Microsoft Update News (June 11, 2014)

Just a few important updates you need to know about:

Windows 8.1 Update needs to be installed

June 10 is the Microsoft-imposed deadline for Windows 8.1 consumers to move to the Windows 8.1 Update in order to continue to receive future fixes and patches from Microsoft.

If your computer is running Windows 8, it’s time to download and install the newest version—Windows 8.1.

Windows 8.1 Update (also known as KB 2919355) helps your computer run at optimal performance and includes new features that make the operating system easier to use. If you don’t install Windows 8.1, or if you uninstall it, you might not get future bug fixes, security updates, and new features.

If your computer is set to receive updates automatically, you don’t need to do anything.

To see if you’re running the latest update, see Which Windows operating system am I running? To install the latest update, see Install the latest Windows 8.1 Update.

(the above is from Microsoft Security Tips & Talk) See also:

Large Internet Explorer update headlines June Patch Tuesday

On Tuesday, Microsoft released seven security bulletins and updates addressing a total of 66 vulnerabilities.

In total, 59 of them are in a single update, a Cumulative Update for Internet Explorer. That update and another affecting Windows and Office are rated critical. One of those IE vulnerabilities had been publicly disclosed.

  • MS14-035: Cumulative Security Update for Internet Explorer (2969262) — Nearly all of the 59 vulnerabilities fixes in this update are rated critical on at least one version of Windows and Internet Explorer, but the mix of severities and versions is complex. Microsoft credits at least 32 researchers for disclosing these vulnerabilities (some are anonymous). Microsoft has also been collecting these vulnerabilities for some time; one of them, CVE-2014-1770, was reported to Microsoft over six months ago by HP’s Zero-Day Initiative. ZDI waits to disclose until the vendor issues a fix, but their rules state that they will disclose in any case after six months.

(The above is from the ZDNet Security Bulletin: