6 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...lletin/ms13-oct
October 08, 2013 - "This bulletin summary lists security bulletins released for October 2013...
(Total of -8-)

Microsoft Security Bulletin MS13-080 - Critical
Cumulative Security Update for Internet Explorer (2879017)
- http://technet.micro...lletin/ms13-080
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
V1.2 (October 8, 2013): Bulletin revised to announce that the 2884101 update is available via Windows Update.
V1.3 (October 10, 2013): Bulletin revised to remove CVE-2013-3871 from the vulnerabilities addressed by this update. Including this CVE in the original security bulletin text was a documentation error. CVE-2013-3871 is scheduled to be addressed in a future security update. This is an informational change only. Customers who have already successfully updated their systems do not need to take any action.

- http://support.micro....com/kb/2884101
Last Review: October 8, 2013 - Revision: 2.0

Microsoft Security Bulletin MS13-081 - Critical
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)
- http://technet.micro...lletin/ms13-081
Critical - Remote Code Execution - Requires restart - Microsoft Windows
V1.1 (October 9, 2013): Bulletin revised to announce a detection change to correct an offering issue for the 2847311 update for Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) and Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation). This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.

Microsoft Security Bulletin MS13-082 - Critical
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890)
- http://technet.micro...lletin/ms13-082
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework
V1.1 (October 10, 2013): Bulletin revised to indicate that Server Core installations of Windows Server 2012 are affected by the vulnerability addressed in the 2861194 update. This is an informational change only. There were no changes to the detection logic or the security update files. Customers who have already successfully updated their systems do not need to take any action.

Microsoft Security Bulletin MS13-083 - Critical
Vulnerability in Windows Common Control Library Could Allow Remote Code Execution
- http://technet.micro...lletin/ms13-083
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS13-084 - Important
Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)
- http://technet.micro...lletin/ms13-084
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Server Software

Microsoft Security Bulletin MS13-085 - Important
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080)
- http://technet.micro...lletin/ms13-085
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS13-086 - Important
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084)
- http://technet.micro...lletin/ms13-086
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS13-087 - Important
Vulnerability in Silverlight Could Allow Information Disclosure (2890788)
- http://technet.micro...lletin/ms13-087
Important - Information Disclosure - Does not require restart - Microsoft Silverlight
___

- http://blogs.technet...Redirected=true
"... eight bulletins – four Critical and four Important - which address 26 unique CVEs in Microsoft Windows, Internet Explorer, SharePoint, .NET Framework, Office, and Silverlight... resolves 10 issues in Internet Explorer..."

Bulletin Deployment Priority
- https://blogs.techne...00_Priority.jpg

Severity and Exploitability Index
- https://blogs.techne...00_Severity.jpg
___

- http://blogs.technet...te-release.aspx
8 Oct 2013 - "The October 2013 Public Update release for Office is now live. There are 24 security updates (3 bulletins) and 35 non-security updates..."
(Long list at the URL above.)
___

- https://secunia.com/advisories/54884/ - MS13-080
- https://secunia.com/advisories/55052/ - MS13-081
- https://secunia.com/advisories/55043/ - MS13-082
- https://secunia.com/advisories/55106/ - MS13-083
- https://secunia.com/advisories/55131/ - MS13-084
- https://secunia.com/advisories/55141/ - MS13-085
- https://secunia.com/advisories/55143/ - MS13-086
- https://secunia.com/advisories/55149/ - MS13-087
___

ISC Analysis
- https://isc.sans.edu...l?storyid=16760
Last Updated: 2013-10-08 17:30:03 UTC

.

Edited by AplusWebMaster, 10 October 2013 - 03:36 PM.

[AplusWebMaster]

FYI...

