Severity Rating: Critical
Revision Note: V1.1 (May 1, 2014): Bulletin revised to specify that the latest cumulative security update for Internet Explorer must be installed prior to installing MS14-021. See the Update FAQ for details.
Summary: This security update resolves a publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.