5 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...curity/ms15-oct
Oct 12, 2015 - "This bulletin summary lists security bulletins released for October 2015..."
(Total of -6- )

Microsoft Security Bulletin MS15-106 - Critical
Cumulative Security Update for Internet Explorer (3096441)
- https://technet.micr...curity/MS15-106
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS15-107 - Important
Cumulative Security Update for Microsoft Edge (3096448)
- https://technet.micr...curity/MS15-107
Important - Information Disclosure - Requires restart - Microsoft Windows, Microsoft Edge

Microsoft Security Bulletin MS15-108 - Critical
Security Update for JScript and VBScript to Address Remote Code Execution (3089659)
- https://technet.micr...curity/MS15-108
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-109 - Critical
Security Update for Windows Shell to Address Remote Code Execution (3096443)
- https://technet.micr...curity/MS15-109
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-110 - Important
Security Updates for Microsoft Office to Address Remote Code Execution (3096440)
- https://technet.micr...curity/MS15-110
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Office Services and Web Apps, Microsoft Server Software

Microsoft Security Bulletin MS15-111 - Important
Security Update for Windows Kernel to Address Elevation of Privilege (3096447)
- https://technet.micr...curity/MS15-111
Important - Elevation of Privilege - Requires restart - Microsoft Windows
___

- http://blogs.technet...se-summary.aspx
13 Oct 2015 - "Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released..."

Security Advisories:

Microsoft Security Advisory 3097966
Inadvertently Disclosed Digital Certificates Could Allow Spoofing
- https://technet.microsoft.com/library/security/3097966.aspx  
Published: September 24, 2015 | Updated: October 13, 2015 / Ver: 2.0
> See: "Known Issues": https://support.micr...n-us/kb/3097966
[Dlink network adapter]

Microsoft Security Advisory 3042058
Update to Default Cipher Suite Priority Order
- https://technet.micr...ty/3042058.aspx
Published: May 12, 2015 | Updated: October 13, 2015 / Ver: 1.1

Microsoft Security Advisory 2960358
Update for Disabling RC4 in .NET TLS
- https://technet.micr...ecurity/2960358
Published: May 13, 2014 | Updated: October 13, 2015 / Ver: 2.0

Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe -Flash- Player in Internet Explorer and Microsoft Edge
- https://technet.micr...ty/2755801.aspx
Updated: October 13, 2015 / Ver: 48.0
___

October 2015 Office Update Release
- http://blogs.technet...te-release.aspx
13 Oct 2015 - "... There are 22 security updates (4 bulletins) and 55 non-security updates..."
___

MS15-106: http://www.securityt....com/id/1033800
MS15-107: http://www.securityt....com/id/1033802
MS15-108: http://www.securityt....com/id/1033801
MS15-109: http://www.securityt....com/id/1033799
MS15-110: http://www.securityt....com/id/1033803
- http://www.securityt....com/id/1033804
MS15-111: http://www.securityt....com/id/1033805
___

ISC Analysis
- https://isc.sans.edu...l?storyid=20245
Last Updated: 2015-10-13

 

.

Edited by AplusWebMaster, 19 October 2015 - 09:46 AM.

[AplusWebMaster]

FYI... Windows Update Client Win7, Win8.1 - Updated MS15-046, MS15-081, MS15-099...

Windows Update Client for Windows 7 and Windows Server 2008 R2: October 2015
- https://support.micr...n-us/kb/3083710
Last Review: 10/13/2015 18:31:00 - Rev: 2.0
Applies to:
    Windows Server 2008 R2 Service Pack 1
    Windows 7 Service Pack 1
    Windows Embedded Standard 7 Service Pack 1
___

Windows Update Client for Windows 8.1 and Windows Server 2012 R2: October 2015
- https://support.micr...n-us/kb/3083711
Last Review: 10/13/2015 18:33:00 - Rev: 2.0
Applies to:
    Windows Server 2012 R2 Datacenter
    Windows Server 2012 R2 Standard
    Windows Server 2012 R2 Essentials
    Windows Server 2012 R2 Foundation
    Windows 8.1 Enterprise
    Windows 8.1 Pro
    Windows 8.1
    Windows RT 8.1
___

Microsoft Security Bulletin MS15-046 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)
- https://technet.micr...y/ms15-046.aspx
Published: May 12, 2015 | Updated: October 13, 2015
V4.0 (October 13, 2015): Revised bulletin to announce the availability of a new update (3085544) for Microsoft Office 2007 that addresses issues with the previously-released update (2965282). Customers running Microsoft Office 2007 are encouraged to install update 3085544 at the earliest opportunity to be fully protected from the vulnerability discussed in this bulletin. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3085544* for more information and download links.
* https://support.micr...n-us/kb/3085544

Microsoft Security Bulletin MS15-081 - Critical
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790)
- https://technet.micr...y/ms15-081.aspx
Published: August 11, 2015 | Updated: October 13, 2015
V3.0 (October 13, 2015): Revised bulletin to announce the availability of update packages for Microsoft Office 2016, Microsoft Visio 2016, and Microsoft Word 2016. Customers running Microsoft Office 2016, Microsoft Visio 2016, or Microsoft Word 2016 should apply the applicable updates to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the updates will be downloaded and installed automatically.

