12 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...curity/ms15-nov
Nov 10, 2015 - "This bulletin summary lists security bulletins released for November 2015...
(Total of -12-)

Microsoft Security Bulletin MS15-112 - Critical
Cumulative Security Update for Internet Explorer (3104517)
- https://technet.micr...curity/MS15-112
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS15-113 - Critical
Cumulative Security Update for Microsoft Edge (3104519)
- https://technet.micr...curity/MS15-113
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Microsoft Edge

Microsoft Security Bulletin MS15-114 - Critical
Security Update for Windows Journal to Address Remote Code Execution (3100213)
- https://technet.micr...curity/MS15-114
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-115 - Critical
Security Update for Microsoft Windows to Address Remote Code Execution (3105864)
- https://technet.micr...curity/MS15-115
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-116 - Important
Security Update for Microsoft Office to Address Remote Code Execution (3104540)
- https://technet.micr...curity/MS15-116
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Office Services and Web Apps, Microsoft Lync, Skype for Business

Microsoft Security Bulletin MS15-117 - Important
Security Update for NDIS to Address Elevation of Privilege (3101722)
- https://technet.micr...curity/MS15-117
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-118 - Important
Security Update for .NET Framework to Address Elevation of Privilege
- https://technet.micr...curity/MS15-118
Important - Elevation of Privilege - Does not require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS15-119 - Important
Security Update for Winsock to Address Elevation of Privilege (3104521)
- https://technet.micr...curity/MS15-119
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-120 - Important
Security Update for IPSec to Address Denial of Service (3102939)
- https://technet.micr...curity/MS15-120
Important - Denial of Service - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-121 - Important
Security Update for Schannel to Address Spoofing (3081320)
- https://technet.micr...curity/MS15-121
Important - Spoofing - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-122 - Important
Security Update for Kerberos to Address Security Feature Bypass (3105256)
- https://technet.micr...curity/MS15-122
Important - Security Feature Bypass - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-123 - Important
Security Update for Skype for Business and Microsoft Lync to Address Information Disclosure (3105872)
- https://technet.micr...curity/MS15-123
Important - Information Disclosure - May require restart - Microsoft Lync, Skype for Business
___

MS15-112: http://www.securityt....com/id/1034112
MS15-113: http://www.securityt....com/id/1034113
MS15-114: http://www.securityt....com/id/1034110
MS15-115: http://www.securityt....com/id/1034114
MS15-116: http://www.securityt....com/id/1034117
- http://www.securityt....com/id/1034119
- http://www.securityt....com/id/1034122
MS15-117: http://www.securityt....com/id/1034115
MS15-118: http://www.securityt....com/id/1034116
MS15-119: http://www.securityt....com/id/1034121
MS15-120: http://www.securityt....com/id/1034123
MS15-121: http://www.securityt....com/id/1034124
MS15-122: http://www.securityt....com/id/1034125
MS15-123: http://www.securityt....com/id/1034126
- http://www.securityt....com/id/1034127
___

- http://blogs.technet...se-summary.aspx
10 Nov 2015 - "Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released..."

Security Advisories:
Microsoft Security Advisory 3108638
Update for Windows Hyper-V to Address CPU Weakness
- https://technet.micr...ty/3108638.aspx
Nov 10, 2015

Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge
- https://technet.micr...ty/2755801.aspx
Nov 10, 2015 V50.0
___

Nov 2015 Office Update Release
- http://blogs.technet...te-release.aspx
10 Nov 2015 - "...  there are -60- security updates (2 bulletins) and 39 non-security updates..."
MS15-099 (updated): https://technet.micr...curity/MS15-099
MS15-116: https://technet.micr...curity/MS15-116
"... All of the security and non-security updates for November are listed in KB article 3108456..."
> https://support.micr...n-us/kb/3108456
___

ISC Analysis
- https://isc.sans.edu...l?storyid=20359
2015-11-10 18:05:54 UTC

.

Edited by AplusWebMaster, 10 November 2015 - 09:06 PM.

[AplusWebMaster]

FYI...