KB 2878890 patch brings back two-year-old KB 951847 - repeatedly...
- http://www.infoworld...peatedly-228538
Oct 10, 2013 - "Another Black Tuesday, another -botched- patch. Applying this week's KB 2878890* patch on some Windows XP and Server 2003 SP2 machines causes a two-year-old .Net Framework roll-up patch, KB 951847**, to resurface. Windows Update not only prompts WinXP/Server 2003 users to (re-)install the big, old .Net patch, it keeps pestering over and over again to (re-)install it, even if the WU install logs say it's been installed. Fortunately, there's a fix. Although we don't yet know the details - and Microsoft hasn't acknowledged, much less fixed, the problem - there's a steady stream of complaints, comments, and questions about the botched patch on Microsoft's Answers forum. The problem seems to affect older WinXP/Server 2003 installations, likely those with older versions of .Net Framework installed. Advice from the forum mods (who haven't received definitive guidance from Microsoft yet) is that turning off KB 951847 - unchecking the box on the Windows Update list - is a prudent way to get rid of the annoyance..."
* http://technet.micro...lletin/MS13-082
V1.0 Oct 8, 2013

... MAY be:
- http://support.micro....com/kb/2861189
Last Review: October 8, 2013 - Revision: 1.0
** http://support.microsoft.com/kb/951847
Last Review: August 18, 2011 - Revision: 9.0

MS13-082 ...
- http://www.infoworld...ment-1077827614
"... The specific KB number you see depends on which version of Windows you're using and which version of .NET is being patched. There's a full list of KB numbers/patch files in the KB 2878890 article here: http://support.micro....com/kb/2878890 ... . I count 18 of them..."
___

MS13-081: Description of the security update for USB drivers: October 8, 2013
- http://support.micro....com/kb/2862330
[Oct 11 ... now -unchecked- in Download list - Win7. Problems likely "under investigaton"...]
___

- https://windowssecre...cleanup-update/
Susan Bradley - Oct 10, 2013 - "... rated critical for all supported desktop versions of Internet Explorer... Along with the vulnerability reported in the Sept. 17 MS Security Advisory, the update covers -nine- related vulnerabilities...
- What to do: Install KB 2879017 (MS13-080*) as soon as offered..."
* http://technet.micro...lletin/MS13-080
V1.3 (October 10, 2013): Bulletin revised to remove CVE-2013-3871 from the vulnerabilities addressed by this update. Including this CVE in the original security bulletin text was a documentation error. CVE-2013-3871 is scheduled to be addressed in a future security update. This is an informational change only. Customers who have already successfully updated their systems do not need to take any action.
- http://support.micro....com/kb/2879017
Last Review: October 9, 2013 - Revision: 4.0
Applies to:
•Internet Explorer 11
•Internet Explorer 10
•Windows Internet Explorer 9
•Windows Internet Explorer 8
•Windows Internet Explorer 7
•Microsoft Internet Explorer 6.0 ...
___

Update is available that enables you to delete outdated Windows updates by using a new option in the Disk Cleanup wizard in Windows 7 SP1
- http://support.micro...b/2852386/en-us
"... Status: Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section...
Last Review: October 8, 2013 - Revision: 1.0
Applies to:
Windows 7 Service Pack 1, when used with:
Windows 7 Enterprise
Windows 7 Home Basic
Windows 7 Home Premium
Windows 7 Professional
Windows 7 Starter
Windows 7 Ultimate ..."

Edited by AplusWebMaster, 11 October 2013 - 07:30 AM.

[AplusWebMaster]

FYI...

MS13-081 KB2862330 update "problems" ...
- http://msmvps.com/bl...e-problems.aspx
Sat, Oct 12 2013

"Microsoft 'Confirms' KB2862330 Windows 7 Update 'Problems':
- http://news.softpedi...ms-390567.shtml

So let's get the story straight. KB2862330 from the moment it was released indicated it might need -two- reboots to be properly installed.
Microsoft stated that in the known issues* section at the top of the security bulletin from the moment it was released.
The system will reboot, start again and rather than coming up, will just restart a second time. It's expected and -not- a bug.
There are a few folks seeing issues with this update and quite frankly I expect it. This is a lot of updates in the kernel section with impact to usb drivers. Where we have a ton of third party development. And not always the greatest third party development.
So let's not blow these statements out of proportion to the reality."

MS13-081: Description of the security update for USB drivers
* http://support.micro....com/kb/2862330
Last Review: October 8, 2013 - Revision: 1.0
"Known issues with this security update: After you install security update 2862330, your computer may restart two times. For more information updates that require multiple restart, click the following article number to view the article in the Microsoft Knowledge Base:
2894518** Software updates that require multiple reboots may cause task sequence failure within Configuration Manager"
** http://support.micro....com/kb/2894518
Last Review: October 9, 2013 - Revision: 8.0

Edited by AplusWebMaster, 13 October 2013 - 06:37 AM.

