Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

MS Security Bulletin Summary - July 2014


  • Please log in to reply
3 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 08 July 2014 - 11:16 AM

FYI...

- https://technet.micr...curity/ms14-jul
July 8, 2014 - "This bulletin summary lists security bulletins released for July 2014...
(Total of -6-)
V1.1 (July 29, 2014): For MS14-037, added an Exploitability Assessment in the Exploitability Index for CVE-2014-4066. This is an informational change only.

Microsoft Security Bulletin MS14-037 - Critical
Cumulative Security Update for Internet Explorer (2975687)
- https://technet.micr...curity/ms14-037
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
V1.1 (July 29, 2014): Corrected the severity table and vulnerability information to add CVE-2014-4066 as a vulnerability addressed by this update. This is an informational change only. Customers who have already successfully installed the update do not have to take any action.
- https://cve.mitre.or...e=CVE-2014-4066

Microsoft Security Bulletin MS14-038 - Critical
Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689)
- https://technet.micr...curity/ms14-038
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-039 - Important
Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685)
- https://technet.micr...curity/ms14-039
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-040 - Important
Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege (2975684)
- https://technet.micr...curity/ms14-040
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-041 - Important
Vulnerability in DirectShow Could Allow Elevation of Privilege (2975681)
- https://technet.micr...curity/ms14-041
Important - Elevation of Privilege - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-042 - Moderate
Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621)
- https://technet.micr...curity/ms14-042
Moderate - Denial of Service - Does not require restart - Microsoft Server Software
___

- http://blogs.technet...in-release.aspx
8 Jul 2014

Deployment Priority, Severity, Exploit Index
- http://blogs.technet....deployment.jpg
___

July 2014 Office Update Release
- http://blogs.technet...te-release.aspx
8 Jul 2014 - "... There are no security updates. There are 36 non-security updates..."
___

- http://www.securityt....com/id/1030532 - MS14-037
- http://www.securityt....com/id/1030531 - MS14-038
- http://www.securityt....com/id/1030535 - MS14-039
- http://www.securityt....com/id/1030536 - MS14-040
- http://www.securityt....com/id/1030537 - MS14-041
- http://www.securityt....com/id/1030538 - MS14-042
___

ISC Analysis
- https://isc.sans.edu...l?storyid=18359
2014-07-08

.


Edited by AplusWebMaster, 04 August 2014 - 07:11 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 14 July 2014 - 12:41 PM

FYI...

MS14-037 KB2962872 issues ...
- http://www.infoworld...lowdowns-246112
July 14, 2014 - "... Posters on the Microsoft Answers forum report that uninstalling KB 2962872 solves the problem.
Flexerasoft has posted a limited workaround:
    Moving the .htm files to a backup folder has been shown to reduce the impact of the issue for some InstallShield customers. Please note that by taking these steps, the InstallShield Start Page and inline help will be limited and navigating to some views may still trigger a crash. Those using this method should save their projects frequently.
    Steps to implement this limited workaround:
    Move *.htm from
    \<ProgramFiles>\InstallShield\<version>\Program\<LanguageCode>
    To a new folder
    \<ProgramFiles>\InstallShield\<version>\Program\<LanguageCode>\HTM-Backup\
    Move *.htm from
    \<ProgramFiles>\InstallShield\<version>\Program\<LanguageCode>Express\
    To a new folder
    \<ProgramFiles>\InstallShield\<version>\Program\<LanguageCode>Express\HTM-Backup\

The workaround lets InstallShield start and run normally, but reports say it crashes on exit. There are also sporadic reports of additional problems with KB 2962872, particularly slowdowns..."
- https://community.fl...soft-KB-2962872
07-11-2014
Microsoft security update KB2962872 (MS14-037) may cause the InstallShield or InstallShield for AdminStudio application to crash...
- http://www.flexeraso...-KB2962872.html
___

MS patches crash Dell Data Protection-Encryption and CMGShield
Black Tuesday patches cause blue screens of death on DDP-E encrypted machines, black recovery screens for CMGShield
- http://www.infoworld...mgshield-246108
July 14, 2014 - "... a group of patches in this month's Black Tuesday crop causes BSODs on PCs encrypted with Dell Data Protection-Encryption or forces CMGShield-protected PCs into a lockup, with a black recovery screen. Although Dell posted information identifying the problem late Thursday in Quick Tip 653764*, there's still no word on precisely which Black Tuesday patches trigger the anti-tampering lockout. There's a fix, but it's complex..."
* http://www.dell.com/...s=&docid=653764
2014-07-10
___

MS14-037: Customers who use PTC Windchill 10.x solutions have
>    reported instability and crashes after the installation of this
>    security update.
- http://communities.p...e/250228#250228
Jul 22, 2014
___

July 2014 Security Bulletin Webcast Q&A
- http://blogs.technet...lletin-q-a.aspx
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 24 July 2014 - 03:51 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 25 July 2014 - 03:29 AM

FYI...

Issue when launching Office apps after applying July 2014 update for Office 365 ProPlus
- http://blogs.technet...65-proplus.aspx
23 Jul 2014 - "Shortly after the release of the July Public Update, we received notification of a potential issue affecting a subset of Office 365 ProPlus users. In some cases, users running Office may not be able to launch Office products after the July 2014 updates are installed.
We have since corrected the issue and will be releasing an updated build 15.0.4631.1004 scheduled to go live by Thursday July 24th. Once the update is available, you can click on “Update Now” from the backstage to get the latest fix.
If you still have issues, then please reboot your computer and try “Update Now.” If you still have issues launching Office applications, as a last resort, please run the Fix It located at [ http://support.micro....com/kb/2739501 ] to uninstall and reinstall the latest bits.
Note: This issue doesn’t affect Volume License customers."
 

:ph34r:


.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 26 July 2014 - 06:23 AM

FYI...

MS Silverlight 5 - July 2014 update
- http://support.micro....com/kb/2977218
Last Review: July 23, 2014 - Rev: 1.0 - "... This update offers a new build (version 5.1.30514.0) that is an upgrade to earlier versions of Silverlight. This update is included in current Silverlight installers... fixed by this update:
A Silverlight application that uses tab-switched controls exhibits a memory leak when you switch between tabs or pages in the application..."
Applies to:
    Microsoft Silverlight 5
    Microsoft Silverlight for Macintosh
    Microsoft Silverlight for Windows
___

Glitches - July Windows/Office updates
- http://windowssecret...office-updates/
July 24, 2014
> MS14-037 (2962872)
> MS14-039 (2975685)
 

:ph34r:


Edited by AplusWebMaster, 26 July 2014 - 03:14 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users