5 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...lletin/ms14-jan
Jan 14, 2014 - "This bulletin summary lists security bulletins released for January 2014...
(Total of -4-)

Microsoft Security Bulletin MS14-001 - Important
Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)
- https://technet.micr...lletin/ms14-001
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Server Software

Microsoft Security Bulletin MS14-002 - Important
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368)
- https://technet.micr...lletin/ms14-002
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-003 - Important
Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2913602)
- https://technet.micr...lletin/ms14-003
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-004 - Important
Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service (2880826)
- https://technet.micr...lletin/ms14-004
Important - Denial of Service - May require restart - Microsoft Dynamics AX
___

Deployment Priority, Severity, Exploit Index
- https://blogs.techne..._2D00_Final.jpg

- https://blogs.techne...in-release.aspx
____

- https://secunia.com/advisories/56201/ - MS14-001
- https://secunia.com/advisories/55809/ - MS14-002
- https://secunia.com/advisories/56275/ - MS14-003
- https://secunia.com/advisories/56277/ - MS14-004
___

January 2014 Office Update Release
- http://blogs.technet...ice-update.aspx
14 Jan 2014 - "There are 12 security updates (1 bulletin) and 1 non-security update...
SECURITY UPDATES: MS14-001...
NON-SECURITY UPDATES: To improve stability and performance for Outlook 2013...
 • Update for Microsoft Outlook 2013 KB2850061: http://support.micro....com/kb/2850061
 Please note that these updates are all found in their corresponding versions of Office Click-to-Run: Office 2013: 15.0.4551.1512 ..."
___

ISC Analysis
- https://isc.sans.edu...l?storyid=17429
Last Updated: 2014-01-14 18:03:19 UTC

.

Edited by AplusWebMaster, 14 January 2014 - 07:25 PM.

[AplusWebMaster]

FYI...

Update fixes an issue that causes Windows to crash
- http://support.micro...b/2913431/en-us
Last Review: January 14, 2014 - Revision: 1.1 - "This update fixes an issue that may cause a Windows 7 or Windows Server 2008 R2-based computer to crash. This issue occurs when a program that uses Windows Filtering Platform (such as an antivirus program) is running on the computer... This update is available from Windows Update..."
 

[AplusWebMaster]

FYI...

XP - brief extention...
- https://blogs.techne...Redirected=true
15 Jan 2014 - "... To help organizations complete their migrations, Microsoft will continue to provide updates to our antimalware signatures and engine for Windows XP users through July 14, 2015. This does -not- affect the end-of-support date of Windows XP, or the supportability of Windows XP for other Microsoft products, which deliver and apply those signatures. For enterprise customers, this applies to System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune running on Windows XP. For consumers, this applies to Microsoft Security Essentials..."

OS market share
- http://www.netmarket...=10&qpcustomd=0
Dec 2013
 

[AplusWebMaster]

FYI...

Microsoft Security Bulletin MS13-081 - Critical
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)
- http://technet.micro...lletin/ms13-081
V2.0 (January 14, 2014): Rereleased bulletin to announce the reoffering of the 2862330 update to systems running Windows 7 or Windows Server 2008 R2. See the Update FAQ* for details..." *"... Customers who already installed the original update will be re-offered the 2862330 update and are encouraged to apply it at the earliest opportunity..."

- https://web.nvd.nist...d=CVE-2013-3128 - 9.3 (HIGH)

- http://support.micro....com/kb/2862330
"This security update was originally released on October 8, 2013. The security update was rereleased on January 14, 2014, for computers that are running Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP1. The rerelease addresses an issue in which one of the drivers of the USB 2.0 core stack is not updated in some specific computer configurations."
Last Review: Jan 14, 2014 - Revision: 8.0
___

MS13-098: Vulnerability in Windows could allow remote code execution
- http://support.micro....com/kb/2893294
Last Review: Dec 20, 2013 - Revision: 3.0

MS13-101: Security update for Windows kernel-mode drivers
- http://support.micro....com/kb/2893984
Last Review: Dec 17, 2013 - Revision: 2.0

Description of Software Update Services and Windows Server Update Services changes in content for 2014
- http://support.microsoft.com/kb/894199
Last Review: Jan 16, 2014 - Revision: 18.1
 

Edited by AplusWebMaster, 21 January 2014 - 06:29 AM.

[AplusWebMaster]

FYI...

Folder views are not updated when you arrange by categories in Outlook after you apply Exchange Server 2010 Service Pack 3 Update Rollup 3 or Update Rollup 4
- http://support.micro...b/2925273/en-us
"Workaround:
> To work around this problem when you sort messages by categories, you can update the folder view when you select a different folder view, such as Date (Conversations), and then return to the Categories view.
> To work around this problem when it occurs only in online-mode in the Outlook client, you can use Outlook in cached mode. Or, if it is possible, you can use OWA to make the change to the folder view."
Last Review: Feb 3, 2014 - Revision: 4.1
Applies to: Microsoft Exchange Server 2010 Service Pack 3
 

Edited by AplusWebMaster, 03 February 2014 - 05:26 PM.

[AplusWebMaster]

FYI...

MS13-098 - Known issues ...
- http://support.micro...b/2893294/en-us
"... Known issues with this security update:
    After you install this security update on a computer that is running Windows Vista or Windows Server 2008, the computer name might change to "MINWINPC." When this problem occurs, you cannot log on to computer even if you restart the computer. When you try to log on, you may receive an error message that resembles the following:
    The username or password is incorrect.
    This issue occurs when you install the security update on a system that has partly corrupted data or when the following registry key does not exist..."
Last Review: Feb 3, 2014 - Rev: 4.0

MS Security Bulletin MS13-098 - Critical
Vulnerability in Windows Could Allow Remote Code Execution (2893294)
- http://technet.micro...lletin/ms13-098