Microsoft Security Bulletin Summary for September 2014

Microsoft released updates to address vulnerabilities in Windows, .NET Framework, Internet Explorer and Lync Server as part of the Microsoft Security Bulletin Summary for September 2014. Some of these vulnerabilities could allow remote code execution, elevation of privilege, or denial of service.

US-CERT encourages users and administrators to review the Microsoft bulletin and apply the necessary updates.

Google Releases Security Update for Chrome

Google released a Chrome Stable Channel Update 34.0.1847.137 for Windows, Mac and Linux.

This release also contains a Flash Player update, to version

Security Fixes and Rewards

This update includes 3 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information. 

[$2000][358038] High CVE-2014-1740: Use-after-free in WebSockets. Credit to Collin Payne.