7 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...curity/ms15-aug
Aug 11, 2015 - "This bulletin summary lists security bulletins released for August 2015...
(Total of -14-)

Microsoft Security Bulletin MS15-079 - Critical
Cumulative Security Update for Internet Explorer (3082442)
- https://technet.micr...curity/MS15-079
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS15-080 - Critical
Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662)
- https://technet.micr...curity/MS15-080
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, Microsoft Silverlight

Microsoft Security Bulletin MS15-081 - Critical
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790)
- https://technet.micr...curity/MS15-081
Critical - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS15-082 - Important
Vulnerabilities in RDP Could Allow Remote Code Execution (3080348)
- https://technet.micr...curity/ms15-082
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-083 - Important
Vulnerability in Server Message Block Could Allow Remote Code Execution (3073921)
- https://technet.micr...curity/ms15-083
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-084 - Important
Vulnerabilities in XML Core Services Could Allow Information Disclosure (3080129)
- https://technet.micr...curity/ms15-084
Important - Information Disclosure - May require restart - Microsoft Windows, Microsoft Office

Microsoft Security Bulletin MS15-085 - Important
Vulnerability in Mount Manager Could Allow Elevation of Privilege (3082487)
- https://technet.micr...curity/MS15-085
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-086 - Important
Vulnerability in System Center Operations Manager Could Allow Elevation of Privilege (3075158)
- https://technet.micr...curity/MS15-086
Important - Elevation of Privilege - Does not require restart - Microsoft Server Software

Microsoft Security Bulletin MS15-087 - Important
Vulnerability in UDDI Services Could Allow Elevation of Privilege (3082459)
- https://technet.micr...curity/MS15-087
Important - Elevation of Privilege - Does not require restart - Microsoft Windows, Microsoft Server Software

Microsoft Security Bulletin MS15-088 - Important
Unsafe Command Line Parameter Passing Could Allow Information Disclosure (3082458)
- https://technet.micr...curity/MS15-088
Important - Information Disclosure - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-089 - Important
Vulnerability in WebDAV Could Allow Information Disclosure (3076949)
- https://technet.micr...curity/MS15-089
Important - Information Disclosure - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-090 - Important
Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege (3060716)
- https://technet.micr...curity/MS15-090
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-091 - Critical
Cumulative Security Update for Microsoft Edge (3084525)
- https://technet.micr...curity/MS15-091
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Microsoft Edge

Microsoft Security Bulletin MS15-092 - Important
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251)
- https://technet.micr...curity/MS15-092
Important - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft .NET Framework
___

- http://blogs.technet...se-summary.aspx
11 Aug 2015 - "Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released..."

Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge
- https://technet.micr...ty/2755801.aspx
V46.0 (August 11, 2015): Added the 3087916 update...
> https://support.micr...n-us/kb/3087916
Last Review: 08/13/2015 21:39:00 - Rev: 2.0 - "Known issues with this security update: After you install this security update on a computer that is running Windows 8.1 or Windows Server 2012 R2, you may receive an error message that resembles any of the following:
    Adobe Flash Player - An ActionScript error has occurred.
Microsoft is researching this problem and will post more information in this article when the information becomes available..."

> http://blogs.cisco.c...uesday-aug-2015
Aug 11, 2015 - "Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of -14- bulletins released which address -58- CVEs..."
___

MS SRD note: MS15-085 / CVE-2015-1769
- http://blogs.technet...-usb-stick.aspx
11 Aug 2015
___

August 2015 Office Update Release
- http://blogs.technet...te-release.aspx
11 Aug 2015 - "... There are -34- security updates (3 bulletins) and -32- non-security updates..."
MS15-080 - http://technet.micro...curity/ms15-080
MS15-081 - http://technet.micro...curity/ms15-081
MS15-084 - http://technet.micro...curity/ms15-084..."
___

MS15-079 - http://www.securityt....com/id/1033237
MS15-080 - http://www.securityt....com/id/1033238
MS15-081 - http://www.securityt....com/id/1033239
MS15-082 - http://www.securityt....com/id/1033242
MS15-083 - http://www.securityt....com/id/1033243
MS15-084 - http://www.securityt....com/id/1033241
MS15-085 - http://www.securityt....com/id/1033244
MS15-086 - http://www.securityt....com/id/1033245
MS15-087 - http://www.securityt....com/id/1033246
MS15-088 - http://www.securityt....com/id/1033248
MS15-089 - http://www.securityt....com/id/1033249
MS15-090 - http://www.securityt....com/id/1033251
MS15-091 - http://www.securityt....com/id/1033240
MS15-092 - http://www.securityt....com/id/1033253
___

ISC Analysis
- https://isc.sans.edu...l?storyid=20023
2015-08-11

.

Edited by AplusWebMaster, 17 August 2015 - 01:06 PM.

[AplusWebMaster]

FYI...

