Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

MS Security Bulletin Summary - Nov 2014


  • Please log in to reply
7 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 11 November 2014 - 02:30 PM

FYI...

- https://technet.micr...curity/ms14-nov
Nov 11, 2014 - "This bulletin summary lists security bulletins released for November 2014...
(Total of -14-)

Microsoft Security Bulletin MS14-064 - Critical
Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)
- https://technet.micr...curity/MS14-064
Critical - Remote Code Execution - May requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-065 - Critical
Cumulative Security Update for Internet Explorer (3003057)
- https://technet.micr...curity/MS14-065
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS14-066 - Critical
Vulnerability in Schannel Could Allow Remote Code Execution (2992611)
- https://technet.micr...curity/MS14-066
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-067 - Critical
Vulnerability in XML Core Services Could Allow Remote Code Execution (2993958)
- https://technet.micr...curity/MS14-067
Critical - Remote Code Execution - May require restart - Microsoft Windows

MS14-068: Release date to be determined.

Microsoft Security Bulletin MS14-069 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)
- https://technet.micr...curity/MS14-069
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS14-070 - Important
Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)
- https://technet.micr...curity/MS14-070
Important - Elevation of Privilege - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-071 - Important
Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)
- https://technet.micr...curity/MS14-071
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-072 - Important
Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
- https://technet.micr...curity/MS14-072
Important - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS14-073 - Important
Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)
- https://technet.micr...curity/MS14-073
Elevation of Privilege - May require restart - Microsoft Server Software

Microsoft Security Bulletin MS14-074 - Important
Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)
- https://technet.micr...curity/MS14-074
Important - Security Feature Bypass - Requires restart - Microsoft Windows

MS14-075: Release date to be determined.

Microsoft Security Bulletin MS14-076 - Important
Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass (2982998)
- https://technet.micr...curity/MS14-076
Important - Security Feature Bypass - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-077 - Important
Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3003381)
- https://technet.micr...curity/MS14-077
Important - Information Disclosure - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-078 - Moderate
Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719)
- https://technet.micr...curity/MS14-078
Moderate - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft Office

Microsoft Security Bulletin MS14-079 - Moderate
Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (3002885)
- https://technet.micr...curity/MS14-079
Moderate - Denial of Service - Requires restart - Microsoft Windows
___

- http://blogs.technet...14-updates.aspx

Assessing Risk
- http://blogs.technet...ty-updates.aspx
11 Nov 2014

Exploitability Index
- http://technet.micro...y/cc998259.aspx
___

- http://www.securityt....com/id/1031184 - MS14-064
- http://www.securityt....com/id/1031185 - MS14-065
- http://www.securityt....com/id/1031186 - MS14-066
- http://www.securityt....com/id/1031187 - MS14-067
-
- http://www.securityt....com/id/1031189 - MS14-069
- http://www.securityt....com/id/1031190 - MS14-070
- http://www.securityt....com/id/1031191 - MS14-071
- http://www.securityt....com/id/1031188 - MS14-072
- http://www.securityt....com/id/1031192 - MS14-073
- http://www.securityt....com/id/1031193 - MS14-074
-
- http://www.securityt....com/id/1031194 - MS14-076
- http://www.securityt....com/id/1031195 - MS14-077
- http://www.securityt....com/id/1031196 - MS14-078
- http://www.securityt....com/id/1031197 - MS14-078
- http://www.securityt....com/id/1031198 - MS14-079
___

November 2014 Office Update Release
- http://blogs.technet...ice-update.aspx
11 Nov 2014 - "... There are 5 security updates (3 bulletins) and 33 non-security updates...

NOTICE: Support for Microsoft Office 2010 SP1 ended on 10/14/14. All subsequent Office 2010 updates, beginning with this set, will only apply provided Office 2010 SP2 is installed. See KB2687455* for more information about acquiring Office 2010 SP2 ...
* https://support.micr....com/kb/2687455
___

ISC Analysis:
- https://isc.sans.edu...l?storyid=18941
2014-11-11
___

MS Advisories - Nov 2014:

MS Security Advisory 2755801
Update for vulns in Flash Player in IE
- https://technet.micr...ecurity/2755801
Nov 11, 2014 V31.0 - "... update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10 and Internet Explorer 11..."

MS Security Advisory 3010060
Vulnerability in Microsoft OLE Could Allow Remote Code Execution
- https://technet.micr...ecurity/3010060
Nov 11, 2014 V2.0 - "... We have issued Microsoft Security Bulletin MS14-064* to address this issue..."
* https://technet.micr...curity/MS14-064

.