MS15-115 -KB3097877 causing severe difficulties for some Win7 users
- http://myonlinesecur...indows-updates/
11 Nov 2015 - "KB3097877 causing severe difficulties for some Windows 7 users November 2015 Windows updates. We are seeing numerous reports from Windows 7 users  about difficulties logging on to windows after doing the November 2015 patch Tuesday updates. We are also hearing about crashes in Outlook 2010 and 2013 when viewing HTML emails.
We also are hearing about crashes in gadgets in windows sidebar on Windows 7 computers. Gadgets have been deprecated and are not recommended for use any longer due to security issues...
All the problems appear to be caused by  KB3097877 which is part of a vital security update included in MS15-115. This update is a security update that updates Win32k.sys and Gdiplus.dll to help prevent a remote code execution if an attacker convinces a user to open a specially crafted document or to go to an untrusted webpage that contains embedded fonts.
Best advice we can give at the moment is NOT to install KB3097877 on any Windows7 computer until Microsoft has investigated and issued a workaround or revised patch. If you are suffering from Crashes in Outlook, then -uninstall- KB3097877..."

MS15-115: https://support.micr...n-us/kb/3097877
Last Review: 11/10/2015 18:28:00 - Rev: 1.0
___

>> https://social.techn...ceitproprevious

>> http://www.infoworld...ck-screens.html
Nov 11, 2015
 

Edited by AplusWebMaster, 11 November 2015 - 01:46 PM.

[AplusWebMaster]

FYI...

MS15-115 / re-released ...
- https://technet.micr...curity/MS15-115
V2.0 (November 11, 2015): Bulletin revised to inform customers running Windows 7 that the 3097877 update has been re-released to address an issue that caused crashes for some customers when they viewed certain emails. Customers who previously installed update 3097877 should -reinstall- the update to correct this known issue. See Microsoft Knowledge Base Article 3097877* for more information.
 
* https://support.micr...n-us/kb/3097877
Last Review: 11/11/2015 22:26:00 - Rev: 2.0 - "... Issues in this security update: We are aware of reports of crashes in all supported versions of Microsoft Outlook that occur when users are reading certain emails after this update is installed..."
 

[AplusWebMaster]

FYI...  MS15-115 - re-released r5, r8 / MS15-112 - IE11

MS15-115 / re-released ...
- https://technet.micr...curity/MS15-115
V2.0 (November 12, 2015): Bulletin revised to inform customers that the 3097877* update for Windows 7 and Windows Server 2008 R2 has been rereleased to correct a problem with the original update that could cause some applications to quit unexpectedly. Customers who have already successfully installed the update on Windows 7 or Windows Server 2008 R2 systems should reinstall the update.
 
* https://support.micr...n-us/kb/3097877
Last Review: 11/12/2015 19:00:00 - Rev: 5.0
___

- https://support.micr...n-us/kb/3097877
Last Review: 11/13/2015 02:21:00 - Rev: 8.0 <<
___

MS15-112 - File is "moved or deleted" or "cannot be found" error when you download PDF files in Internet Explorer 11 in Windows
- https://support.micr...n-us/kb/3110711
Last Review: 11/13/2015 07:25:00 - Rev: 3.0 <
"Prerequisites... you must install MS15-112: Security update for Internet Explorer: November 10, 2015 before you install this hotfix..."
 

Edited by AplusWebMaster, 13 November 2015 - 10:52 AM.

[AplusWebMaster]

FYI...

Win10 upgrade woes include deleted apps, system hangs
The rollout of Windows 10 version 1511 has hit a few bumps, but we have solutions
- http://www.infoworld...stem-hangs.html
Nov 13, 2015
 

[AplusWebMaster]

FYI...

Microsoft Security Bulletin MS15-115 - Critical
- https://technet.micr...curity/MS15-115

- https://support.micr...n-us/kb/3097877
Last Review: 11/18/2015 18:50:00 - Rev: 9.0
 

[AplusWebMaster]

FYI...

MS pulls Win10 v 1511 Threshold 2 release from download page
- http://www.infoworld...nload-page.html
Nov 23, 2015 - "... If you have a copy of the v 1511 ISO running around - you might've created it with the Media Creation Tool prior to last weekend, or you can still download it from MSDN - you can still upgrade straight to 1511. But if you don't have one in your back pocket, you get to upgrade twice. Why do I get the feeling that Microsoft is making this up as it goes along?"
 

[AplusWebMaster]

FYI...

