After much upset and considerable hoopla about potential issues with items in the May 13 Patch Tuesday updates — a considerable collection of 9 separate Security Bulletin IDs in the May 2014 Security Bulletin, that resulted in anywhere from 32 to 35 items in Update History on my various Windows 8.* PCs, and 16-odd items in Update History on Windows 7 machines — installation and subsequent operation seem to be proceeding with nary a hiccup nor complaint from the 10 or so machines in my current stable.
For example, on my primary production machine (an i7-2700K Sandy Bridge build), of the 34 items showing in Update History for 5/13, 16 elements were not related to MS Office — and covered Windows 8.1 itself mostly, with elements for .NET, One Drive, Internet Explorer and Flash, and more — and 18 elements involved security and other updates to Office 2013 or various components thereof. Other machines (which ranged from 32 to 35 elements added in total) showed a similar distribution, with a nearly even split between Office and non-Office elements. Here’s a snapshot of the lengthy list of elements from the aforementioned PC from yesterday:
This time around, there’s a long list of items to ponder from Patch Tuesday (click image for full-size version).
Overall, download size averaged between 900 MB and 1 GB for the various elements involved. With one element optional, and the others all important (more on that next), I elected to download the important elements in a single go, and the optional element in a separate go, which required two reboots to get through the update process completely. On most of my machines, that took about 20 minutes to complete (but YMMV, depending on download speed and how quickly PCs reboot and start up). In fact, a colleague told me that one of her PCs took nearly an hour to chunk all the way through the update process from start to finish.
Interestingly, the item that appears as KB2953522 in the list equates with MS Security Bulletin MS14-029 shows up in the Update History as an “Important” update, but in the May 2014 Security Bulletin it’s listed as “Critical” (Remote Code Execution). I’m not sure what’s going on with this apparent discrepancy, but this is considered a key patching item to avoid known and potential exploits on Windows 8.* PCs (and other current versions of Windows, as it apparently extends to versions of IE from 6 through 11). There had been some speculation that Microsoft would provide an XP patch for this item as well to provide protection beyond the “end of life” date reached last month, but its receives no mention in MS14-029, nor do there seem to be any new “patch bits” available for the now-defunct and unsupported OS through normal channels. Presumably those parties who’ve paid for extended support for XP will have received something, but I’ve seen no news about this so far (MS14-021, which was severe enough to warrant an out-of-band patch released on May 1, 2014, did include XP coverage, however). Larry Seltzer offers some interesting ruminations on this topic late yesterday via ZDNet in a post entitled “Microsoft patches Office, SharePoint and Windows, leaves XP behind” (worth reading). He also covers all the key elements in the latest round of patches and updates.