Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

MS Security Bulletin Summary - August 2014


  • Please log in to reply
6 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 12 August 2014 - 11:26 AM

FYI...

- https://technet.micr...curity/ms14-aug
August 12, 2014 - "This bulletin summary lists security bulletins released for August 2014...
(Total of -9-)

Microsoft Security Bulletin MS14-051 - Critical
Cumulative Security Update for Internet Explorer (2976627*)
- https://technet.micr...curity/MS14-051
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
> https://support.micr....com/kb/2976627
Aug 12, 2014 - Rev: 2.0 - "This security update 2976627 resolves one -publicly- disclosed and -25- privately reported vulnerabilities in Internet Explorer..."
* https://support.micr....com/kb/2976627
Last Review: Aug 15, 2014 - Rev: 4.0

Microsoft Security Bulletin MS14-043 - Critical
Vulnerability in Windows Media Center Could Allow Remote Code Execution (2978742)
- https://technet.micr...curity/ms14-043
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-048 - Important
Vulnerability in OneNote Could Allow Remote Code Execution (2977201)
- https://technet.micr...curity/MS14-048
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS14-044 - Important
Vulnerabilities in SQL Server Could Allow Elevation of Privilege (2984340)
- https://technet.micr...curity/MS14-044
Important - Elevation of Privilege - May require restart - Microsoft SQL Server

Microsoft Security Bulletin MS14-045 - Important
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2984615)
- https://technet.micr...curity/MS14-045
Important - Elevation of Privilege - Requires restart - Microsoft Windows
V2.0 (August 15, 2014): Bulletin revised to -remove- Download Center links for Microsoft security update 2982791. Microsoft recommends that customers -uninstall- this update. See the Update FAQ for details.
V3.0 (August 27, 2014): Bulletin rereleased to announce the replacement of the 2982791 update with the 2993651 update* for all supported releases of Microsoft Windows. See the Update FAQ for details.

Microsoft Security Bulletin MS14-049 - Important
Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (2962490)
- https://technet.micr...curity/MS14-049
Important - Elevation of Privilege - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-050 - Important
Vulnerability in Microsoft SharePoint Server Could Allow Elevation of Privilege (2977202)
- https://technet.micr...curity/MS14-050
Important - Elevation of Privilege - May require restart - Microsoft Server Software

Microsoft Security Bulletin MS14-046 - Important
Vulnerability in .NET Framework Could Allow Security Feature Bypass (2984625)
- https://technet.micr...curity/MS14-046
Important - Security Feature Bypass - May require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS14-047 - Important
Vulnerability in LRPC Could Allow Security Feature Bypass (2978668)
- https://technet.micr...curity/MS14-047
Important - Security Feature Bypass - Requires restart - Microsoft Windows
___

- http://blogs.technet...ty-updates.aspx
12 Aug 2014

Deployment Priority, Severity, and Exploit Index
- http://blogs.technet...mentAug2014.jpg
___

August 2014 Office Update Release
- http://blogs.technet...te-release.aspx
12 Aug 2014 - "... There are 3 security updates (3 bulletins) and 25 non-security updates..."
Aug 13, 2014 - "UPDATE: An issue has been discovered in the non-security Outlook 2013 update (KB 2881011) that prevents some users from opening archive folders.  We have removed this update from availability and released a new update, KB2889859 that fixes the issue.  Additionally, KB2992644, has more information on the specific issue.  We apologize for any inconvenience."
___

- http://www.securityt....com/id/1030714 - MS14-043
- http://www.securityt....com/id/1030716 - MS14-044
- http://www.securityt....com/id/1030718 - MS14-045
- http://www.securityt....com/id/1030721 - MS14-046
- http://www.securityt....com/id/1030722 - MS14-047
- http://www.securityt....com/id/1030717 - MS14-048
- http://www.securityt....com/id/1030719 - MS14-049
- http://www.securityt....com/id/1030720 - MS14-050
- http://www.securityt....com/id/1030715 - MS14-051
___

ISC Analysis
- https://isc.sans.edu...l?storyid=18521
2014-08-12

.


Edited by AplusWebMaster, 06 September 2014 - 09:34 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 14 August 2014 - 05:26 AM

FYI...

BSOD - Blue Screen Stop 0x050 error reported for systems installing KB2976897, KB2982791, and KB2970228
Two of Microsoft's kernel-mode driver updates - which often cause problems -- are triggering a BSOD error message on some Windows systems
- http://www.infoworld...b2970228-248363
Aug 14, 2014 - "Details at this point are sparse, but it looks like three different patches from this week's Black Tuesday crop are causing Blue Screens with a Stop 0x50 error on some systems. If you're hitting a BSOD, you can help diagnose the problem (and perhaps prod Microsoft to find a solution) by adding your voice to the Microsoft Answers Forum thread* on the subject. Problematic kernel-mode driver updates aren't unusual at all. Now that Microsoft is releasing more of them, problems seem to be cropping up more frequently.
In this case, two MS14-045/KB 2984615 kernel-mode driver patches, KB2976897 and KB2982791, have been implicated in triggering Blue Screen Stop 0x50 messages. Oddly, that Windows 8.1 "Update 2" fix that adds the ruble character as an official currency marker in Win 8.x and Win7, KB 2970228, seems to be causing the problem, too. At this point there's no word on possible causes, although several people have identified their operating systems as 64-bit Windows 7..."
* http://answers.micro...e2-a78fe68766fd

> https://technet.micr...curity/MS14-045
 

:ph34r: :ph34r:  <_<


.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 16 August 2014 - 04:04 AM

FYI...

