Microsoft Security Bulletin(s) for July 14, 2015

Microsoft Security Bulletin(s) for July 14, 2015
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/techne ··· security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»technet.microsoft.com/li ··· ms15-jul

Critical (4)

Microsoft Security Bulletin MS15-065
Security Update for Internet Explorer (3076321)
»technet.microsoft.com/li ··· ms15-065

Microsoft Security Bulletin MS15-066
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604)
»technet.microsoft.com/li ··· ms15-066

Microsoft Security Bulletin MS15-067
Vulnerability in RDP Could Allow Remote Code Execution (3073094)
»technet.microsoft.com/li ··· ms15-067

Microsoft Security Bulletin MS15-068
Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000)
»technet.microsoft.com/li ··· ms15-068

Important (10)

Microsoft Security Bulletin MS15-058
Vulnerabilities in SQL Server Could Allow Remote Code Execution 3065718
»technet.microsoft.com/li ··· ms15-058

Microsoft Security Bulletin MS15-069
Vulnerabilities in Windows Could Allow Remote Code Execution (3072631)
»technet.microsoft.com/li ··· ms15-069

Microsoft Security Bulletin MS15-070
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3072620)
»technet.microsoft.com/li ··· ms15-070

Microsoft Security Bulletin MS15-071
Vulnerability in Netlogon Could Allow Elevation of Privilege (3068457)
»technet.microsoft.com/li ··· ms15-071

Microsoft Security Bulletin MS15-072
Vulnerability in Windows Graphics Component Could Allow Elevation of Privilege (3069392)
»technet.microsoft.com/li ··· ms15-072

Microsoft Security Bulletin MS15-073
Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102)
»technet.microsoft.com/li ··· ms15-073

Microsoft Security Bulletin MS15-074
Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (3072630)
»technet.microsoft.com/li ··· ms15-074

Microsoft Security Bulletin MS15-075
Vulnerabilities in OLE Could Allow Elevation of Privilege (3072633)
»technet.microsoft.com/li ··· ms15-075

Microsoft Security Bulletin MS15-076
Vulnerability in Windows Remote Procedure Call Could Allow Elevation of Privilege (3067505)
»technet.microsoft.com/li ··· ms15-076

Microsoft Security Bulletin MS15-077
Vulnerability in ATM Font Driver Could Allow Elevation of Privilege (3077657)
»technet.microsoft.com/li ··· ms15-077

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

Edited by NICK_ADSL_UK (Tue 14-Jul-15 18:39:08)

Ehm...
since the Windows Update appears NOT to work any more,
are we expected to download these, specially the CRITICAL ones manually ?
Or does M$ think we would be safe until we update to W 10 ?
Regards,
Martin

In reply to a post by martinsq:

Ehm...
since the Windows Update appears NOT to work any more,

Works for me

I found manually checking for updates took about 10 minutes this month but it definitely is still working.

My two machines updated this month using windows update, one manually and when I went to do the other it had already updated and was waiting for a reboot.

In reply to a post by martinsq:

Ehm...
since the Windows Update appears NOT to work any more,
are we expected to download these, specially the CRITICAL ones manually ?
Or does M$ think we would be safe until we update to W 10 ?
Regards,
Martin

There is no reason martin as to why your OS is not updating that I know of
Have you checked in services and that the update service is on automatic along with Background Intelligent Transfer Service is on.?

Microsoft Security Bulletin MS15-078 - Critical

Vulnerability in Microsoft Font Driver Could Allow Remote Code Execution (3079904)
Published: July 20, 2015
Version: 1.0

Microsoft Knowledge Base Article 3079904.
Suggested actions. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically. Customers who have not enabled automatic updating, or who install updates manually, can use the links in the Affected Software section to download and install the update. See Microsoft Knowledge Base Article 3079904 for more information.
https://technet.microsoft.com/library/security/MS15-078

OK, OK,
the Windows Update did eventually work, took almost 15 min to start on desktop,
and 20+ on laptop..., it used to be 2 or 3 min...., we have 19 mb/s connection.
God help us when Win 10 download becomes available !

And NO, I don't allow automatic upgrades, firstly because it could affect working from home at crucial time, secondly I always wait 7 to 10 days to see if they cause any problems, thirdly I don't need some of the upgrades, i.e. Outlook, Outlook spam filter and others.

I do not like Win 10 'mandatory updates', though as I have Win 7 Pro I maybe able to opt out,
but so far that is as clear as mud....
Recon I will be staying on Win 7 for some months yet !
Regards,
Martin