Share via


June 2014 Internet Explorer Updates

Microsoft Security Bulletin MS14-035 - CriticalThis security update resolves two publicly disclosed vulnerabilities and fifty-seven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 on Windows clients, Moderate for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 on Windows servers. For more information, see the full bulletin.

Recommendation.  Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.

Security Update for Flash Player (2966072)

On June 10th, a security update for Adobe Flash Player in Internet Explorer 10 and 11 on supported editions of Windows 8, Windows 8.1 and Windows Server 2012 and Windows Server 2012 R2 is also available. The details of the vulnerabilities are documented in Adobe security bulletin APSB14-16. This update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash binaries contained within Internet Explorer 10 and Internet Explorer 11. For more information, see the advisory.

Most customers have automatic updating enabled and will not need to take any action because this update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

— Wilson Guo, Program Manager, Internet Explorer

Comments

  • Anonymous
    June 10, 2014
    IE 11.0.9

  • Anonymous
    June 10, 2014
    The comment has been removed

  • Anonymous
    June 11, 2014
    In my WSUS update KB2963950 seems to be detected as needed on all my Windows 7 IE11 PCs, but the kb article says it should only apply when KB2929437 isn't present.  Update 2957689 is also detected as needed which would be the correct one since they all do already have 2929437.  Is there a problem with 2963950 in WSUS, or is the kb information wrong?

  • Anonymous
    June 11, 2014
    After installing 2957689 on IE10, IE opens a additional tab "Your browser has been upgraded" on first run. How to prevent this?

  • Anonymous
    June 12, 2014
    We sure need an update of when we can expect a build of IE12 .... IE11 is 10 months old now.

  • Anonymous
    June 12, 2014
    @ThiloL >>After installing 2957689 on IE10, IE opens a additional tab "Your browser has been upgraded" on first run. How to prevent this? This is a one time notification of turning on search suggestions in the address bar. It should not appear again.

  • Anonymous
    June 12, 2014
    @Acryion, 8 months, actualy. Through I agree on your point: come on Microsoft, show us some IE12!

  • Anonymous
    June 12, 2014
    @Acryion, @Yannick - While the version has not changed, it was updated. The number does not matter, the features and bug fixes do and in April, an updated Internet Explorer 11 was released. Same version, new features and bug fixes. That works for me, I could not care less about the version number.

  • Anonymous
    June 12, 2014
    What happened to answering question at #AskIE the new motto of IE team ? Is it already rendered as another orphaned Connect ? Come'on guys atleast answer a SINGLE question there! Otherwise, please don't make promises that you can't keep :failed:

  • Anonymous
    June 13, 2014
    @Terry - I think the #AskIE thing was a one off, two hour Twitter special and not a regular thing. Where did you see it advertised as a constant approach? The next one will be hosted at JSConf, July 29th, 2014. See blogs.msdn.com/.../launching-status-modern-ie-amp-internet-explorer-platform-priorities.aspx for details.

  • Anonymous
    June 13, 2014
    The comment has been removed

  • Anonymous
    June 13, 2014
    @Charles Morris, Thank you for conversing back sir! This is the most precious thing that an IE team member is reading what we have to say!! A dream of any web developer of any era! ;) There is one little bug nagging me in IE 7 till IE 11: It happens randomly so please read till the end, maybe because I only use IE and use it too much that once in a while I am able to reproduce this bug: "Sometimes when you refresh the page, the page URL becomes http://http//<rest-of-the-URL> with Page Not Found error." Now, if this is surprising, shocking or new for you (the IE developer with access to IE code), I would suggest you to kindly search for the term "http//" (with no colon : before forward-slash /) and replace with "http://". Thanks in anticipation and all the large work you have done for my favorite browser.

  • Anonymous
    June 17, 2014
    Can anyone explain why MSFT thought it was a good idea to almost no color differentiation between the backcolor of a scrollbar and the color of the scroll thumb?  Are all of your developers 19 years old and have better than 20/20 vision? For the first time in my life, I have decided to ditch IE and go with Chrome.

  • Anonymous
    June 17, 2014
    Security blahblah. How about some bugfixes? How about allowing reading mode on desktop, and on Windows 7?

  • Anonymous
    June 17, 2014
    @LS not only that, but scrollbars in IE are not stylable. They used to be in times that IE was a misbahving piece of sheit, but now it behaves and that functionality is (correctly) gone. But I didn't see it begint brought back in a proper manner using the -ms- prefix.