November 2014 Microsoft Patch Tuesday Summary

By Elevate posted 11-11-2014 21:22


Welcome to the November edition of Microsoft Patch Tuesday Summary. In this edition there are 14 updates; four are marked "Critical", eight are rated "Important" and two are rated "Moderate”. A total of 33 CVE's (Common Vulnerability and Exposure) were fixed over 14 bulletins this month. One of the Critical update MS14-064 addresses Sandworm related attack CVE-2014-6352 which was seen being exploited in the wild.


Here is a list of Security bulletins which were rolled out in today's Patch Tuesday release.


Bulletin ID Bulletin Title Bulletin Severity
MS14-064 Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443) Critical
MS14-065 Cumulative Security Update for Internet Explorer (3003057) Critical
MS14-066 Vulnerability in Schannel Could Allow Remote Code Execution (2992611) Critical
MS14-067 Vulnerabilities in XML Core Services Could Allow Remote Code Execution (2993958) Critical
MS14-069 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution(3009710) Important
MS14-070 Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935) Important
MS14-071 Vullnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607) Important
MS14-072 Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210) Important
MS14-073 Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431) Important
MS14-074 Vulnerability in Remote Desktop Protocol could allow Security Feature Bypass (3003743) Important
MS14-076 Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass (2982998) Important
MS14-077 Vulnerability in Active Directory Federation Services could allow Information Disclosure (3003381) Important
MS14-078 Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719) Moderate
MS14-079 Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (3002885) Moderate


Tracking Microsoft Vulnerability Patches 2014





As shown in the chart above, number of vulnerabilities which were patched this month is slightly higher than that of October's release.This Patch Tuesday also turns out to be the heaviest of the year so far from bulletin count perspective. As we do every month, we’ve released a signature update #2439 to address vulnerabilities fixed in this month's patches. Happy patching!

For additional information on how you can protect your network from emerging threats, please visit