MS14-037: Security update for Internet Explorer versions 6, 7, 8, 9, 10, and 11: July 8, 2014


Introduction


The security update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory, validates permissions, and handles negotiation of certificates during a TLS session. For more information see Microsoft Security Bulletin MS14-037.

Additionally, this update includes several non-security updates. See 2975687 for more information.

Important note for Internet Explorer 11 systems This update applies only to computers that are running Internet Explorer 11 and that do have update 2919355 (for Windows 8.1 or Windows Server 2012 R2) or update 2929437 (for Windows 7 SP1 or Windows Server 2008 R2 SP1) installed. All future security and nonsecurity updates for Internet Explorer 11 require you to have update 2919355 or update 2929437 installed in order to receive updates. We recommend that you install update 2919355 or update 2929437 in order to continue to receive updates.


See Microsoft Knowledge Base article 2963952 for systems that do not have update 2919355 (for Windows 8.1 or Windows Server 2012 R2) or update 2929437 (for Windows 7 SP1 or Windows Server 2008 R2 SP1) installed.

Security update information


How to obtain this security update

Microsoft update

Use the Windows automatic updating feature to install the update from Microsoft Update. To do this, see Get security updates automatically on the Microsoft Safety and Security Center website.

Microsoft Download Center

To download the security updates, see the download links in Microsoft Security Bulletin MS14-037.

More Information


Known issues with this security update

  • Issue 1: Hosted browser applications may be unstable and crash after the installation of this security update. This issue affects Internet Explorer 9 through 11.




    Resolution: To resolve this issue, install update 2976627 .

  • Issue 2: After you install this security update, Internet Explorer may become unresponsive in some applications when web forms are being used or when files are being uploaded. This issue affects Internet Explorer versions 10 and 11.

    Resolution: To resolve this issue, install update 2976627 .

  • Issue 3: After you install this security update, some browser-hosted applications may crash on startup in Internet Explorer. This issue affects Internet Explorer versions 6 through 11.

    Resolution: To resolve this issue, install update 2976627 .

  • Issue 4: After you install this security update, the Internet Explorer window may become very slow to update and respond when you open consecutive modal dialogs. This issue affects Internet Explorer versions 6 through 11.

    Resolution: To resolve this issue, install updates 2977629 .
  • Issue 5: I am running Internet Explorer 11, but I am not being offered this update.
  • Resolution: For Internet Explorer 11, security update 2962872 is for systems that have the 2929437 update or the 2919355 update installed. Internet Explorer 11 customers have to make sure that the 2929437 update or the 2919355 update is installed before security update 2962872 can be offered to them or installed.
  • Note For Internet Explorer 11 customers who do not have the 2929437 update or the 2919355 update installed, security update 2963952 can be installed instead of security update 2962872. However, security update 2963952 is available only for customers who manage updates by using Windows Server Update Services (WSUS), Microsoft Intune, or Microsoft System Center Configuration Manager.