Microsoft today fixed a total of 29 vulnerabilities across six bulletins as part of a relatively light July 2014 Patch Tuesday release, although a cumulative update for Internet Explorer addressed a hefty two dozen vulnerabilities alone. The “critical” Internet Explorer update, MS14-037, is the latest in a string of Patch Tuesday releases in which Microsoft’s Web browser has been the focal point for administrators – the company fixed a total of 59 IE vulnerabilities last month alone, and has so far patched several zero-day flaws in the browser this year.
Microsoft today released six security bulletins and updates to address the vulnerabilities disclosed in them. The updates address a total of 29 vulnerabilities. The Microsoft Exploitability Index this month’s updates says that successful exploit code for 28 of the 29 vulnerabilities is “likely.” The 29th is not listed in the index. (This is likely an error. We have informed Microsoft and will update the story when they respond.) As is usually the case, Microsoft will also release a new version of the Windows Malicious Software Removal Tool and a large collection of non-security updates to various Windows versions. The list of these updates and links to their knowledge base articles is below. Some of them are live as we publish this article, others will come online with a day.