Edited by AplusWebMaster, 13 November 2014 - 05:27 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 13 November 2014 - 01:18 PM

FYI...

KB 3003743, IE11 ...
- http://www.infoworld...5-security.html
Nov 13, 2014 - "... sporadic reports of KB 3003743* - part of MS14-074 - breaking concurrent RDP sessions. Poster turducken on the My Digital Life forums pins it down:
    Today's updates includes KB3003743 and with it comes termsrv.dll version 6.1.7601.18637
Jason Hart has also tweeted that KB 3003743 kills NComputing's virtualization software..."
* https://support.micr....com/kb/3003743
Last Review: Nov 11, 2014 - Rev: 1.2
 

:ph34r:


.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 16 November 2014 - 09:32 AM

FYI...

MS14-066: Known issues ...
- https://support.micr....com/kb/2992611
Last Review: Nov 14, 2014 - Rev: 3.0
See: Known issues with this security update:
"    We are aware of an issue in certain configurations in which TLS 1.2 is enabled by default, and TLS negotiations may fail. When this problem occurs, TLS 1.2 connections are dropped, processes hang (stop responding), or services become intermittently unresponsive..."

Security Update MS14-066 causes major performance problems in Microsoft Access / SQL Server applications
- http://darrenmyher.w...r-applications/
Nov 13, 2014
___

Hold off installing MS14-066 / KB 2992611
- http://blogs.msmvps....066-kb-2992611/
Nov 16, 2014 - "Word is it is breaking stuff, including the ability to access using secure sites using Chrome.
Possible fixes if you’re already affected:
- Open gpedit.msc
- Go to computer configuration > administrative templates > Network > SSL Configuration Settings > - SSL Cipher Suite Order: Set it to enabled
- Reboot
The policy populates the Windows registry with the legacy cipher suites less the 4 new cipher suites added by MS14-066 /2992611. The list of ciphers used can be viewed by enabling the policy then reviewing the list of ciphers in the dialog box
Or: Remove MS14-066 / KB 2992611 and reboot.
Amazon Advisory: https://aws.amazon.c...4-066-advisory/ "

- http://www.infoworld...-iis-sites.html
Nov 17, 2014 - "...  we're sitting here with a bad patch, almost a week after Black Tuesday, and the patch is -still- being offered through Automatic Update. Microsoft hasn't pulled it, in spite of one acknowledged major problem, another that's the talk of the SQL Server community, and a few hangers-on that may clobber your machines. Amazon raised a red flag on Wednesday..."

MS14-066 Advisory
- https://aws.amazon.c...4-066-advisory/
2014/11/14 5:30PM PST - "We are continuing to investigate the reported issues with the patch that was supplied for MS14-066. This updated status is being provided for the service below. We will continue to update this Security Bulletin for the other services previously identified as more information becomes available.
Amazon Relational Database Service (RDS):
Amazon RDS will build and deploy any required updates to affected RDS SQL Server instances. Any needed updates will require a restart of the RDS database instance. Communication of the specific timing of the update for each instance will be communicated via email or AWS Support directly to customers prior to any instance restart...

We will continue provide updates to this security bulletin.
___

WinShock (KB2992611) Patch breaks IIS
- https://social.techn...nserversecurity
Last entry (as of date/time of this post): Nov 16, 2014 12:01 AM
___

- https://web.nvd.nist...d=CVE-2014-6321 - 10.0 (HIGH)
Last revised: 11/12/2014
> http://technet.micro...lletin/MS14-066
 

:ph34r:


Edited by AplusWebMaster, 17 November 2014 - 11:42 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 18 November 2014 - 12:35 PM

FYI...

MS Security Bulletin MS14-068 - Critical
Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)
- https://technet.micr...curity/MS14-068
Critical - Elevation of Privilege - Requires restart - Microsoft Windows
Nov 18, 2014 - Ver: 1.0
- https://support.micr....com/kb/3011780

- http://blogs.technet...-2014-6324.aspx
18 Nov 2014

- https://web.nvd.nist...d=CVE-2014-6324 - 9.0 (HIGH)
Last revised: 11/19/2014 - "... as exploited in the wild in November 2014..."
___