[AplusWebMaster]

FYI...

MS13-081 - Critical ... V1.2
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)
- http://technet.micro...lletin/ms13-081
V1.1 (October 9, 2013): Bulletin revised to announce a detection change to correct an offering issue for the 2847311 update for Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) and Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation). This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
V1.2 (October 16, 2013): For update 2855844*, corrected the update replacement for Windows 7 for 32-bit Systems Service Pack 1, Windows 7 for x64-based Systems Service Pack 1, and Windows Server 2008 R2 for x64-based Systems Service Pack 1. This is an informational change only.

* http://support.micro....com/kb/2855844
Oct 8, 2013 - Revision: 1.0

[AplusWebMaster]

FYI...

MS13-081 ...
- http://support.micro....com/kb/2862330
Last Review: Oct 29, 2013 - Rev 3.0
(See: "Known issues")

- http://msmvps.com/bl...own-issues.aspx
Oct 18 2013
___

Botched patch installs .Net Framework 3.5 without warning or consent - even on systems that have studiously avoided .Net
- http://www.infoworld...-problem-229062
Oct 18, 2013

Edited by AplusWebMaster, 06 November 2013 - 04:49 PM.

[AplusWebMaster]

FYI...

MS13-081/KB 2862330 went down the automatic update chute, triggering blue screens and endless re-installs. It still isn't fixed
- http://www.infoworld...000000ca-230201
Nov 5, 2013 - "Last month's Black Tuesday crop included yet another stinker: MS13-081*/KB 2862330**, a "critical" Windows USB driver update that reaches into the Windows kernel, modifying all the USB 2.0 driver programs. Microsoft knew before the patch was released that it had an odd double-reboot tendency... As it turns out, that was the least of MS13-081's worries. The day after the patch appeared, Microsoft's Answers forum lit up with complaints. Here's a partial list of the problems Windows customers have experienced, after installing the patch:
• Windows 7 and Windows Server 2008 R2 may throw up a Blue Screen 0x000000D1 or 0x000000CA or 9x00000050 upon boot.
• Windows 7 and Server 2008 R2 machines may reboot, then stall at 32 percent. The only solution is to unplug the machine, then run a system restore -- necessary because the reboots stall at the same point in an endless cycle.
• After an extended period of time on reboot, Windows 2008 R2 shows the message "Please wait for modules installer," then "Failure configuring windows updates reverting change." Windows rolls back the changes, but tries to do them again.
• Windows XP has the same infinite-loop installation of the patch.
• There are also reports of failing USB keyboards and mice - at least one user reports his Microsoft Mouse won't work after installing the patch.
To date, I've seen no indication that Microsoft has isolated the source of the problem. There is no new version of the patch. There is, however, a very convoluted series of manual patching steps you can take if you feel an urgent need to install the patch. Look for the three scenarios in the KB 2862330 article. It helps if you have a degree in Computer Science. Although Microsoft hasn't completely pulled the patch - it still appears as an Important update in Windows 7 Automatic Update - the selection box is unchecked. Unless you manually check the box, the update will -not- be installed. The universal advice at this point is to refrain from installing the patch - hide it in Automatic Update if you have to. Since the patch is no longer installed by default, and almost a month after its release we still don't have an update, it's a safe assumption that the patch isn't quite as pressing as its "Critical" rating might indicate."
* http://technet.micro...lletin/ms13-081

** http://support.micro....com/kb/2862330
Last Review: Oct 29, 2013 - Rev 3.0
 

Edited by AplusWebMaster, 06 November 2013 - 04:53 PM.

[AplusWebMaster]

FYI...

MS Office 2010 SP2 ...
- http://support.micro....com/kb/2883156
Last Review: Oct 24, 2013 - Revision: 2.0 - "After you apply Microsoft Office 2010 Service Pack 2 (SP2), users may see many Event ID 27 warnings from Outlook in the Application log. This issue occurs for users who have a PST attached to their profile...
Status: Microsoft is researching this problem and will post more information in this article when it becomes available..."