Beware, latest Win10 Update may remove programs automatically
- http://www.ghacks.ne...-automatically/
Nov 24, 2015 - "Microsoft's Windows 10 operating system may uninstall programs - desktop programs that is - from the computer after installation of the big Fall update that the company released earlier this month. I noticed the issue on one PC that I upgraded to Windows 10 Version 1511 but not on other machines. The affected PC had Speccy*, a hardware information program, installed and Windows 10 notified me after the upgrade that the software had been -removed- from the system because of incompatibilities. There was no indication beforehand that something like this would happen, and what made this rather puzzling was the fact that a newly downloaded copy of Speccy would install and run fine on the upgraded system. According to reports on the Internet**, Speccy is not the only program affected by this. Others report that programs like CPU-Z, AMD Catalyst Control Center or CPUID were removed as well during the upgrade... While this could very well be a bug that slipped by Microsoft's quality control, it is a serious issue not only because of the removal itself, but also when it comes to the future of the operating system. The removal itself is bad enough. First, Microsoft should have the decency to inform users about the issue before the software is removed. Either do a check prior to running the upgrade or afterwards. Then, all reports indicate that the forcefully uninstalled software would install and run fine on the system without issues. This makes it more likely that a bug caused the issue and that it was not a deliberate action programmed into the update. The outlook is even worse. Who in their right mind would install an operating system that might remove installed software - maybe even paid for software or critical software - without user interaction or consent, especially if it turns out later that the software works just fine on the system? Windows 10 users give up control and since there is no way of telling if software will be removed after a Windows update, should consider backing up the system regularly before system updates so that it can be restored to an earlier stage if important software was removed by the update..."
* https://www.piriform.com/speccy

** https://www.reddit.c...r_apps_without/

> https://www.reddit.c..._10_decided_to/
___

Some settings may not have been retained when applying the November update (Version 1511)
- https://support.micr...n-us/kb/3121244
Last Review: 11/24/2015 22:01:00 - Rev: 1.0
Applies to: Windows 10
 

Edited by AplusWebMaster, 27 November 2015 - 04:34 PM.

[AplusWebMaster]

FYI...

- http://windowssecret...wsers-security/
Nov 26, 2015 - "... on Jan. 12, 2016, Microsoft is folding up the tent on Internet Explorer 7 and 8. After that date, only IE 9 on Vista, IE 10 on Windows Server 2012, and IE 11 on Windows 7 and 8.1 will get security updates. If you stick with an outdated version of IE, your vulnerability to malware will rise quickly..."
> http://blogs.msdn.co...t-explorer.aspx

- http://www.computerw...to-upgrade.html
Dec 1, 2015 - "Nearly 370 million Internet Explorer users have just six weeks to upgrade their browsers... The retired browsers will continue working, but Microsoft will halt technical support and -stop- serving security updates for the banned versions. According to data released by measurement vendor Net Applications, 44.8% of all IE users ran a soon-to-be-outdated edition of the browser... Companies that require older editions of IE to run Web apps or services can upgrade to IE11, then rely on that browser's 'Enterprise Mode' to mimic the older versions' rendering engines. Last week, Microsoft announced some enhancements to Enterprise Mode, including support for HTTP ports, and issued a kit that walks IT administrators through the chore of configuring Enterprise Mode. That kit can be downloaded from here*..."
* https://technet.micr...rowser/mt612809

> https://technet.micr...rowser/mt126196
 

Edited by AplusWebMaster, 05 December 2015 - 08:20 AM.

[AplusWebMaster]

FYI...

KB 3112336 and KB 3112343 are all about Win10
- http://www.infoworld...windows-10.html
Dec 2, 2015 - "Yesterday Microsoft released two big updates for its Windows Update Client. Those of you using Windows 7 have KB 3112343, and those with Windows 8.1 get KB 3112336.
Both updates appear to grease the skids for in-place upgrading to Windows 10. Unfortunately, the documentation is so sparse it's impossible to tell if the patches offer anything at all to users who don't intend to upgrade to Windows 10..."

Windows Update Client for Windows 7 and Windows Server 2008 R2
- https://support.micr...n-us/kb/3112343
Last Review: 12/02/2015 03:30:00 - Revision: 3.0
Applies to:
    Windows Server 2008 R2 Service Pack 1
    Windows 7 Service Pack 1

Windows Update Client for Windows 8.1 and Windows Server 2012 R2
- https://support.micr...n-us/kb/3112336
Last Review: 12/02/2015 03:30:00 - Revision: 3.0
Applies to:
    Windows Server 2012 R2 Datacenter
    Windows Server 2012 R2 Standard
    Windows Server 2012 R2 Essentials
    Windows Server 2012 R2 Foundation
    Windows 8.1 Enterprise
    Windows 8.1 Pro
    Windows 8.1
    Windows RT 8.1
___

Windows 10 devices can't connect to an 802.1X environment
- https://support.micr...n-us/kb/3121002
Last Review: 11/25/2015 00:55:00 - Rev: 2.0
Applies to:
    Windows 10
 

Edited by AplusWebMaster, 03 December 2015 - 07:44 AM.