Windows/Office patching ...
- http://windowssecret...ffice-patching/
Aug 12, 2015 - "Although it’s the first Patch Tuesday of the Windows 10 era, little has changed — we’re still getting lots of updates, many of which require reboots.
For Win10, most of the separate updates are for Office; the OS updates now come in one big bundle. Win10 imposes a new limitation: updates can be delayed only if you’re using Windows Server Update Services (more info*) on a network.
* https://technet.micr...r/bb332157.aspx
For Windows 7 and 8 users, it’s patching business-as-usual. Fortunately, relatively few of the following updates are critical.
MS15-091(3081436): Windows 10 gets its first Patch Tuesday: Windows 10 has -changed- the updating rules — not for vulnerabilities but for how you receive updates. For example, KB 3081436 is listed as a -critical- security update for the new Microsoft Edge browser.
But the update’s fine print notes that it’s cumulative — i.e., it also includes -all- the August security and nonsecurity fixes for Windows 10. (Win7 and Win8 users will see many of these fixes as -separate- patches.) Along with the -Edge- patch, this update also contains the following patches...
    MS15-079 – Internet Explorer
    MS15-080 – Microsoft Graphics Component
    MS15-085 – Windows Mount Manager
    MS15-088 – Command-line parameter passing
    MS15-092 – .NET
KB 3081436 is, in fact, -not- Win10’s first cumulative update. Microsoft released KB 3081424 on Aug. 5. Unfortunately, some systems -choked- on KB 3081424**. A WindowsIT Pro article***  described a workaround, but it -required- a Registry hack. If you ran into problems with the Aug. 5 update, the better solution now is to -block- it via the “Show or hide updates” tool offered in KB 3073930[4].
- What to do: For Windows 10, your only option is to choose -when- you’ll allow a reboot."
** https://support.micr...n-us/kb/3081424

*** http://windowsitpro....mulative-update

4] https://support.micr...n-us/kb/3073930
 

[AplusWebMaster]

FYI...

Cumulative update for Win 10: Aug 14, 2015
- https://support.micr...n-us/kb/3081438
Last Review: 08/14/2015 - Rev: 1.0
___

Win10's third cumulative update, KB 3081436, still prompts reboots and throws error 0x80070bc9
... It's the same bug all over again - and it looks like Windows 10 feature improvements will wait for October
- http://www.infoworld...error-0x80.html
Aug 17, 2015 "... KB 3081424* on Aug. 5, KB 3081436** on Aug. 12, and KB 3081438 on Aug. 14. All of the KB articles say: 'This update includes improvements to enhance the functionality of Windows 10'..."
(More detail at the infoworld URL above.)

* https://support.micr...n-us/kb/3081424
Last Review: 08/05/2015 - Rev: 3.1
Applies to: Windows 10

** https://support.micr...n-us/kb/3081436
Last Review: 08/11/2015 - Rev: 2.0
Applies to: Windows 10
 

Edited by AplusWebMaster, 17 August 2015 - 08:41 AM.

[AplusWebMaster]

FYI...

Microsoft Security Bulletin MS15-093 - Critical
Security Update for Internet Explorer (3088903)
- https://technet.micr...curity/MS15-093
Aug 18, 2015 - "This security update resolves a vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. This security update is rated Critical for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers...
... prerequisites for update 3087985?
Yes. Customers running Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, or Internet Explorer 11 on Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1 must -first- install the 3078071 update released on August 11, 2015 before installing the 3087985 update."

 

- https://web.nvd.nist...d=CVE-2015-2502
Last revised: 08/19/2015 - "... as exploited in the wild in August 2015."
9.3 (HIGH)

- http://arstechnica.c...active-exploit/
Aug 18, 2015  - "... CVE-2015-2502, as the remote code-execution flaw is indexed, can be exploited when vulnerable computers visit booby-trapped websites or possibly when they open malicious HTML-based e-mails. The bug involves the way IE stores objects in memory and results in an error that corrupts memory contents..."

- https://support.micr...n-gb/kb/3087985
Last Review: 08/18/2015 - Rev: 1.0

- https://support.micr...n-us/kb/3088903
Last Review: 08/18/2015 - Rev: 1.0
___

Cumulative update for Windows 10: August 18, 2015
- https://support.micr...n-us/kb/3081444
Last Review: 08/18/2015 - Rev: 1.0
___

- http://www.securityt....com/id/1033317
CVE Reference: CVE-2015-2502
Aug 18 2015
Impact: Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7, 8, 9, 10, 11...
Solution: The vendor has issued a fix.
A patch matrix is available in the vendor advisory.
- https://technet.micr...curity/ms15-093
___

- http://blogs.cisco.c...os/ms15-093-oob
Aug 18, 2015 - "... As with most out of band releases, it has been reported that this attack is being exploited in the wild. Users should patch immediately..."
 

Edited by AplusWebMaster, 19 August 2015 - 02:21 PM.

[AplusWebMaster]

FYI...

Microsoft Security Bulletin MS15-080 - Critical
Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662)
- https://technet.micr...curity/ms15-080
Published: August 11, 2015 | Updated: August 21, 2015
V2.0 (August 21, 2015): "Updated bulletin to inform customers running Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 2, and Windows 7 Service Pack 1 that the 3078601 update on the Microsoft Download Center was -updated- on August 18, 2015. Microsoft recommends that customers who installed the 3078601 update via the Microsoft Download Center prior to August 18 -reinstall- the update to be fully protected from the vulnerabilities discussed in this bulletin. If you installed update 3078601 via Windows Update, Windows Update Catalog, or WSUS, no action is required."
 

