Microsoft patches 23 Windows, IE and Silverlight vulnerabilities

Summary:Windows XP's next-to-last Patch Tuesday saw four updates to it. Office 2003 is also going off support, but no updates were released today for it.

Microsoft released five updates fixing 23 vulnerabilities in Windows, Internet Explorer and Silverlight. Among the vulnerabilities fixed is  a zero-day bug in Internet Explorer 9 and 10  being exploited in the wild. 

A Cumulative Update for Internet Explorer accounts for 18 of the 23 vulnerabilities. One of these is the zero-day vulnerability that Microsoft acknowledged recently .

Today is the next-to-last Patch Tuesday for Windows XP and Office 2003. The updates include fixes for four vulnerabilities in Windows XP, but none in Office. XP users will also have updates for Internet Explorer.

The five specific updates are:

  • MS14-012: Cumulative Security Update for Internet Explorer (2925418)
  • MS14-013: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2929961)
  • MS14-014: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275)
  • MS14-015: Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
  • MS14-016: Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677)

Microsoft has also released  a large number of non-security updates  for all versions of Windows.

Topics: Security, Windows

About

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.