MS04-011 is a security roll-up package. It is not a cumulative patch because it does not include ALL previous patches, but it does contain patches and updates to fix a number of very serious vulnerabilities in Windows.
The MS04-012 Security Bulletin does contain a cumulative patch which includes all prior patches and updates for the RPC / DCOM vulnerabilities (the flaws that were targeted by worms such as MSBlast and Nachi) as well as addressing a couple of newly discovered RPC / DCOM flaws.
MS04-013 is a cumulative security update for Outlook Express. This patch also addresses a new vulnerability that should concern just about every Windows user out there. The latest Outlook Express vulnerability is particularly critical because it has the potential to be exploited whether you actually use Outlook Express or not.
MS04-014 is related to a flaw in the Microsoft JET Database engine. An attacker who exploits this vulnerability may be able to take complete control of the vulnerable system. Before you start thinking this doesn't apply to you, the JET Database engine is used by a number of products and may be installed on your system even if you aren't aware of it.
- Microsoft Security Bulletin MS04-011
Security Update for Microsoft Windows
Microsoft Criticality: Critical
- Microsoft Security Bulletin MS04-012
Cumulative Update for Microsoft RPC/DCOM
Microsoft Criticality: Critical - Microsoft Security Bulletin MS04-013
Cumulative Security Update for Outlook Express
Microsoft Criticality: Critical - Microsoft Security Bulletin MS04-014
Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution
Microsoft Criticality: Important