Microsoft released five updates fixing 23 vulnerabilities in Windows, Internet Explorer and Silverlight. Among the vulnerabilities fixed is being exploited in the wild.
A Cumulative Update for Internet Explorer accounts for 18 of the 23 vulnerabilities. One of these is.
Today is the next-to-last Patch Tuesday for Windows XP and Office 2003. The updates include fixes for four vulnerabilities in Windows XP, but none in Office. XP users will also have updates for Internet Explorer.
The five specific updates are:
- MS14-012: Cumulative Security Update for Internet Explorer (2925418)
- MS14-013: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2929961)
- MS14-014: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275)
- MS14-015: Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
- MS14-016: Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677)
Microsoft has also releasedfor all versions of Windows.