Microsoft Security Bulletin(s) for march 10, 2015

Microsoft Security Bulletin(s) for march 10, 2015

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
https://technet.microsoft.com/en-us/security/bulletin/

Critical (4)

Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323)
https://technet.microsoft.com/en-us/library/security...

Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (3041836)
https://technet.microsoft.com/en-us/library/security...

Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3040297)
https://technet.microsoft.com/en-us/library/security...

Cumulative Security Update for Internet Explorer (3032359)
https://technet.microsoft.com/en-us/library/security...

Important (10)

Vulnerability in Schannel Could Allow Security Feature Bypass (3046049)
https://technet.microsoft.com/en-us/library/security...


Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (3039976)
https://technet.microsoft.com/en-us/library/security...

Vulnerability in Windows Photo Decoder Component Could Allow Information Disclosure (3035126)

https://technet.microsoft.com/en-us/library/security...

Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass (3030377)
https://technet.microsoft.com/en-us/library/security...

Vulnerability in NETLOGON Could Allow Spoofing (3002657)
https://technet.microsoft.com/en-us/library/security...

Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3040856)

https://technet.microsoft.com/en-us/library/security...

Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680)
https://technet.microsoft.com/en-us/library/security...

Vulnerability in PNG Processing Could Allow Information Disclosure (3035132)
https://technet.microsoft.com/en-us/library/security...

Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege (3034344)
https://technet.microsoft.com/en-us/library/security...

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999)
https://technet.microsoft.com/en-us/library/security...





Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool

Find out if you are missing important Microsoft product updates by using MBSA.

Is it me or do these bulletins never match what you actually get. I just had 32 updates on two up to date Win 8.1 machines.

In reply to a post by Banger:

Is it me or do these bulletins never match what you actually get. I just had 32 updates on two up to date Win 8.1 machines.

Probably Office updates? There has not been 32 updates released for Windows 8 or 8.1 this March.

In reply to a post by Pipexer:

In reply to a post by Banger:

Is it me or do these bulletins never match what you actually get. I just had 32 updates on two up to date Win 8.1 machines.

Probably Office updates? There has not been 32 updates released for Windows 8 or 8.1 this March.

I dont have office and my machine is always up to date, definitely 32 updates in the list.

Actually, you are completely right, I've had a look at another machine and that had 20 or so. Interestingly not as much as for server (which I've been updating).

They are getting a bit out of hand. What is quite promising is that on a test Windows 10 system I have which is really low spec it seems to install updates much quicker compared to my Win 8 machines, hopefully they have made some improvements in the update mechanism to get some speed back. I don't feel it is a *huge* problem for desktop OS (somewhat an irritance though if updating from a fresh install) but on servers it can a bit annoying waiting a long time for the updates to apply.

Is Silverlight worth installing? It's in my optional list.

I've yet to come across any software or websites that need it.

I install it and then at least it is out of the way and out of the list. You do occasionally come across a website that wants it.

In reply to a post by GeoffB:

Is Silverlight worth installing?

I've recently disabled the plug-in in 'Waterfox' whilst trying to establish the cause of my occasionally laggy browsing. My banking site seemed to be waiting for some sort of response and displaying messages related to Silverlight. I haven't had any problem banking since then and (could be my imagination) the login page loads more quickly.

In reply to a post by GeoffB:

Is Silverlight worth installing? It's in my optional list.

It's needed if you want to watch sky or NowTV on your pc...