FYI...
- https://technet.micr...curity/ms14-nov
Nov 11, 2014 - "This bulletin summary lists security bulletins released for November 2014...
(Total of -14-)
Microsoft Security Bulletin MS14-064 - Critical
Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)
- https://technet.micr...curity/MS14-064
Critical - Remote Code Execution - May requires restart - Microsoft Windows
Microsoft Security Bulletin MS14-065 - Critical
Cumulative Security Update for Internet Explorer (3003057)
- https://technet.micr...curity/MS14-065
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS14-066 - Critical
Vulnerability in Schannel Could Allow Remote Code Execution (2992611)
- https://technet.micr...curity/MS14-066
Critical - Remote Code Execution - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS14-067 - Critical
Vulnerability in XML Core Services Could Allow Remote Code Execution (2993958)
- https://technet.micr...curity/MS14-067
Critical - Remote Code Execution - May require restart - Microsoft Windows
MS14-068: Release date to be determined.
Microsoft Security Bulletin MS14-069 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)
- https://technet.micr...curity/MS14-069
Important - Remote Code Execution - May require restart - Microsoft Office
Microsoft Security Bulletin MS14-070 - Important
Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)
- https://technet.micr...curity/MS14-070
Important - Elevation of Privilege - May require restart - Microsoft Windows
Microsoft Security Bulletin MS14-071 - Important
Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)
- https://technet.micr...curity/MS14-071
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS14-072 - Important
Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
- https://technet.micr...curity/MS14-072
Important - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft .NET Framework
Microsoft Security Bulletin MS14-073 - Important
Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)
- https://technet.micr...curity/MS14-073
Elevation of Privilege - May require restart - Microsoft Server Software
Microsoft Security Bulletin MS14-074 - Important
Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)
- https://technet.micr...curity/MS14-074
Important - Security Feature Bypass - Requires restart - Microsoft Windows
MS14-075: Release date to be determined.
Microsoft Security Bulletin MS14-076 - Important
Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass (2982998)
- https://technet.micr...curity/MS14-076
Important - Security Feature Bypass - May require restart - Microsoft Windows
Microsoft Security Bulletin MS14-077 - Important
Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3003381)
- https://technet.micr...curity/MS14-077
Important - Information Disclosure - May require restart - Microsoft Windows
Microsoft Security Bulletin MS14-078 - Moderate
Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719)
- https://technet.micr...curity/MS14-078
Moderate - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft Office
Microsoft Security Bulletin MS14-079 - Moderate
Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (3002885)
- https://technet.micr...curity/MS14-079
Moderate - Denial of Service - Requires restart - Microsoft Windows
___
- http://blogs.technet...14-updates.aspx
Assessing Risk
- http://blogs.technet...ty-updates.aspx
11 Nov 2014
Exploitability Index
- http://technet.micro...y/cc998259.aspx
___
- http://www.securityt....com/id/1031184 - MS14-064
- http://www.securityt....com/id/1031185 - MS14-065
- http://www.securityt....com/id/1031186 - MS14-066
- http://www.securityt....com/id/1031187 - MS14-067
-
- http://www.securityt....com/id/1031189 - MS14-069
- http://www.securityt....com/id/1031190 - MS14-070
- http://www.securityt....com/id/1031191 - MS14-071
- http://www.securityt....com/id/1031188 - MS14-072
- http://www.securityt....com/id/1031192 - MS14-073
- http://www.securityt....com/id/1031193 - MS14-074
-
- http://www.securityt....com/id/1031194 - MS14-076
- http://www.securityt....com/id/1031195 - MS14-077
- http://www.securityt....com/id/1031196 - MS14-078
- http://www.securityt....com/id/1031197 - MS14-078
- http://www.securityt....com/id/1031198 - MS14-079
___
November 2014 Office Update Release
- http://blogs.technet...ice-update.aspx
11 Nov 2014 - "... There are 5 security updates (3 bulletins) and 33 non-security updates...
NOTICE: Support for Microsoft Office 2010 SP1 ended on 10/14/14. All subsequent Office 2010 updates, beginning with this set, will only apply provided Office 2010 SP2 is installed. See KB2687455* for more information about acquiring Office 2010 SP2 ...
* https://support.micr....com/kb/2687455
___
ISC Analysis:
- https://isc.sans.edu...l?storyid=18941
2014-11-11
___
MS Advisories - Nov 2014:
MS Security Advisory 2755801
Update for vulns in Flash Player in IE
- https://technet.micr...ecurity/2755801
Nov 11, 2014 V31.0 - "... update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10 and Internet Explorer 11..."
MS Security Advisory 3010060
Vulnerability in Microsoft OLE Could Allow Remote Code Execution
- https://technet.micr...ecurity/3010060
Nov 11, 2014 V2.0 - "... We have issued Microsoft Security Bulletin MS14-064* to address this issue..."
* https://technet.micr...curity/MS14-064
.
Edited by AplusWebMaster, 13 November 2014 - 05:27 AM.