5 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...curity/ms15-may
May 12, 2015 - "This bulletin summary lists security bulletins released for May 2015...
(Total of -13-)

Microsoft Security Bulletin MS15-043 - Critical
Cumulative Security Update for Internet Explorer (3049563)
- https://technet.micr...curity/MS15-043
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS15-044 - Critical
Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution (3057110)
- https://technet.micr...curity/MS15-044
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, Microsoft Silverlight

Microsoft Security Bulletin MS15-045 - Critical
Vulnerability in Windows Journal Could Allow Remote Code Execution (3046002)
- https://technet.micr...curity/MS15-045
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-046 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)
- https://technet.micr...curity/MS15-046
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS15-047 - Important
Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (3058083)
- https://technet.micr...curity/MS15-047
Important - Remote Code Execution - May require restart - Microsoft Server Software

Microsoft Security Bulletin MS15-048 - Important
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3057134)
- https://technet.micr...curity/MS15-048
Important - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS15-049 - Important
Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985)
- https://technet.micr...curity/MS15-049
Important - Elevation of Privilege - Does not require restart - Microsoft Silverlight

Microsoft Security Bulletin MS15-050 - Important
Vulnerability in Service Control Manager Could Allow Elevation of Privilege (3055642)
- https://technet.micr...curity/MS15-050
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-051 - Important
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057191)
- https://technet.micr...curity/MS15-051
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-052 - Important
Vulnerability in Windows Kernel Could Allow Security Feature Bypass (3050514)
- https://technet.micr...curity/MS15-052
Important - Security Feature Bypass - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-053 - Important
Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass (3057263)
- https://technet.micr...curity/MS15-053
Important - Security Feature Bypass - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-054 - Important
Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service (3051768)
- https://technet.micr...curity/MS15-054
Important - Denial of Service - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-055 - Important
Vulnerability in Schannel Could Allow Information Disclosure (3061518)
- https://technet.micr...curity/MS15-055
Important - Information Disclosure - Requires restart - Microsoft Windows
___

- http://blogs.technet...15-updates.aspx
12 May 2015 - "... we released 13 security bulletins...
We also released one new Security Advisory:
Update to Default Cipher Suite Priority Order (3042058)
- https://technet.micr...ty/3042058.aspx
One Security Advisory was revised:
Update for Adobe Flash Player in Internet Explorer (2755801)
- https://technet.micr...ty/2755801.aspx
___

- http://www.securityt....com/id/1032282- MS15-043
- http://www.securityt....com/id/1032281- MS15-044
- http://www.securityt....com/id/1032280- MS15-045
- http://www.securityt....com/id/1032295- MS15-046
- http://www.securityt....com/id/1032296- MS15-047
- http://www.securityt....com/id/1032297- MS15-048
- http://www.securityt....com/id/1032298- MS15-049
- http://www.securityt....com/id/1032299- MS15-050
- http://www.securityt....com/id/1032294- MS15-051
- http://www.securityt....com/id/1032292- MS15-052
- http://www.securityt....com/id/1032290- MS15-053
- http://www.securityt....com/id/1032286- MS15-054
- http://www.securityt....com/id/1032283- MS15-055
___

May 2015 Office Update Release
- http://blogs.technet...te-release.aspx
12 May 2015 - "... There are -27- security updates (3 bulletins) and -48- non-security updates...
- http://technet.micro...curity/ms15-044
- http://technet.micro...curity/ms15-046
- http://technet.micro...curity/ms15-047..."
___

ISC Analysis:
- https://isc.sans.edu...l?storyid=19685
2015-05-12

.

Edited by AplusWebMaster, 15 May 2015 - 02:54 PM.

[AplusWebMaster]

FYI...

