Skip to main content
MSRC

Attack Vector

Assessing risk for the September 2014 security updates

Tuesday, September 09, 2014

Today we released four security bulletins addressing 42 unique CVE’s. One bulletin has a maximum severity rating of Critical and the other three have maximum severity Important. This table is designed to help you prioritize the deployment of updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploitability Index Rating Platform mitigations and key notes MS14-052(Internet Explorer) Victim browses to a malicious webpage.

Assessing risk for the August 2014 security updates

Tuesday, August 12, 2014

Today we released nine security bulletins addressing 37 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other seven have a maximum severity rating of Important. This table is designed to help you prioritize the deployment of updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max exploit-ability Likely first 30 days impact Platform mitigations and key notes MS14-051(Internet Explorer) Victim browses to a malicious webpage.

Assessing risk for the July 2014 security updates

Tuesday, July 08, 2014

Today we released six security bulletins addressing 29 unique CVE’s. Two bulletins have a maximum severity rating of Critical, three have maximum severity Important, and one is Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max exploit-ability Likely first 30 days impact Platform mitigations and key notes MS14-037(Internet Explorer) Victim browses to a malicious webpage.

Assessing risk for the June 2014 security updates

Tuesday, June 10, 2014

Today we released seven security bulletins addressing 66 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other five have a maximum severity rating of Important. This table is designed to help you prioritize the deployment of updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max XI Likely first 30 days impact Platform mitigations and key notes MS14-035 (Internet Explorer) Victim browses to a malicious webpage.

Assessing risk for the May 2014 security updates

Tuesday, May 13, 2014

Today we released eight security bulletins addressing 13 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other six have a maximum severity rating of Important. The table is designed to help you prioritize the deployment of updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max exploit-ability Likely first 30 days impact Platform mitigations and key notes MS14-029(Internet Explorer) Victim browses to a malicious webpage.

Assessing risk for the April 2014 security updates

Tuesday, April 08, 2014

Today we released four security bulletins addressing 11 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other two have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max exploitability Likely first 30 days impact Platform mitigations and key notes MS14-017(Word) Victim opens a malicious RTF or DOC/DOCX file.

Assessing risk for the March 2014 security updates

Tuesday, March 11, 2014

Today we released five security bulletins addressing 23 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other three have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS14-012(Internet Explorer) Victim browses to a malicious webpage.

Assessing risk for the February 2014 security updates

Tuesday, February 11, 2014

Today we released seven security bulletins addressing 31 unique CVE’s. Four bulletins have a maximum severity rating of Critical while the other three have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS14-010(Internet Explorer) Victim browses to a malicious webpage.

Assessing risk for the December 2013 security updates

Tuesday, December 10, 2013

Today we released eleven security bulletins addressing 24 CVE’s. Five bulletins have a maximum severity rating of Critical while the other six have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max XI Likely first 30 days impact Platform mitigations and key notes MS13-096(GDI+ TIFF parsing) Victim opens malicious Office document.

Assessing risk for the November 2013 security updates

Tuesday, November 12, 2013

Today we released eight security bulletins addressing 19 CVE’s. Three bulletins have a maximum severity rating of Critical while the other five have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS13-090(ActiveX killbit) Victim browses to a malicious webpage.