Microsoft Security Bulletins For September 2014
Welcome to the September 2014 Microsoft update overview. It provides you with information about all security and non-security updates that Microsoft has released since August's patch day.
Microsoft released a total of four security bulletins this month fixing a total of 42 vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Internet Explorer and Microsoft Lync Server.
One of the bulletins has the highest security rating critical while the remaining three the second highest rating of important.
You find detailed information about all four bulletins and other patches that Microsoft released this month below.
If you are in a hurry, check out the executive summary and the deployment guide to get started.
Executive Summary
- A total of four security bulletins addressing 42 vulnerabilities have been released this month.
- Affected by vulnerabilities are Microsoft Windows operating systems. Internet Explorer. the .NET Framework and Lync Server.
- One bulletin received the highest severity rating of critical.
- Top deployment this month is MS14-052, a critical bulletin that addresses issues in Internet Explorer.
Video Summary
Operating System Distribution
Client and server operating systems may be affected by security vulnerabilities in different ways. Windows Vista and Windows 7 are only affected by two of the three bulletins affecting the client side of things while all Windows 8 and Windows RT versions are affected by three.
The same is true for server operating systems but with the difference that server systems are not affected in a critical way while all client operating systems are.
- Windows Vista: 1 critical, 1 important
- Windows 7:Â Â 1 critical, 1 important
- Windows 8:Â 1 critical, 2 important
- Windows 8.1: 1 critical, 2 important
- Windows RT: 1 critical, 2 important
- Windows RT 8.1:Â 1 critical, 2 important
- Windows Server 2003: 1 important, 1 moderate
- Windows Server 2008: 1 important, 1 moderate
- Windows Server 2008 R2: 1 important, 1 moderate
- Windows Server 2012: 2 important, 1 moderate
- Windows Server 2012 R2: 2 important, 1 moderate
- Server Core installation: 2 important
Other Microsoft Product Distribution
- Microsoft Lync Server: 1 important
Deployment Guide
- Tier 1: MS14-052 Internet Explorer (critical)
- Tier 2: MS14-054 Task Scheduler and MS14-053 Microsoft .NET Framework (both important)
- Tier 3: MS14-055 Lync Server (important)
Security Bulletins
- MS14-052 - Cumulative Security Update for Internet Explorer (2977629) - Critical - Remote Code Execution
- MS14-053 - Vulnerability in .NET Framework Could Allow Denial of Service (2990931) - Important - Denial of Service
- MS14-054 - Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (2988948) - Important - Elevation of Privilege
- MS14-055 - Vulnerabilities in Microsoft Lync Server Could Allow Denial of Service (2990928) - Important - Denial of Service
Security related updates
MS14-045: Security Update for Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 8, Windows RT, Windows Server 2012, Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP Embedded (KB2993651)
Security Advisories
Non-security related updates
- Update for Windows 7 and Windows Server 2008 R2 (KB2977728)
- Update for Windows 7 and Windows Server 2008 R2 (KB2978092) - Graphics software or applications crash when they use WARP for software rendering in Windows
- Update for Windows 8 and Windows RT (KB2979501)
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2981685)
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2984005)
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2984006)
- Update for Windows 7 and Windows Server 2008 R2 (KB2985461)
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2989540)
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2989647)
- Update for Windows Server 2012, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB2989956)
- Update for Windows 8.1 (KB2990967)
- Windows Malicious Software Removal Tool - September 2014 (KB890830)
- Update for Windows 7 and Windows Server 2008 R2 (KB2970228) - Update to support the new currency symbol for the Russian ruble in Windows
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2975331) - August 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012
- Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2975719) - August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
- Update for Windows 8 and Windows RT (KB2973544) - An update to enable an automatic update from Windows 8 to Windows 8.1
How to download and install the August 2014 security updates
The security updates are downloaded and installed automatically on most client systems. While that is the case it is still recommended to check for the updates manually as some time may pass before the system itself picks them up.
You can do so with a tap on the Windows-key, typing Windows Update and selecting the result of the same name. A click on check for updates on the new page runs a manual check for updates.
The operating system will display all found updates with options to download and install them right away.
All updates are also available for download on Microsoft's Download Center. Here you will also find security ISO images for the month which include all patches so that they don't have to be downloaded individually.
Additional information
- Microsoft Security Response Center blog on the 2014 Bulletin Release
- Microsoft Security Bulletin Summary for September 2014
- List of software updates for Microsoft products 2014
- Our in-depth update guide for Windows
Are these articles AI generated?
Now the duplicates are more obvious.
This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.
Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
1.) Excel Keyboard Shortcuts by Trevor Monteiro.
2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro
Why oh why?
Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?
Probably they will announce that the taskbar will be placed at top, right or left, at your will.
Special event by they is a special crap for us.
If it’s Microsoft, don’t buy it.
Better brands at better prices elsewhere.
All new articles have zero count comments. :S
WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage
I have O365 until end of this year, mostly for onedrive and probably will jump into google one
Photo storage must be kept free because customers chose gadgets just for photos and photos only.
What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?
Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.
I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.
And now that they discovered what poor management results in do they go back and do the album feature properly?
Nope, just charge the customer twice.
Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.
When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?
Instead of a software company, Microsoft is now a fraud company.
For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
unquote
so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.
>”Now You: what is your theory?”
That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.
Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.
Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.
The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.