MS14-066/KB 2992611/WinShock - more problems reported
- http://www.infoworld...shock-mess.html
Nov 18, 2014 - "... an entire collection of real, bona fide problems that accompany many installations of KB 2992611.
- On Nov. 12, Amazon issued an advisory about the botched Microsoft patch:
[ http://aws.amazon.co...4-066-advisory/ ]
    'We have received reports that the patch that Microsoft supplied for MS14-066 has been causing issues, specifically that TLS 1.2 sessions are disconnecting during key exchange.
    While we investigate this issue with the patch provided, we suggest that our customers review their security groups and ensure that external access to Windows instances have been appropriately restricted to the extent possible.'
Now IBM has chimed in with its own advisory:
[ http://www-01.ibm.co...uid=swg21690217 ]
    After applying the OS patch, B2B Integrator and FileGateway are unable to start up with the following error:
    The driver could not establish a secure connection to SQL Server by using Secure Sockets
    Layer (SSL) encryption. Error: "SQL Server returned an incomplete response. The connection has been closed.".
    [2014-04-22 06:21:32.25] ERRORDTL [1398162092250]com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "SQL Server returned an incomplete response. The connection has been closed."
IBM further advises, as of early Tuesday morning, "There is currently no workaround for this issue with the OS patch."
Even BlackBerry - has officially diagnosed a conflict between KB 2992611 and its Print To Go product..."
[ https://supportforum.../2866644/page/3 ]

> http://www.infoworld...kb-3000850.html
Nov 18, 2014
___

- https://technet.micr...curity/ms14-066
V2.0 (November 18, 2014): Bulletin revised to announce the reoffering of the 2992611 update to systems running Windows Server 2008 R2 and Windows Server 2012. The reoffering addresses known issues that a small number of customers experienced with the new TLS cipher suites that were included in the original release. Customers running Windows Server 2008 R2 or Windows Server 2012 who installed the 2992611 update prior to the November 18 reoffering should reapply the update. See Microsoft Knowledge Base Article 2992611 for more information.
> https://support.micr....com/kb/2992611
Last Review: Nov 18, 2014 - Rev: 4.1
... Note: If you downloaded and then installed this security update from the Microsoft Download Center for Windows Server 2008 R2 or Windows Server 2012, we recommend that you reinstall the security update from the Download Center. When you click the Download button, you will be prompted to select the check boxes for updates 2992611 and 3018238. Click to select both updates, and then click Next to continue with the updates. These packages -will- require -two- restarts in sequence during installation.
> http://support2.micr....com/kb/3011780
Last Review: Nov 18, 2014 - Rev: 1.0
___

November 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
> https://support2.mic....com/kb/3000850
Last Review: Nov 18, 2014 - Rev: 1.0
 

:ph34r:


Edited by AplusWebMaster, 19 November 2014 - 04:30 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#5 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 20 November 2014 - 11:13 AM

FYI...

MS14-066: Updated... again
- https://support.micr....com/kb/2992611
Last Review: Nov 19, 2014 - Rev: 5.0 ...
___

- https://web.nvd.nist...d=CVE-2014-6321 - 10.0 (HIGH)
Last revised: 11/19/2014
 

:ph34r: :ph34r: 


Edited by AplusWebMaster, 20 November 2014 - 02:40 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#6 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 22 November 2014 - 09:02 AM

FYI...

 

MS14-066: Revised - again ...
- https://support.micr....com/kb/2992611
Last Review: Nov 22, 2014 - Rev: 9.3

Also see: "Known issues with this security update..."
 

:ph34r:  :ph34r:


Edited by AplusWebMaster, 22 November 2014 - 12:02 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#7 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 26 November 2014 - 07:28 PM

FYI...

Update for vulns in Adobe Flash Player in IE10, 11
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- https://technet.micr...ecurity/2755801
Updated: Nov 25, 2014 V32.0 - "... update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10 and Internet Explorer 11... described in Adobe Security bulletin APSB14-26*..."
* https://helpx.adobe..../apsb14-26.html
Nov 25, 2014 - "... update to Adobe Flash Player 15.0.0.239..."

- https://web.nvd.nist...d=CVE-2014-84397.5 (HIGH)
 

:ph34r:


Edited by AplusWebMaster, 26 November 2014 - 07:28 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#8 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 02 December 2014 - 01:01 PM

FYI...

Clip Art - library has closed shop
- http://blogs.office....ed-bing-images/
Dec 1, 2014 - "The Office.com Clip Art and image library has closed shop. Customers can still add images to their documents, presentations, and other files that they have saved to their devices (phones, tablets, and PCs), OneDrive, and SharePoint. Customers also still have the ability to add images to their documents using Bing Image Search. Bing Image Search uses a copyright filter based on the Creative Commons licensing system. The results that are returned are images that have been tagged with Creative Commons licenses. A link to the source of the image is provided, which you should use to review the source of the image and the applicable license to determine whether your use will comply with the license..."

- http://www.theinquir...ieu-to-clip-art
Dec 2, 2014
 

:blink:


.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users