MS's latest massive round of patches...
- http://www.infoworld...-the-shaft.html
May 13, 2015 - "... The toll from Microsoft's Patch Tuesday includes 13 security bulletins, three of them critical; one new and one updated Security Advisory; one re-issued .Net security patch; KB 3037580, which "may have to be reinstalled;" 34 re-issued non-security patches for Windows, several of which have been updated multiples times; and a whopping -48- re-issued non-security patches for Office... Complaints are starting to roll in, and many people report that their PCs hang after installing the patches and rebooting; Windows just sits there at "Stage 1 of 3" or "Stage 3 of 3" in the installation process. Fortunately, the old three-finger salute seems to solve the problem. KB 3049563, this month's massive Internet Explorer cumulative patch, supersedes KB 3038314, which was last month's massive Internet Explorer cumulative patch. No definitive word yet on whether the new version continues to block adding search engines and/or fails with installer error 80092004. Contradictory advice on the .Net 4.5 patch re-release ,KB 3037580, has some users wagging their heads. In the official patch update list, Microsoft says "This update may have to be reinstalled," but the KB article clearly says, "Notice/May 12, 2015 /This security update has been re-released and contains updated files. We recommend that you apply this security update." Our old friends KB 3022345 and KB 3048043 are back -- for the fourth and third time, respectively -- having just been re-re-released last week. Those are the patches for fixing screen flickering in Windows 8.1 and enabling the "Diagnostic Tracking Service" in Windows 7, 8.1, and Server 2012 R2. I still have no idea what, precisely, the Diagnostic Tracking Service patch does and how it relates to the Customer Experience Improvement Program, which used to be an 'opt-in' program. We also have yet another critical kernel patch, MS15-044/KB 3057110, because a sufficiently sentient font can take over your computer, even if the font is sitting on a Web page..."
(More detail at the infoworld URL above.)
___

- https://isc.sans.edu... Summary/19685/
Comments:
> "Win7/64bit computer stuck at Stage 1 of 3 - 23% complete. (after being told to reboot after patching). I seem to remember this happening 2-3 months ago..."
> "Looks like KB3061518 is breaking client communications with Catia (DSLS) license servers. Removing the update fixes the problem."
> "Systems stuck on configuring updates stage 3 of 3. [can also be 1 of 3 or 2 of 3 as noted above]. Solution: hit control alt delete. No root cause, no one particular update has been identified."
> "Had one of those happen today, where CTRL-ALT-DEL worked. My system from yesterday tho was completely locked up and its problem happened BEFORE the reboot. The little circle was not spinning and there was no hard drive activity. Did a hard reset on that one and everything came up fine... and all patches showed as installed."

> http://windowssecret...date-confusion/
May 13, 2015
 

 

Edited by AplusWebMaster, 14 May 2015 - 05:55 AM.

[AplusWebMaster]

FYI...

MS updates KB 3057110, KB 3045171 cause Win7 PCs to crash
GDI+ updates freeze Win7 and earlier PCs when using GsDraw and other drawing tools to create text outline-based path objects
- http://www.infoworld...s-to-crash.html
May 19, 2015 - "Microsoft has issued an acknowledgment that MS15-044/KB 3057110 and MS15-051/KB 3045171* -- both massive font driver updates that fix TrueType font handling in Windows, .Net Framework, Office, Lync, and Silverlight - can cause Windows 7 and -earlier- PCs to freeze. The official warning goes like this:
'    After you install this security update, you experience crashes when you use Windows GDI+ to create text outline-based path objects on a computer that is running Windows 7 or an earlier version of Windows. We are aware of this issue and will address it in the near future.' ..."

MS15-044 and MS15-051 ...
* https://support.micr...n-us/kb/3045171
Last Review: May 18, 2015 - Rev: 5.0
"Known issues with this security update:
    After you install this security update (3045171), you experience crashes when you use Windows GDI+ to create text outline-based path objects on a computer that is running Windows 7 or an earlier version of Windows.
    We are aware of this issue and will address it in the near future."

