Skip to main content
MSRC

Security Bulletin

January 2015 Updates

Tuesday, January 13, 2015

Today, as part of Update Tuesday, we released eight security updates– one rated Critical and seven rated Important in severity, to address eight unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows. We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage.

December 2014 Updates

Tuesday, December 09, 2014

Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office and Exchange. We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage.

Security Bulletin MS14-068 released

Wednesday, November 19, 2014

Today, we released an out-of-band security update to address a vulnerability in Kerberos which could allow Elevation of Privilege. This update is for all supported versions of Windows Server and includes a defense-in-depth update for all supported versions of Windows. We strongly encourage customers to apply this update as soon as possible by following the directions in Security Bulletin MS14-068.

Out-of-band release for Security Bulletin MS14-068

Tuesday, November 18, 2014

On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows. We strongly encourage customers to apply this update as soon as possible, following the directions in the security bulletin. More information about this bulletin can be found at Microsoft’s Bulletin Summary page.

October 2014 Updates

Tuesday, October 14, 2014

Today, as part of Update Tuesday, we released eight securityupdates – three rated Critical and five rated Important - to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize deployment planning, we recommend focusing on the Critical updates first.

The September 2014 Security Updates

Tuesday, September 09, 2014

Today, as a part of our regular Update Tuesday process, we released four security bulletins – one rated Critical and three rated Important in severity – to address 42 Common Vulnerabilities & Exposures (CVEs) in Microsoft Windows, Internet Explorer, .NET Framework, and Lync Server. We encourage you to apply all of these updates, but for those who need to prioritize, we recommend focusing on the Critical update first.

July 2014 Security Bulletin Release

Tuesday, July 08, 2014

Many around the globe have been following the 2014 FIFA World Cup Brazil™ closely. Regardless of which country you are supporting, many folks have been impressed by the defensive display put on by keeper Tim Howard in a loss against Belgium. It was a great performance highlighting a strong defense – always a good thing to have, be it on the pitch or on your system.

The May 2014 Security Updates

Tuesday, May 13, 2014

Today, we released eight security bulletins – two rated Critical and six rated Important – to address 13 Common Vulnerability & Exposures (CVEs) in .NET Framework, Office, SharePoint, Internet Explorer, and Windows. We encourage you to apply all of these updates, but for those who need to prioritize their deployment planning, we recommend focusing on MS14-024, MS14-025 and MS14-029.

Out-of-Band Release to Address Microsoft Security Advisory 2963983

Thursday, May 01, 2014

At approximately 10 a.m. PDT, we will release an out-of-band security update to address the issue affecting Internet Explorer (IE) that was first discussed in Security Advisory 2963983. This update is fully tested and ready for release for all affected versions of the browser. The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically.

The April 2014 Security Updates

Tuesday, April 08, 2014

T. S. Elliot once said, “What we call the beginning is often the end. And to make an end is to make a beginning. The end is where we start from.” So as we put one season to bed, let’s start another by looking at the April security updates. Today, we release four bulletins to address 11 CVEs in Microsoft Windows, Internet Explorer and Microsoft Office.