The update provided in MS14-002 fully addresses the issue first described in Security Advisory 2914486.http://blogs.technet.com/b/msrc/archive/2014/01/09/advance-notification-service-for-the-january-2014-security-bulletin-release.aspx
Oracle Java SE Executive Summary
This Critical Patch Update contains 36 new security fixes for Oracle Java SE. 34 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.
The highest CVSS Base Score of vulnerabilities affecting Oracle Java SE is 10.0
The Oracle Java SE components affected by vulnerabilities that are fixed in this Critical Patch Update are:
Priority rating は 1