Industry News

Microsoft Issues Security Updates for Critical Vulnerabilities in Internet Explorer and Windows Journal

Microsoft issued new update packages to patch critical vulnerabilities in Internet Explorer and Windows Journal, according to Microsoft’s July Security Bulletin.

Two updates have been rated  `critical,’ three as `important’ and one `moderate,’ by the company, which addressed 29 vulnerabilities in six update packages, from MS14-037 to MS14-042.

Microsoft Issues Security Updates for Critical Vulnerabilities in Internet Explorer and Windows Journal

Photo credit: Microsoft’s Blog

“The ongoing diligent work from our Internet Explorer team continues this month, with the security bulletin for Internet Explorer addressing a total of 24 CVEs,” said Microsoft’s Security Bulletin MS14-037 for Internet Explorer. “The most critical of these could allow remote code execution if a user views a webpage specially crafted by a cybercriminal.”

For the critical IE issue, there were 23 critical undisclosed vulnerabilities and one disclosed vulnerability, as it affected IE versions from 6 to 11 on many Windows versions, from consumer to enterprise servers.

The other critical vulnerability was based in the Windows Journal file, as it affects consumer Windows versions such as Windows Vista SP2 (x86 & x64), Windows 7 SP1 (x86 & x64), Windows 8 & 8.1 (x86 & x64) and Windows RT & RT 8.1.

Among the impacted enterprise server operating systems are Windows Server 2008 SP2 (x86 & x64), Windows Server 2008 R2 SP1 (x64) and Windows Server 2012 & 2012 R2.

“Systems where Windows Journal is used, including workstations and terminal servers, are primarily at risk,” advised Microsoft’s Security Bulletin MS14-038.

“The security bulletin for Windows Journal addresses one privately reported CVE that could allow an attacker to execute code on your system if you open a malicious Windows Journal file,” said Microsoft’s Dustin Childs in a blog post.

Microsoft was not the only one today to have pushed new critical security updates, as Adobe issued a security update for three published vulnerabilities.

About the author

Lucian Ciolacu

Still the youngest Bitdefender News writer, Lucian is constantly after flash news in the security industry, especially when something is vulnerable or exploited. Besides digging for 'hacker' scoops and data leaks, he enjoys sports, such as football and tennis.
He has also combined an interest for social and political sciences, as a graduate of the Political Science Faculty, with a passion for guitar and computer games.