MS15-044 ...
- https://support.micr...n-us/kb/3057110
Last Review: May 18, 2015 - Rev: 3.0
"Known issues with this security update:
    After you install this security update (3057110), you experience crashes when you use Windows GDI+ to create text outline-based path objects on a computer that is running Windows 7 or an earlier version of Windows.
    We are aware of this issue and will address it in the near future."
___

April 2015 servicing stack update for Windows 7 and Windows Server 2008 R2
- https://support.micr...n-us/kb/3020369
Last Review: May 20, 2015 - Rev: 6.0
"Known issues for this update:
- Restart stuck on "Stage 3 of 3": After you install update 3020369 together with other updates, a restart may be required to complete the installation. During this restart, you may find yourself stuck on "Stage 3 of 3." If you encounter this issue, press Ctrl+Alt+Delete to continue to log on. This should occur only one time and does not prevent updates from installing successfully.
- An update installation fails after you install update 3020369: When you install update 3020369 together with other updates, you may encounter a timing issue that causes the update tried immediately after you install update 3020369 to fail. This issue only affects the update tried immediately after update 3020369. As soon as update 3020369 is installed, another try to install the failed update should be successful..."

- http://www.infoworld...boot-hangs.html
May 19, 2015
___

Microsoft Security Bulletin MS15-046 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)
- https://technet.micr...curity/MS15-046
V2.0 (May 19, 2015): Bulletin revised to announce the release of the Microsoft Office for Mac 14.5.1 update. The release addresses a potential issue with Microsoft Outlook for Mac when customers install the Microsoft Office for Mac 14.5.0 update. Customers who have not already installed the 14.5.0 update should install the 14.5.1 update to be fully protected from this vulnerability. To avoid the possibility of future issues with Microsoft Outlook for Mac, Microsoft recommends that customers running Office for Mac software who have already successfully installed the 14.5.0 update also apply the 14.5.1 update even though they are already protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3048688* for more information.
* https://support.micr...n-us/kb/3048688
Last Review: May 19, 2015 - Rev: 1.0
 

 

Edited by AplusWebMaster, 20 May 2015 - 05:10 AM.

[AplusWebMaster]

FYI...

Update to enable the Diagnostics Tracking Service in Windows
Notice: The current version of this hotfix, Version 2, was published on May 6, 2015. The previous version of this hotfix was Version 1.005. Both versions provide the same functionality and protection except that Version 2 includes a minor update to support devices that do not contain U.S. English language files. However, the current hotfix is not a compatible upgrade to Version 1.005 and may cause an error (800F0922) if it is installed over the old version. We recommend that you install this hotfix if you have not already installed it. If you have installed the original version of this hotfix and you want the added functionality, we recommend that you wait for an upcoming version that will be a compatible upgrade to either version.
- https://support2.mic...b;en-us;3022345
Summary: This update enables the Diagnostics Tracking Service in Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1. This tracking service collects data about functional issues in Windows.
This update contains the following two manifests that are occasionally updated by the Diagnostic Tracking Service:
    telemetry.ASM-WindowsDefault.json
    utc.app.json
The two files are marked as static files in the update. When an advanced user runs the System File Checker Tool (sfc.exe), the files are unintentionally flagged as corrupted. There is no impact or corruption on a device that is running this update, and this issue will be fixed in a later service update...
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations."
Last Review: May 21, 2015 - Rev: 6.0
 

  

Edited by AplusWebMaster, 21 May 2015 - 03:58 PM.

[AplusWebMaster]

FYI...

MS15-044: Description of the security update for the .NET Framework 3.5.1 on Win7 SP1 and Win Svr 2008 R2 SP1
- https://support.micr...n-us/kb/3048070
Last Review: May 21, 2015 - Rev: 2.0

MS Security Bulletin MS15-044 - Critical
Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution (3057110)
- https://technet.micr...curity/ms15-044
V2.0 (May 21, 2015): Bulletin revised to announce the availability of a -new- update (3065979) that fixes a known issue that some customers experienced after installing the 3045171 security update on all supported editions of Windows 7/Windows 2008 R2 and earlier systems. The 3045171 security update causes customer applications to crash while attempting to create text-outline-based path objects using GDI+. Customers who are experiencing this known issue can correct the problem by installing the 3065979 update. See Microsoft Knowledge Base Article 3065979* for more information and download links.

