Microsoft Security Bulletin(s) for December 9, 2014
Note: There may be latency issues due to replication, if the page does not display keep refreshing
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
Microsoft Security Bulletin Summary for December 2014
Critical (3)
Microsoft Security Bulletin MS14-080
Cumulative Security Update for Internet Explorer (3008923)
»technet.microsoft.com/library/se···ms14-080
Microsoft Security Bulletin MS14-081
Vulnerabilities in Microsoft Word and Microsoft Office Web Apps Could Allow Remote Code Execution (3017301)
»technet.microsoft.com/library/se···ms14-081
Microsoft Security Bulletin MS14-084
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)
»technet.microsoft.com/library/se···ms14-084
Important (4)
Microsoft Security Bulletin MS14-075
Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)
»technet.microsoft.com/library/se···ms14-075
Microsoft Security Bulletin MS14-082
Vulnerability in Microsoft Office Could Allow Remote Code Execution (3017349)
»technet.microsoft.com/library/se···ms14-082
Microsoft Security Bulletin MS14-083
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (3017347)
»technet.microsoft.com/library/se···ms14-083
Microsoft Security Bulletin MS14-085
Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126)
»technet.microsoft.com/library/se···ms14-085
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.
As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA
Note: There may be latency issues due to replication, if the page does not display keep refreshing
Today Microsoft released the following Security Bulletin(s).
Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
Microsoft Security Bulletin Summary for December 2014
Critical (3)
Microsoft Security Bulletin MS14-080
Cumulative Security Update for Internet Explorer (3008923)
»technet.microsoft.com/library/se···ms14-080
Microsoft Security Bulletin MS14-081
Vulnerabilities in Microsoft Word and Microsoft Office Web Apps Could Allow Remote Code Execution (3017301)
»technet.microsoft.com/library/se···ms14-081
Microsoft Security Bulletin MS14-084
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)
»technet.microsoft.com/library/se···ms14-084
Important (4)
Microsoft Security Bulletin MS14-075
Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)
»technet.microsoft.com/library/se···ms14-075
Microsoft Security Bulletin MS14-082
Vulnerability in Microsoft Office Could Allow Remote Code Execution (3017349)
»technet.microsoft.com/library/se···ms14-082
Microsoft Security Bulletin MS14-083
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (3017347)
»technet.microsoft.com/library/se···ms14-083
Microsoft Security Bulletin MS14-085
Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126)
»technet.microsoft.com/library/se···ms14-085
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.
As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA