Windows: IE 0-day vulnerability (CVE-2014-1776) -- Patch Now

SUMMARY: Windows: IE 0-day vulnerability (CVE-2014-1776) -- Patch Now
POSTED ON: 05/01/2014
REPORTER: Jocelyn E Kasamoto (jocelyn)
START TIME: May 01 12:42 PM
END TIME: May 30 12:42 PM
DESCRIPTION: Microsoft has released a special update for Internet Explorer (IE) zero-day vulnerability (CVE-2014-1776) -- even for Windows XP! Windows XP fell out of support on April 8, 2014 and shouldn't have received a patch. This underscores the importance of the patch and the priority to patch as soon as possible.

Please run Windows Update ASAP for clients and servers. A restart may be required.

The security update will be listed as "Security Update for Internet Explorer (6-11) on Windows (XP/Vista/Win7/Win8/8.1) (KB2964358)".

The critical 0-day vulnerability was reported at http://www.hawaii.edu/technews/notice.php?id=270213

For more information

Microsoft Security Bulletin MS14-021 - Critical
Security Update for Internet Explorer (2965111)
https://technet.microsoft.com/library/security/ms14-021

Microsoft Announces Special Patch for IE 0-day (Win XP included!)
https://isc.sans.edu/

If you have questions or need assistance, please contact the ITS Help Desk at 956-8883 or email help@hawaii.edu.