[AplusWebMaster]

FYI...

Cumulative update KB 3116908 for Windows 10 version 1511 triggers errors
- http://www.infoworld...ers-errors.html
Dec 3, 2015 - "The sun may still be rising in the United States, but other parts of the world are already struggling with the latest cumulative update for Windows 10 version 1511 (a.k.a. build 10586, Threshold 2, or the Fall Update). The official Microsoft explanation for this new patch, known as KB 3116908, just says:
'This update includes improvements to enhance the functionality of Windows 10 Version 1511'...
Of course, if your PC is still stuck on the July 29 RTM version of Windows 10 - build 10240 - you are -not- getting any recent cumulative updates... Here's how to check your PC to see if you're on the latest upgrade trail. Start with the About Windows dialog (see screenshot*), which you can get to by typing "winver" in the Cortana search box and pressing Enter:
* http://core0.staticw...medium.idge.jpg
If you see "Version 10.0 (Build 10240)" on the second line, you're still running the original July 29 RTM version of Windows 10. There are many reasons why you might still be stuck on the original Win10. Perhaps the installer for version 1511 has repeatedly failed to run. Build 1511 also won't install if you upgraded from Win7 or 8.1 to Win10 fewer than 30 days previously and there's still a windows.old folder on your system. (If you aren't going to roll back to Win7 or 8.1, using an admin account, right-click on your c: drive and then choose Properties > Disk Cleanup > Clean up system files.) If you see "Version 1511 (OS Build 10586)," as in the screenshot, you have the first version of Threshold 2, which shipped on Nov. 12. Variously known as the Win10 Fall Update, November Update, Threshold 2, and other less-printable epithets, it's the version of Windows 10 that (in my opinion) should've been called Win 10.1 or Win10 SP1 or Win10 SU1... [released] just three weeks ago, Windows 10 version 1511 has gone through -several- major changes. Cumulative updates change the OS build number, and you can judge your PC's progress at installing those updates by looking at the build number... -Four- cumulative updates in three weeks, 230MB of changes with essentially no documentation... In addition, there have been several other updates to build 1511 whose exact functions have not been well documented..."

> https://support.micr...n-us/kb/3116908
Last Review: 12/03/2015 01:46:00 - Rev: 1.0
 

[AplusWebMaster]

FYI...

MS update IE mandate - 1.12.2016 update ...
- http://windowssecret...wsers-security/
Nov 26, 2015 - "... on Jan. 12, 2016, Microsoft is folding up the tent on Internet Explorer 7 and 8. After that date, only IE 9 on Vista, IE 10 on Windows Server 2012, and IE 11 on Windows 7 and 8.1 will get security updates. If you stick with an outdated version of IE, your vulnerability to malware will rise quickly..."
> http://blogs.msdn.co...t-explorer.aspx

- http://www.computerw...to-upgrade.html
Dec 1, 2015 - "Nearly 370 million Internet Explorer users have just six weeks to upgrade their browsers... The retired browsers will continue working, but Microsoft will halt technical support and -stop- serving security updates for the banned versions. According to data released by measurement vendor Net Applications, 44.8% of all IE users ran a soon-to-be-outdated edition of the browser... Companies that require older editions of IE to run Web apps or services can upgrade to IE11, then rely on that browser's 'Enterprise Mode' to mimic the older versions' rendering engines. Last week, Microsoft announced some enhancements to Enterprise Mode, including support for HTTP ports, and issued a kit that walks IT administrators through the chore of configuring Enterprise Mode. That kit can be downloaded from here*..."
* https://technet.micr...rowser/mt612809

> https://technet.micr...rowser/mt126196
___

IE11 for Win7...
> https://www.microsof...-7-details.aspx
 

Edited by AplusWebMaster, 05 December 2015 - 01:49 PM.

[AplusWebMaster]

FYI...

IE Sunset and XP Embedded End of Support
- https://isc.sans.edu...l?storyid=20459
Last Updated: 2015-12-08 - "... Rumor has it that with today's patch Tuesday, Microsoft may re-enable the auto-upgrade to Windows 10. You may flip the switch back to not update, but it will set itself to "on" once a day..."

[1] https://www.microsof...d-of-IE-support
[2] https://support.micr...lpha=Windows XP
​[3] http://www.computerw...e-strategy.html