On April 14, Microsoft is rolling out a number of updates as part of a new Patch Tuesday. For the month of April, the software giant is releasing eleven security updates — four of the updates are rated Critical and the remaining seven updates are rated Important, fixing a total of 26 different vulnerabilities in Internet Explorer, Office, Windows 8.1, Windows RT, Windows 7, and Windows Server.
The updates rated as Critical deal with vulnerabilities in Internet Explorer (KB3038314), Microsoft Office (KB3048019), and Windows (KB3042553 and KB3046306) that could allow remote code execution if the user views a specially crafted web page using Internet Explorer or open a specially crafted Office documents or attacker sends a specially crafted HTTP request to an affected Windows system.
Microsoft is also rolling out seven Important updates to patch SharePoint server, Windows Task Scheduler, and Windows that could allow elevation of privilege. Furthermore, there is an update that fixes a vulnerability in XML core services that could allow security feature bypass. KB304511 deals with Active Directory Federation services that could allow information disclosure. KB3048010 fixes vulnerability in .NET Framework and KB3047234 patches vulnerability in Windows Hyper-V that could allow denial of service attacks.
Thus far it appears that Microsoft won’t be releasing a new firmware update for Surface tablets on April, not even for Surface Pro 3. It also seems that there is not new updates in April for Windows 10 Technical Preview.
As always, if you have enabled automatic update, these updates will install automatically. However, you can always go to Windows Update from the Control Panel and install all the February updates manually.