Technical Discussion
  >> Windows Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User NICK_ADSL_UK
(fountain of knowledge) Tue 11-Nov-14 18:41:31
Print Post

Microsoft Security Bulletin(s) for November 11, 2014


[link to this post]
 
Microsoft Security Bulletin(s) for November 11, 2014

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

https://technet.microsoft.com/library/security/ms14-nov





Critical (5)

Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)

http://go.microsoft.com/fwlink/?LinkId=518106



Cumulative Security Update for Internet Explorer (3003057)

http://go.microsoft.com/fwlink/?LinkId=518103



Vulnerability in Schannel Could Allow Remote Code Execution (2992611)

http://go.microsoft.com/fwlink/?LinkId=518112



Vulnerability in XML Core Services Could Allow Remote Code Execution [299395]

http://go.microsoft.com/fwlink/?LinkId=513100



MS14-068 Release date to be determined



Important (9)

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)

http://go.microsoft.com/fwlink/?LinkId=518105



Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)

http://go.microsoft.com/fwlink/?LinkId=507675



Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)

http://go.microsoft.com/fwlink/?LinkId=518113



Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)

http://go.microsoft.com/fwlink/?LinkId=518107



Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)

http://go.microsoft.com/fwlink/?LinkId=513105



Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)

http://go.microsoft.com/fwlink/?LinkId=518111



MS14-075 Release date to be determined



Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass [298299]

http://go.microsoft.com/fwlink/?LinkId=509986



Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3003381)

http://go.microsoft.com/fwlink/?LinkId=518108





Moderate (2)

Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (3005210)

http://go.microsoft.com/fwlink/?LinkId=509952



Vulnerability in Kernel Mode Driver Could Allow Denial of Service (3002885)

http://go.microsoft.com/fwlink/?LinkId=518110



Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

Wilders Security Admin
Microsoft MVP - Consumer Security


For the latest in virus software signatures
From the Security specialists
Wilders security

Keep Your Security /Software Current
Upgrades, Updates & Definitions
Major Geeks

Microsoft Security Advisories
Standard User MrTAToad2
(eat-sleep-adslguide) Thu 13-Nov-14 01:12:46
Print Post

Re: Microsoft Security Bulletin(s) for November 11, 2014


[re: NICK_ADSL_UK] [link to this post]
 
Which of these fixes a 19 year old bug?

Now with plusnet
Twitter
Standard User GeoffB
(fountain of knowledge) Thu 13-Nov-14 05:45:52
Print Post

Re: Microsoft Security Bulletin(s) for November 11, 2014


[re: MrTAToad2] [link to this post]
 
I'll be installing in a few weeks - the last lot made my machine unstable and very slow until I did a restore. A couple of weeks later I re-installed and no issues. With this number of updates I think automatic updates should be a thing of the past!

Dell Studio1558 with Win7 Home Premium
8GB RAM
HP Pavilion netbook Win8 8GB RAM
IE11 and Live Mail
BT Infinity 2 via HH5
(Virgin 150Mbs as backup)


Register (or login) on our website and you will not see this ad.

Standard User NICK_ADSL_UK
(fountain of knowledge) Thu 13-Nov-14 17:20:32
Print Post

Re: Microsoft Security Bulletin(s) for November 11, 2014


[re: MrTAToad2] [link to this post]
 
In reply to a post by MrTAToad2:
Which of these fixes a 19 year old bug?

this is the one i belive
Microsoft Security Bulletin MS14-064 - Critical

Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)


Published: November 11, 2014

https://technet.microsoft.com/library/security/MS14-064

Wilders Security Admin
Microsoft MVP - Consumer Security


For the latest in virus software signatures
From the Security specialists
Wilders security

Keep Your Security /Software Current
Upgrades, Updates & Definitions
Major Geeks

Microsoft Security Advisories
Standard User bobble_bob
(fountain of knowledge) Thu 13-Nov-14 22:00:38
Print Post

Re: Microsoft Security Bulletin(s) for November 11, 2014


[re: GeoffB] [link to this post]
 
I have mine set to download them but let me install them manually. That way i can wait a few days and make sure they're ok

Only problem is Windows moans if you have that setting, it prefers to have them install automatically
Standard User MrTAToad2
(eat-sleep-adslguide) Fri 14-Nov-14 01:49:23
Print Post

Re: Microsoft Security Bulletin(s) for November 11, 2014


[re: NICK_ADSL_UK] [link to this post]
 
Ah, thanks

Now with plusnet
Twitter
Standard User NICK_ADSL_UK
(fountain of knowledge) Tue 18-Nov-14 18:18:53
Print Post

Re: Microsoft Security Bulletin(s) for November 11, 2014


[re: NICK_ADSL_UK] [link to this post]
 
Out-of-band release for Security Bulletin MS14-068

On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows.

We strongly encourage customers to apply this update as soon as possible, following the directions in the security bulletin.



More information about this bulletin can be found at Microsoft’s Advance Notification Service page.



Tracey Pretorius, Director

Response Communications



https://technet.microsoft.com/en-us/library/security...

Wilders Security Admin
Microsoft MVP - Consumer Security


For the latest in virus software signatures
From the Security specialists
Wilders security

Keep Your Security /Software Current
Upgrades, Updates & Definitions
Major Geeks

Microsoft Security Advisories
Standard User NICK_ADSL_UK
(fountain of knowledge) Tue 18-Nov-14 18:28:38
Print Post

Re: Microsoft Security Bulletin(s) for November 11, 2014


[re: NICK_ADSL_UK] [link to this post]
 
********************************************************************

Title: Microsoft Security Bulletin Releases

Issued: November 18, 2014

********************************************************************

Summary

=======

The following bulletin has been released.

* MS14-068 - Critical

The following bulletins have undergone a major revision increment.

* MS14-066 - Critical

* MS14-NOV



Bulletin Information:

=====================

MS14-068 - Critical

- https://technet.microsoft.com/library/security/ms14-068

- Reason for Revision: V1.0 (November 18, 2014): Bulletin

published.

- Originally posted: November 18, 2014

- Updated: November 18, 2014

- Bulletin Severity Rating: Critical

- Version: 1.0



MS14-066 - Critical

- https://technet.microsoft.com/library/security/ms14-066

- Reason for Revision: V2.0 (November 18, 2014): Bulletin revised

to announce the reoffering of the 2992611 update to systems

running Windows Server 2008 R2 and Windows Server 2012. The

reoffering addresses known issues that a small number of

customers experienced with the new TLS cipher suites that were

included in the original release. Customers running Windows

Server 2008 R2 or Windows Server 2012 who installed the 2992611

update prior to the November 18 reoffering should reapply the

update. See Microsoft Knowledge Base Article 2992611 for more

information.

- Originally posted: November 11, 2014

- Updated: November 18, 2014

- Bulletin Severity Rating: Critical

- Version: 2.0



MS14-NOV

- https://technet.microsoft.com/library/security/ms14-nov

- Reason for Revision: V2.0 (November 18, 2014): Bulletin Summary

revised to document the out-of-band release of MS14-068 and,

for MS14-066, to announce the reoffering of the 2992611 update

to systems running Windows Server 2008 R2 and Windows Server

2012. See the respective bulletins for more information.

- Originally posted: November 11, 2014

- Updated: November 18, 2014

- Version: 2.0

Wilders Security Admin
Microsoft MVP - Consumer Security


For the latest in virus software signatures
From the Security specialists
Wilders security

Keep Your Security /Software Current
Upgrades, Updates & Definitions
Major Geeks

Microsoft Security Advisories
  Print Thread

Jump to