Advance notice Microsoft patches for May – to be released on May 13

Microsoft has just provided advance notice of the patches that are scheduled to be released on May 13. The details are available at Рhttp://technet.microsoft.com/en-us/security/bulletin/ms14-may  There are a total of eight patches scheduled to be released. Two of those are identified as CRITICAL (for workstation operating systems) and six of those are identified as IMPORTANT.

Bulletin #1 is an update for all versions of Internet Explorer. It is designated as CRITICAL for workstation operating systems and MODERATE for all server operating systems.

Bulletin #2 is an update for Microsoft Server operating systems and also for Microsoft Office Services/Web apps and Productivity software. It is designated as CRITICAL for the following Server operating systems or Office/Productivity software:

 

Server Software

  • SharePoint Server 2007sp3 (32 and 64bit versions)
  • SharePoint Server 2010sp1 and sp2
  • SharePoint Server 2013 base and sp1

 

Office Services and Web apps

  • SharePoint Server 2010 sp1 and sp2
  • SharePoint Server 2013 base and sp1
  • Office Web apps 2010 sp1 and sp2
  • Office Web apps 2013 base and sp1

 

Productivity Software

  • SharePoint Server 2013 client components SDK (32 and 64 bit versions)
  • SharePoint Designer 2007 sp3
  • SharePoint Designer 2010 sp1 and sp2 (both 32 and 64 bit versions)
  • SharePoint Designer 2013 base and sp1 (both 32 and 64 bit versions)

 

Adobe is also scheduled to release an update for versions X and XI of both Reader and Acrobat on May 13. See the following URL for details – http://helpx.adobe.com/security/products/reader/apsb14-15.html

Update May 13 – 12 (noon)

Microsoft has just released the patches for May. As previously indicated, there are a total of eight patches, two of which are identified as CRITICAL and apply to both Internet Explorer  (https://technet.microsoft.com/library/security/ms14-029 ) and also to Microsoft Server Operating systems and various productivity software ( https://technet.microsoft.com/library/security/ms14-022).

The CRITICAL patch for Internet Explorer includes two privately reported vulnerabilities that would enable remote code execution if exploited successfully.  As some resources have indicated that at least one of the privately reported vulnerabilities for Internet Explorer is being actively exploited and for that reason, it is suggested that the patch be applied to workstations immediately.

The CRITICAL patch for the Server operating systems and productivity software while not actively being exploited, still is recommended to be applied as soon as possible.

 

Tags: ,

Categories: Uncategorized