MS15-044 ...
- https://support.micr...n-us/kb/3057110
Last Review: May 25, 2015 - Rev: 7.0

"GsDraw error (1): GenericError" error occurs and application crashes when you create text outline in Windows
* https://support.micr...n-us/kb/3065979
Last Review: May 22, 2015 - Rev: 2.0

MS15-044 and MS15-051: Description of the security update for Windows font drivers
- https://support.micr...n-us/kb/3045171
Last Review: May 21, 2015 - Rev: 6.0

April 2015 servicing stack update for Windows 7 and Windows Server 2008 R2
- https://support.micr...n-us/kb/3020369
Last Review: May 27, 2015 - Rev: 7.0
"... Known issues for this update: Restart stuck on "Stage 3 of 3"
After you install update 3020369 together with other updates, a restart may be required to complete the installation. During this restart, you may find yourself stuck on "Stage 3 of 3."
If you encounter this issue, press Ctrl+Alt+Delete to continue to log on. This should occur only one time and does not prevent updates from installing successfully.
An update installation fails after you install update 3020369
When you install update 3020369 together with other updates, you may encounter a timing issue that causes the update tried immediately after you install update 3020369 to fail.
This issue only affects the update tried immediately after update 3020369. As soon as update 3020369 is installed, another try to install the failed update should be successful.
Note: In managed environments, such as by using Windows Server Update Services (WSUS), you can avoid either of these issues by deploying this update as a stand-alone update."
___

- http://www.infoworld...kb-3045171.html
May 22, 2015
___

KB 3022345... again.
- http://www.infoworld...fc-scannow.html
May 26, 2015
- https://support2.mic...b;en-us;3022345
Last Review: June 4, 2015 - Rev: 7.0
"This update has been replaced by the latest update for customer experience and diagnostic telemetry that was first released on June 2, 2015. To obtain the update, see 3068708 Update* for customer experience and diagnostic telemetry."
* https://support.micr...n-us/kb/3068708
Last Review: 06/18/2015 - Rev: 4.0

___

Patching and servicing of Windows and Linux - survey and email contact
- http://blogs.technet...il-contact.aspx
19 May 2015 - "... We are studying customer patching pain points and behaviors within Linux and Windows Server environments across operating systems and applications. If you are a stakeholder in the patching/updating process for your company and would like to share your thoughts and feedback, please take a few minutes to fill out the following survey:
- https://www.surveymonkey.com/r/YYZKBS3
If you want to give us direct and deep feedback, please email us at:
patchfeed@microsoft.com
Again, we are interested in feedback and experiences from both Windows Server administrators as well as Linux sysadmins..."
 

Edited by AplusWebMaster, 02 July 2015 - 04:53 AM.

[AplusWebMaster]

FYI...

MS reclassifies Win10 -nagware- patches, KB 2952664 and 2976978 ...
Users with Automatic Update turned on in Win7 or 8.1, will now get the latest Windows 10 rollout software
- http://www.infoworld...-important.html
Jun 5, 2015 - "... Microsoft changed the rating of two Win10 -nagware- patches, KB 2952664 and KB 2976978, from Optional to Important. I wrote about both patches two days ago*, when they were both still listed as Optional. By moving from Optional to Important, Microsoft is sending the patches down the Automatic Update chute. Anyone who has Automatic Update turned on will get the new Win10 advertising... If I counted correctly, this is the -17th- version of the Windows 7 patch KB 2952664 and the -12th- version of the Windows 8.1 patch KB 2976978. In the past, KB 2952664 has caused lots of problems, while KB 2976978 has been benign. The KB article for the Windows 8.1 patch still says it "performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program [CEIP] in order to determine whether compatibility issues may be encountered when the latest Windows operating system is installed." I'm still mystified by that description, because I don't understand why people running the Get Windows 10 program are, in fact, opting into the CEIP. I don't see anything different about the patches. Presumably they have more under-the-covers changes to ease the world into Windows 10."
* http://www.infoworld...kb-2977759.html

- https://support.micr...n-us/kb/2952664
Last Review: June 3, 2015 - Rev: 9.0

- https://support.micr...n-us/kb/2976978
Last Review: June 2, 2015 - Rev: 10.0
___

- http://www.infoworld...-new-level.html
Jun 8, 2015 - "... Anybody who installs a new OS - any OS - on the first day of release is just begging for trouble."
 

Edited by AplusWebMaster, 08 June 2015 - 11:42 AM.