MS14-045 - See "Known issues" ...
- https://support.micr....com/kb/2982791
Last Review: August 19, 2014 - Revision: 4.2 - "... Status:
Microsoft has -removed- the download links to these updates while these issues are being investigated...
Mitigations: Open the Programs and Features item in Control Panel, and then click View installed updates. Find and then -uninstall- any of the following update that are currently installed:
    KB2982791
    KB2970228
    KB2975719
    KB2975331 ..."
(More detail at the URL above.)

- https://technet.micr...curity/ms14-045
V2.0 (August 15, 2014): Bulletin revised to -remove- Download Center links for Microsoft security update 2982791. Microsoft recommends that customers -uninstall- this update. See the Update FAQ for details.
V3.0 (August 27, 2014): Bulletin rereleased to announce the replacement of the 2982791 update with the 2993651 update* for all supported releases of Microsoft Windows. See the Update FAQ for details.
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 27 August 2014 - 01:48 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 18 August 2014 - 08:18 PM

FYI...

August 2014 Security Bulletin Webcast Q&A
- http://blogs.technet...nd-q-amp-a.aspx
18 Aug 2014 - "Today, we published the August 2014 Security Bulletin webcast questions and answers page*... We answered ten questions on air, with the majority focusing on the update for Internet Explorer... We are aware of some issues related to the recent updates and are working on a fix. For more information please read KB 2982791**..."

* http://blogs.technet...lletin-q-a.aspx
Aug 13, 2014

** https://support.micr....com/kb/2982791
Last Review: Aug 19, 2014 - Rev: 4.2
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 20 August 2014 - 04:32 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#5 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 26 August 2014 - 04:11 AM

FYI...

Internet Explorer may become slow or unresponsive when web applications implement consecutive modal dialog boxes
- https://support.micr....com/kb/2991509
Last Review: Aug 21, 2014 - Rev: 2.0 - "After you apply the MS14-037 or MS14-051 cumulative security update for Internet Explorer, web applications that implement consecutive modal dialog boxes may cause Internet Explorer to become slow and unresponsive over time. This issue occurs in Internet Explorer versions 7 through 11..."

- https://support.micr...9#prerequisites
"Prerequisites: You -must- have MS14-051* Cumulative security update for Internet Explorer installed to apply this hotfix... You -must-  restart the computer after you apply this update..."

* https://support.micr....com/kb/2976627

MS14-051 Issue fix KB2991509 not available for Windows 8 x64
- http://social.techne...itprocurrentver
___

- http://blogs.msmvps....he-4th-tuesday/
August 25th, 2014 - "With no hint of a re-release of the kernel updates that caused the bsod’s. On the one hand it’s good to only release it when it’s ready, on the other hand, it’s a bit concerning that it’s talking this long to come out with a rereleased version."
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 27 August 2014 - 06:11 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#6 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 27 August 2014 - 01:22 PM

FYI...

MS14-045 rereleased
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2984615)
- https://technet.micr...y/ms14-045.aspx
V3.0 (August 27, 2014): Bulletin rereleased to announce the replacement of the 2982791 update with the 2993651 update* for all supported releases of Microsoft Windows. See the Update FAQ for details.

* https://support.micr....com/kb/2993651
Last Review: Aug 28, 2014 - Rev: 3.0

- http://blogs.technet...rereleased.aspx
27 Aug 2014
___

- http://www.infoworld...own-bugs-249342
Aug 28, 2014 - "... As of early this morning, one Windows 8 user was reporting black screens* with the -new- patch, KB 2993651. Answers Forum posters pacman10, JohnBurgessUK, and chadlan can't get Windows Update to check for new updates after installing KB 2993651 (although rseiler reports all's well). It's too early to tell for sure, but there may be more problems with the -new- patch..."
* http://answers.micro...68766fd?page=56
___

- http://www.computerw...-crippling.html
Aug 22, 2014 - "... end users and IT administrators alike, who have all tried to explain what they see as a -decline- in the quality of Microsoft's software updates. Some of that speculation has revolved around the July job cuts \ Microsoft made in the U.S., where according to many accounts a large number of software test engineers were let go..."
 
 
'Maybe just made it -worse- re: the "Dear Mr. Ballmer" open letter:
 
- http://blogs.msmvps....my-email-today/
>> Sep 12th, 2013
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 28 August 2014 - 03:43 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#7 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 03 September 2014 - 01:35 PM

FYI...

Poor network performance on virtual machines on a Win Svr 2012 Hyper-V host if VMQ is enabled
- https://support.micr....com/kb/2902166
Last Review: Aug 29, 2014 - Rev: 3.0 - "... This is a known issue with Broadcom network adapter drivers when VMQ is enabled. The following Broadcom network adapters are affected:
57712, 57800, 57810, 57840 ..."
___

- http://blogs.msmvps....adcomnicsagain/
Aug 31, 2014
 

:ph34r:


.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users