Microsoft Security Bulletins For July 2014 overview

Welcome to the overview of Microsoft's Patch Tuesday for July 2014. It lists all information about this month's security and non-security updates for Microsoft operating systems and other company products.

A total of six bulletins are released this month that fix 29 vulnerabilities in Microsoft Windows, Internet Explorer and Microsoft Server Software.

Two of the bulletins have received the highest severity rating of critical, three a severity rating of important, and one of moderate. This means that at least one Microsoft product is affected by the severity in this way, while other products may be affected in the same way, less, or not at all.

Check out the executive summary below if you are in a hurry, or read all sections of the guide for the complete picture.

Executive Summary

1. Six bulletins addressing a total of 29 vulnerabilities have been released by Microsoft this month.
2. Affected products include Windows, Server software and the Internet Explorer browser.
3. Two bulletins have received the highest severity rating of critical.
4. The top deployment priorities are MS14-037 addressing vulnerabilities in Internet Explorer and MS14-038 addressing vulnerabilities in Windows Journal.

Operating System Distribution

All Windows client-based operating systems with the exception of Windows RT and RT 8.1 share the same vulnerability distribution. All are affected by two critical and three important bulletins. Windows RT and RT 8.1 are affected by two critical and two important bulletins.

The server distribution is identical as well except for Windows Server 2003 which is affected less severely. All server-based Windows products except 2003 are affected by one critical, three important and one moderate bulletin. Server 2003 is only affected by one important and one moderate vulnerability.

Windows Vista: 2 critical, 3 important
Windows 7: 2 critical, 3 important
Windows 8: 2 critical, 3 important
Windows 8.1: 2 critical, 3 important
Windows RT: 2 critical, 2 important
Windows RT 8.1: 2 critical, 2 important
Windows Server 2003: 1 important, 1 moderate
Windows Server 2008: 1 critical, 3 important, 1 moderate
Windows Server 2008 R2: 1 critical, 3 important, 1 moderate
Windows Server 2012: 1 critical, 3 important, 1 moderate
Windows Server 2012 R2: 1 critical, 3 important, 1 moderate
Server Core installation: 2 important

Deployment Guide

Microsoft suggests the following deployment priority for this month's bulletins:

• Tier 1: MS14-037 Internet Explorer and MS14-038 Journal
• Tier 2: MS14-039 Keyboard, MS14-040 AFD and MS14-041 DirectShow
• Tier3: MS14-042 Service Bus

Security Bulletins

• MS14-037 - Cumulative Security Update for Internet Explorer (2975687) - Critical - Remote Code Execution
• MS14-038 - Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) - Critical - Remove Code Execution
• MS14-039 -  Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685) - Important - Elevation of Privilege
• MS14-040 - Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege (2975684)  - Important - Elevation of Privilege
• MS14-041 - Vulnerability in DirectShow Could Allow Elevation of Privilege (2975681) - Important - Elevation of Privilege
• MS14-042 - Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621) - Moderate
  Denial of Service

Security Advisories

• Microsoft Security Advisory 2871997 (revised) - Update to Improve Credentials Protection and Management - Changes default behavior for Restricted Admin mode on Windows 8.1 and Windows Server 2012 R2.
• Microsoft Security Advisory 2960358 (revised) - Update for Disabling RC4 in .NET TLS.
• Microsoft Security Advisory 2755801 (revised) - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

