorder app.
- Update for Windows 8.1 (KB2962199) - Bing Food & Drink app.
- Update for Windows 8.1 (KB2962200) - Scan app.
- Update for Windows 8.1 (KB2962201) - Skype app.
- Update for Windows 7 and Windows Server 2008 R2 (KB2966583)
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2967916) - July 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2967917)
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2971203) - July 2014 cumulative update for Windows Store in Windows 8.1 or Windows Server 2012 R2
- Update for Windows 8.1 and Windows RT 8.1 (KB2972094) - The string of the Family Safety dialog box is not localized in Windows RT 8.1 or Windows 8.1
- Update for Windows 7 and Windows Server 2008 R2 (KB2973337) - SHA512 is disabled in Windows 7 or Windows Server 2008 R2
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2975061)
- Update for Windows 8.1 and Windows 8 (KB2976978)
- Update for Windows 7 (KB2977759)
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2980654)
- Windows Malicious Software Removal Tool - July 2014 (KB890830)/Windows Malicious Software Removal Tool - July 2014 (KB890830) - Internet Explorer Version
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2962407) - Windows RT, Windows 8, and Windows Server 2012 update rollup: June 2014.
- Update for Windows RT (KB2973544) - An update to enable an automatic update from Windows RT to Windows RT 8.1.
- Update for Windows 8 (KB2962156) - Camera app.
- Update for Windows 8 (KB2962163) - Xbox Video app.
- Update for Windows 8 (KB2962168) - Photos app.
- Update for Windows 8 (KB2962169) - Xbox Games app.
- Update for Windows 8 (KB2962171) - Xbox Music app.
- Update for Windows 8 (KB2962173) - Bing Finance app.
- Update for Windows 8 (KB2962175) - Bing News app.
- Update for Windows 8 (KB2962176) - Bing Sports app.
- Update for Windows 8 (KB2962177) - Bing Travel app.
- Update for Windows 8 (KB2962178) - Bing Weather app.
- Update for Windows 8 (KB2962179) - Bing Search app.
- Update for Windows 8 (KB2962180) - Bing Maps app
- Update for Windows 8 (KB2962181) - Reader app for Windows 8.
- Update for Windows 8.1 (KB2962182) - Windows Communications Apps (People, Mail, Calendar)
- Update for Windows 8.1 (KB2962193) . Microsoft Reader.
- Update for Windows 8.1 (KB2962194) - Help and Tips app.
How to download and install the July 2014 security updates
Downloads are offered via Windows Update and Microsoft's Download Center. If Windows update has not been modified, updates are downloaded and installed automatically on target systems.
It may still be worthwhile to check for updates manually since it may take a while before Windows runs an automatic check for updates.
The easiest way to do so is to tap on the Windows-key, tape Windows Update, and select the results from the list. Here you need to click on check for updates to run the check manually.
You can download all updates individually or in form of a monthly security ISO image from Microsoft's Download Center as well.
Additional information
- Microsoft Security Response Center blog on the 2014 Bulletin Release
- Microsoft Security Bulletin Summary for July 2014
- List of software updates for Microsoft products 2014
- All Microsoft Security Release ISO Images
- Our in-depth update guide for Windows
The best advice at this point is to not install any updates that are problematic. Even if these updates are so-called “security” updates, it doesn’t matter—you are far safer tightening up your system security while you wait for a work-around or fix to the problem update. Sometimes these updates are unnecessary anyway depending upon your system (i.e. – server vs. desktop).
In the meantime, it would be a good idea to spend some time researching the problem updates further to determine if you really need to apply the update as opposed to simply skipping it and also hiding it within your Windows Update module.
After last year’s update roll-out fiasco from Microsoft——-it just makes technical sense nowadays to scrutinize every update from Microsoft. Obviously they’re not too concerned with thorough testing and secure implementation prior to releasing these updates——-for if they were, it logically stands to reason that we would not encounter nearly half as many problems as we have already been exposed to due to Micro-Money’s negligence in this regard.
To say that Microsoft had no way of anticipating any of the botched updates it pushed last year is like trying to convince people that pigs can fly——-that’s just complete and utter nonsense!
http://www.infoworld.com/article/2607451/microsoft-windows/microsoft-ships-replacement-patch-kb-2993651-with-two-known-bugs.html
http://www.zdnet.com/article/microsoft-reissues-flawed-windows-security-update-with-new-flaws/
http://windowsitpro.com/security/what-you-should-know-about-kb2993651-installing-it
As long as you have a good system security suite and good supplemental Antispyware/Antimalware software installed and up to date and they’re also properly configured, you don’t have to worry about holding off a little while before installing any questionable updates from Microsoft.
Trust me——-being scrupulous with Microsoft updates has essentially now become a Windows PC best practice, in order to avert any potential problems caused by these poorly constructed and poorly tested updates.
It really is amazing how some in IT still live in a Microsoft bubble——-believing that Microsoft does the absolute best they can to ensure that updates are released without problems and when found that Microsoft is quick to resolve the problem——-realistically speaking, that couldn’t be further from the truth, especially when one considers Microsoft’s recent history of update failures, which by the way, caused some very serious system failures across multiple Windows platforms that spanned several months last year with August and September bringing forth the absolute worst of it. And even after Microsoft issued supposed patches for these egregious update errors, a majority of those also flopped and/or caused even more problems.
Can someone from Microsoft say…”poor management?!”
To say the very least…that phrase is an understatement…
I use XP, so I don’t have to worry about this anymore :))
Out of 9 updates all installed successfully here. Running Windows 7 Enterprise x64 SP1.
Managed to install 5 update. 3 updates : IE10 update and 2 related to SSL/TLS.. failed with 8007054F.
Martin,
It is about time that after 20 years Windows Update will present simple readable error report stating exactly what went wrong : a corrupt/missing registry key, missing file,.. an application blocking the update…
But that is wishful thinking as no one at Microsoft knows any more what the OS, which is really Windows 2000/NT in a new clothing, with the same copied security holes… does..
Mine installed fine on W7 64-bit Pro
Shitty Microsoft. Out of 10 updates (including Defender update) 8 have failed on Windows 7 64bit sp1.
The only two to pass : Defender update and MRT.
I read a week ago that Microsoft issued an update to Windows update. I didn’t get it.
You use Windows 7 ? In one of your posts you mentioned you had moved to Windows 8/8.1 :/
I have two PCs, one with Windows 7 for work, the other with Windows 8 for testing and gaming ;)
Which one do you prefer ? I just moved to Windows 8.1 two days ago .I am kind of liking it .
I’m using W7 for work and like it a bit better even though W8 is not as bad as some say it is. You can limit the interface switching to a minimum. But, if I would have a choice, I’d disable the Start Screen as I don’t really use it.
No Linux ?
No, I’m a Windows guy.