Microsoft Security Bulletin MS15-099 - Critical
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)
- https://technet.micr...y/ms15-099.aspx
Published: September 8, 2015 | Updated: October 13, 2015
V4.0 (October 13, 2015): Revised bulletin to announce the availability of an update package for Microsoft Excel 2016. Customers running Microsoft Excel 2016 should apply update 2920693 to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically.
___

>> https://community.qu...ay-october-2015
Oct 13, 2015
___

 

Compatibility update for upgrading to Windows 10: October 14, 2015
- https://support.micr...n-us/kb/3097626
Last Review: 10/14/2015 16:34:00 - Rev: 2.0
 

Edited by AplusWebMaster, 15 October 2015 - 10:05 AM.

[AplusWebMaster]

FYI...

Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge
- https://technet.micr...ecurity/2755801
Updated: Oct 19, 2015 - Ver: 49.0 - "Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10; the update is also available for Adobe Flash Player in Microsoft Edge on all supported editions of Windows 10. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge...
On October 19, 2015, Microsoft released an update (3105216) for Internet Explorer 10 on Windows 8, Windows Server 2012, and Windows RT; Internet Explorer 11 on Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10; and Microsoft Edge on Windows 10. The update addresses the vulnerabilities described in Adobe Security bulletin APSB15-27*. For more information about this update, including download links, see Microsoft Knowledge Base Article 3105216**...
* https://helpx.adobe..../apsb15-27.html
Oct 16, 2015
** https://support.micr...n-us/kb/3105216
Last Review: 10/19/2015 21:09:00 - Rev: 1.0
 

[AplusWebMaster]

FYI... Win10 'Nagware'

Update installs 'Get Windows 10 app' in Windows 8.1 and Windows 7 SP1
- https://support.micr...n-us/kb/3035583
Last Review: 10/05/2015 16:45:00 - Rev: 6.0
___

Nagware KB 3035583 is marked 'Important' on some PCs and will thus install on Automatic Update
- http://www.infoworld...kb-2952664.html
Oct 6, 2015

Disable Windows 10 upgrade 'nagware' on Windows 7, Windows 8.1 computers
- http://www.infoworld...-computers.html
Oct 14, 2015

Microsoft says that the optional update was enabled by mistake
>> http://arstechnica.c...ws-7-8-systems/
Oct 15, 2015

"HIDE 'UPDATE'" ?
 

Edited by AplusWebMaster, 20 October 2015 - 04:28 AM.

[AplusWebMaster]

FYI...

Win10 System Center Configuration Manager
- http://blogs.technet...and-intune.aspx
27 Oct 2015 - "... Windows 10 comes in two basic flavors: (1) a Current Branch (also known as Windows-as-a-Service) and (2) the Long-Term Servicing Branch with a more traditional support model. The Current Branch also has the option of Current Branch for Business, which is the same build as the Current Branch, just deferred to a later date to give you time to further validate in your environment. If this is all news to you, stop reading and click here* for more information and guidance. Then come on back when you are ready.
* https://technet.micr...6(v=vs.85).aspx
... we will release a -new- version of Configuration Manager by the end of this calendar year. This
-new- version will bring -full- support for the deployment, upgrade, and management of Windows 10. The new System Center Configuration Manager, as it will simply be called, is designed to support the much faster pace of updates for Windows 10 and Microsoft Intune. This -new- version will also simplify the Configuration Manager upgrade experience itself, and allow us to listen and more quickly respond to your feedback...
'In Summary: Planning and Guidance'..." (see the chart there).
 

[AplusWebMaster]

FYI...

Installing and searching for updates is slow and high CPU usage occurs in Win7 and Win Server 2008 R2
-https://support.micr...n-us/kb/3102810
Last Review: 11/04/2015 03:09:00 - Rev: 2.0
Applies to:
    Windows Server 2008 R2 Service Pack 1
    Windows 7 Service Pack 1

Also:
Installing and searching for updates is slow and high CPU usage occurs in Win8.1 and Win Server 2012 R2
- https://support.micr...n-us/kb/3102812
Last Review: 11/04/2015 03:09:00 - Rev 2.0

Hmmm...  
 

Edited by AplusWebMaster, 05 November 2015 - 12:12 PM.