Microsoft Security Bulletin(s) for April 14, 2015

Microsoft Security Bulletin(s) for April 14, 2015
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: » ··· security and » are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
» ··· ms15-apr

Critical (4)

Microsoft Security Bulletin MS15-032
Cumulative Security Update for Internet Explorer (3038314)
» ··· ms15-032

Microsoft Security Bulletin MS15-033
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3048019)
» ··· ms15-033

Microsoft Security Bulletin MS15-034
Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)
» ··· ms15-034

Microsoft Security Bulletin MS15-035
Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (3046306)
» ··· ms15-035

Important (7)

Microsoft Security Bulletin MS15-036
Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege (3052044)
» ··· ms15-036

Microsoft Security Bulletin MS15-037
Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (3046269)
» ··· ms15-037

Microsoft Security Bulletin MS15-038
Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege (3049576)
» ··· ms15-038

Microsoft Security Bulletin MS15-039
Vulnerability in XML Core Services Could Allow Security Feature Bypass (3046482)
» ··· ms15-039

Microsoft Security Bulletin MS15-040
Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3045711)
» ··· ms15-040

Microsoft Security Bulletin MS15-041
Vulnerability in .NET Framework Could Allow Information Disclosure (3048010)
» ··· ms15-041

Microsoft Security Bulletin MS15-042
Vulnerability in Windows Hyper-V Could Allow Denial of Service (3047234)
» ··· ms15-042

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA
Microsoft Security Bulletin Releases Issued: April 14, 2015

The following bulletin has undergone a major revision increment.

* MS14-080 - Critical

Bulletin Information:

MS14-080 - Critical

- Title: Cumulative Security Update for Internet Explorer (3008923)
- » ··· ms14-080
- Reason for Revision: V3.0 (April 14, 2015): To comprehensively
address issues with the 3008923 security update, customers running
Internet Explorer 11 on either Windows 7 or Windows Server 2008 R2
should also install the 3038314 security update released on
April 14, 2015. For more information, see MS15-032 or use the
following Microsoft Download Center links for your specific
* Internet Explorer 11 on Windows 7 for 32-bit Systems (3038314)
* Internet Explorer 11 on Windows 7 for x64-based Systems
Service Pack 1 (3038314)
* Internet Explorer 11 on Windows Server 2008 R2 for x64-based
Systems Service Pack 1 (3038314)
- Originally posted: December 9, 2014
- Updated: April 14, 2015
- Bulletin Severity Rating: Critical
- Version: 3.0
Microsoft MVP Reconnect
Microsoft Security Advisory Notification Issued: April 14, 2015

Security Advisories Updated or Released Today

* Microsoft Security Advisory (3045755)
- Title: Update to Improve PKU2U Authentication
- » ··· /3045755
- Revision Note: V1.0 (April 14, 2015): Advisory published.

* Microsoft Security Advisory (3009008)
- Title: Vulnerability in SSL 3.0 Could Allow Information
- » ··· /3009008
- Revision Note: V3.0 (April 14, 2015) Revised advisory to
announce that with the release of security update 3038314
on April 14, 2015 SSL 3.0 is disabled by default in Internet
Explorer 11, and to add instructions for how to undo the
Microsoft MVP Reconnect

Discussion Info

Last updated February 20, 2018 Views 344 Applies to: