Headline
Assessing risk for the July 2014 security updates
Today we released six security bulletins addressing 29 unique CVE’s. Two bulletins have a maximum severity rating of Critical, three have maximum severity Important, and one is Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max exploit-ability Likely first 30 days impact Platform mitigations and key notes MS14-037(Internet Explorer) Victim browses to a malicious webpage.
Today we released six security bulletins addressing 29 unique CVE’s. Two bulletins have a maximum severity rating of Critical, three have maximum severity Important, and one is Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment.
Bulletin
Most likely attack vector
Max Bulletin Severity
Max exploit-ability
Likely first 30 days impact
Platform mitigations and key notes
MS14-037(Internet Explorer)
Victim browses to a malicious webpage.
Critical
1
Likely to see reliable exploits developed within next 30 days.
Addresses 23 remote code execution issues and one lower severity Security Feature Bypass vulnerability.
MS14-038(Windows Journal)
Victim opens malicious .JNT file or navigates with Explorer to a WebDAV share under attacker control where a malicious .JNT file is automatically rendered.
Critical
1
Likely to see reliable exploits developed within next 30 days.
MS14-040(AFD.sys)
Attacker running code at low privilege runs exploit binary to elevate to SYSTEM.
Important
1
Likely to see reliable exploits developed within next 30 days.
MS14-041(Sandbox escape via DirectShow)
Attacker running code at low integrity level runs exploit binary to elevate to context of logged-on user.
Important
1
Likely to see reliable exploits developed within next 30 days.
MS14-039(Sandbox escape via on-screen keyboard)
Attacker running code at low integrity level runs exploit binary to elevate to context of logged-on user.
Important
1
Likely to see reliable exploits developed within next 30 days.
MS14-042(Service Bus)
Attacker could cause Service Bus to stop responding to incoming AMQP messages.
Moderate
n/a
Lower severity issue unlikely to see significant attacker interest.
Windows Azure not affected.
- Jonathan Ness, MSRC