[AplusWebMaster]

FYI...

Cumulative Update for Win10: Aug 27, 2015
- https://support.micr...n-us/kb/3081448
Last Review: 08/27/2015 21:39:00 - Rev: 2.0
___

OOBE Update for Win10: Aug 27, 2015
- https://support.micr...n-us/kb/3081449
Last Review: 08/27/2015 21:35:00 - Rev: 2.0
___

Compatibility update for upgrading to Win10
- https://support.micr...n-us/kb/3081452
Last Review: 08/27/2015 21:33:00 - Rev: 2.0
Summary: This update makes improvements to ease the upgrade experience to Windows 10.
This update replaces KB3081441 ...
___

Windows freezes or applications freeze after you install security update 3076895* (MS15-084)
Hotfix Download Available
- https://support.micr...n-us/kb/3090303
Last Review: 08/28/2015 23:30:00 - Rev: 1.0
Applies to:
    Windows 10
    Windows Server 2012 R2 Datacenter
    Windows Server 2012 R2 Standard
    Windows Server 2012 R2 Essentials
    Windows Server 2012 R2 Foundation
    Windows 8.1 Enterprise
    Windows 8.1 Pro
    Windows 8.1
    Windows RT 8.1
    Windows Server 2012 Datacenter
    Windows Server 2012 Standard
    Windows Server 2012 Essentials
    Windows Server 2012 Foundation
    Windows 8 Enterprise
    Windows 8 Pro
    Windows 8
    Windows RT
    Windows Server 2008 R2 Service Pack 1
    Windows 7 Service Pack 1
    Windows Server 2008 Service Pack 2
    Windows Vista Service Pack 2

* https://support.micr...n-us/kb/3076895
Last Review: 08/28/2015 23:45:00 - Rev: 2.0

- http://www.infoworld...s-programs.html
Aug 31, 2015
 

 

Edited by AplusWebMaster, 31 August 2015 - 10:15 AM.

[AplusWebMaster]

FYI...

Win 7, 8, and 10 - all collecting user data for MS
Uncomfortable with Windows 10 slurping personal data? Too bad - MS rolls out similar snooping capabilities to Windows 7, Windows 8
- http://www.infoworld...-microsoft.html
Sep 1, 2015 - "... Some users have opted to not upgrade to Windows 10 over privacy concerns. But three updates have -added- similar data collection capabilities to machines running Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1, and Windows Server 2008 R2 SP1... This monitoring is part of Microsoft’s Customer Experience Improvement Program (CEIP) and is designed to 'improve the products and features customers use most often and to help solve problems' Microsoft said..."

Update for customer experience and diagnostic telemetry
- https://support.micr...n-us/kb/3068708
Last Review: 06/18/2015 - Rev: 4.0

Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
- https://support.micr...n-us/kb/3075249
Last Review: 08/18/2015 - Rev: 1.0

Update for customer experience and diagnostic telemetry
- https://support.micr...n-us/kb/3080149
Last Review: 08/20/2015 - Rev: 3.0

"... If the updates have already been installed, they can be uninstalled via Control Panel by looking up the KB identifier for updates... Windows users who don’t want to be part of the collection program should have a clear and straightforward way to opt out, which doesn’t appear to exist at the moment. Attempts to contact Microsoft about this issue have not yet elicited a response."
 

[AplusWebMaster]

FYI...

Highs and lows of Win10 patching
- http://windowssecret...censing/#story6
Sep 2, 2015 - "Windows 10 has been out a bit over a month, and I’ve developed a love/hate relationship with its patching process. From -forced- driver updates to branch releases, the patching system feels as if it still needs tweaking and fixing. That love/hate feeling starts with Microsoft’s use of cumulative updates for the new OS. Currently, if you buy a new Win7 PC or install the operating system from scratch, you could spend -hours- adding dozens of updates. And the updates aren’t all added at once — you’ll have to work through a series of reboots and update downloads. On the other hand, each Win10 update — at least for now — includes both new and previous fixes. In other words, all released Win10 security and nonsecurity updates are rolled up into each new release. In theory, if you purchase or set up a new Win10 system six months from now, you’ll need only the most recent update to be fully patched. This new process should help give Win10 systems better protection from malware and cyber attackers. What’s annoying about Win10 patching is the thin documentation of what’s included in these releases. A Microsoft spokesperson confirmed this change in a statement to the Register*
* http://www.theregist...ows_10_updates/
... the company will give details only when there are notable (by Microsoft’s measure) changes. More annoying is the loss of control over update installation on consumer systems — unless the machine is attached to a network/domain and the company is using Windows Server Update Services (more info**). I currently have several Win10 test machines up and running. One of the systems is at the office and attached to a domain. Another is at home and connected to a common peer-to-peer network. The office machine lets me install updates when I’m ready; the home system only lets me choose -when- to reboot."
** https://technet.micr...r/bb332157.aspx