Non-security related updates

• Update for Windows 8 and Windows Server 2012 (KB2937636) - Update to Microsoft Update client.
• Update for Windows 8.1, Windows Server 2012 R2, Windows 8, and Windows Server 2012 (KB2938066)
• Update for Windows 7 (KB2952664) - Compatibility update for upgrading Windows 7.
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2959626) - Reliability improvements for Remote Desktop Session Host and RemoteApp.
• Update for Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, and Windows Server 2008 R2 (KB2959936)
• Update for Windows Embedded POSReady 7 and Windows 8.1 (KB2959943)
• Update for Windows 8, Windows RT, and Windows Server 2012 (KB2960837) - Excel freezes when you convert Japanese characters in Windows.
• Update for Windows 8.1 (KB2962183) - Xbox Games app.
• Update for Windows 8.1 (KB2962184) - Xbox Music app.
• Update for Windows 8.1 (KB2962185) - Xbox Video app.
• Update for Windows 8.1 (KB2962186) - Bing Finance app.
• Update for Windows 8.1 (KB2962187) - Bing Health & Fitness app.
• Update for Windows 8.1 (KB2962188) - Bing News app.
• Update for Windows 8.1 (KB2962189) - Bing Sports app.
• Update for Windows 8.1 (KB2962190) - Bing Travel app.
• Update for Windows 8.1 (KB2962191) - Bing Weather app.
• Update for Windows 8.1 (KB2962192) - Bing Mapps app.
• Update for Windows 8.1 (KB2962195) - Windows Reading List app.
• Update for Windows 8.1 (KB2962196) - Calculator app.
• Update for Windows 8.1 (KB2962197) - Alarms app.
• Update for Windows 8.1 (KB2962198) - Sound Recorder app.
• Update for Windows 8.1 (KB2962199) - Bing Food & Drink app.
• Update for Windows 8.1 (KB2962200) - Scan app.
• Update for Windows 8.1 (KB2962201) - Skype app.
• Update for Windows 7 and Windows Server 2008 R2 (KB2966583)
• Update for Windows 8, Windows RT, and Windows Server 2012 (KB2967916) - July 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2967917)
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2971203) - July 2014 cumulative update for Windows Store in Windows 8.1 or Windows Server 2012 R2
• Update for Windows 8.1 and Windows RT 8.1 (KB2972094) - The string of the Family Safety dialog box is not localized in Windows RT 8.1 or Windows 8.1
• Update for Windows 7 and Windows Server 2008 R2 (KB2973337) - SHA512 is disabled in Windows 7 or Windows Server 2008 R2
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2975061)
• Update for Windows 8.1 and Windows 8 (KB2976978)
• Update for Windows 7 (KB2977759)
• Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2980654)
• Windows Malicious Software Removal Tool - July 2014 (KB890830)/Windows Malicious Software Removal Tool - July 2014 (KB890830) - Internet Explorer Version
• Update for Windows 8, Windows RT, and Windows Server 2012 (KB2962407) - Windows RT, Windows 8, and Windows Server 2012 update rollup: June 2014.
• Update for Windows RT (KB2973544) - An update to enable an automatic update from Windows RT to Windows RT 8.1.
• Update for Windows 8 (KB2962156) - Camera app.
• Update for Windows 8 (KB2962163) - Xbox Video app.
• Update for Windows 8 (KB2962168) - Photos app.
• Update for Windows 8 (KB2962169) - Xbox Games app.
• Update for Windows 8 (KB2962171) - Xbox Music app.
• Update for Windows 8 (KB2962173) - Bing Finance app.
• Update for Windows 8 (KB2962175) - Bing News app.
• Update for Windows 8 (KB2962176) - Bing Sports app.
• Update for Windows 8 (KB2962177) - Bing Travel app.
• Update for Windows 8 (KB2962178) - Bing Weather app.
• Update for Windows 8 (KB2962179) - Bing Search app.
• Update for Windows 8 (KB2962180) - Bing Maps app
• Update for Windows 8 (KB2962181) - Reader app for Windows 8.
• Update for Windows 8.1 (KB2962182) - Windows Communications Apps (People, Mail, Calendar)
• Update for Windows 8.1 (KB2962193) . Microsoft Reader.
• Update for Windows 8.1 (KB2962194) - Help and Tips app.

How to download and install the July 2014 security updates

Downloads are offered via Windows Update and Microsoft's Download Center.  If Windows update has not been modified, updates are downloaded and installed automatically on target systems.

It may still be worthwhile to check for updates manually since it may take a while before Windows runs an automatic check for updates.

The easiest way to do so is to tap on the Windows-key, type Windows Update, and select the results from the list. Here you need to click on check for updates to run the check manually.

You can download all updates individually or in form of a monthly security ISO image from Microsoft's Download Center as well.

Additional information

• Microsoft Security Response Center blog on the 2014 Bulletin Release
• Microsoft Security Bulletin Summary for July 2014
• List of software updates for Microsoft products 2014
• All Microsoft Security Release ISO Images
• Our in-depth update guide for Windows