5 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...curity/ms16-feb
Feb 9, 2016 - "This bulletin summary lists security bulletins released for February 2016...
(Total of -13-)

Microsoft Security Bulletin MS16-009 - Critical
Cumulative Security Update for Internet Explorer (3134220)
- https://technet.micr...curity/MS16-009
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS16-011 - Critical
Cumulative Security Update for Microsoft Edge (3134225)
- https://technet.micr...curity/MS16-011
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Edge

Microsoft Security Bulletin MS16-012 - Critical
Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3138938)
- https://technet.micr...curity/MS16-012
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-013 - Critical
Security Update for Windows Journal to Address Remote Code Execution (3134811)
- https://technet.micr...curity/MS16-013
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-014 - Important
Security Update for Microsoft Windows to Address Remote Code Execution (3134228)
- https://technet.micr...curity/MS16-014
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-015 - Critical
Security Update for Microsoft Office to Address Remote Code Execution (3134226)
- https://technet.micr...curity/MS16-015
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Office Services and Web Apps, Microsoft Server Software

Microsoft Security Bulletin MS16-016 - Important
Security Update for WebDAV to Address Elevation of Privilege (3136041)
- https://technet.micr...curity/MS16-016 
Important - Elevation of Privilege - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-017 - Important
Security Update for Remote Desktop Display Driver to Address Elevation of Privilege (3134700)
- https://technet.micr...curity/MS16-017
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-018 - Important
Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3136082)
- https://technet.micr...curity/MS16-018
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-019 - Important
Security Update for .NET Framework to Address Denial of Service (3137893)
- https://technet.micr...curity/MS16-019
Important - Denial of Service - May require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS16-020 - Important
Security Update for Active Directory Federation Services to Address Denial of Service (3134222)
- https://technet.micr...curity/MS16-020
Important - Denial of Service - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-021 - Important
Security Update for NPS RADIUS Server to Address Denial of Service (3133043)
- https://technet.micr...curity/MS16-021
Important - Denial of Service - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-022 - Critical
Security Update for Adobe Flash Player (3135782)
- https://technet.micr...curity/MS16-022
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Adobe Flash Player
V1.1 (Feb 12, 2016): Revised bulletin to add links to update 3135782 on the Download Center for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows Server 2012, and Windows Server 2012 R2. This is an informational change only. Customers who have already successfully installed the update do not need to take any further action.

___

- http://blogs.technet...se-summary.aspx
9 Feb 2016

Security Advisories
- https://technet.micr...y/mt631688.aspx

MS Security Advisory 3137909
Vulnerabilities in ASP.NET Templates Could Allow Tampering
- https://technet.micr...ty/3137909.aspx
Feb 9, 2016
> http://www.securityt....com/id/1034988
Feb 10 2016
> http://www.securityt....com/id/1034987
Feb 10 2016

Microsoft Security Advisory 2871997
Update to Improve Credentials Protection and Management
- https://technet.micr...ecurity/2871997
Published: May 13, 2014 | Updated: Feb 9, 2016 - Ver: 5.0

V5.0 (Feb 9, 2016): Re-released advisory to announce the release of update 3126593* to enable the Restricted Admin mode for Credential Security Support Provider (CredSSP) by default...
* https://support.micr...n-us/kb/3126593
___

February 2016 Office Update Release
- http://blogs.technet...te-release.aspx
9 Feb 2016 - "...  there are 26 security updates (1 bulletin) and 53 non-security updates.
Security bulletins:
    MS16-015 - https://technet.micr...curity/MS16-015
All of the security and non-security updates for January are listed in KB article 3137471*..."
- https://support.micr...n-us/kb/3137471
Last Review: 02/09/2016 20:35:00 - Rev: 1.0
___

MS16-009: http://www.securityt....com/id/1034971
MS16-011: http://www.securityt....com/id/1034972
MS16-012: http://www.securityt....com/id/1034973
MS16-013: http://www.securityt....com/id/1034974
MS16-014: http://www.securityt....com/id/1034985
MS16-015: http://www.securityt....com/id/1034975
- http://www.securityt....com/id/1034976
MS16-016: http://www.securityt....com/id/1034980
MS16-017: http://www.securityt....com/id/1034981
MS16-018: http://www.securityt....com/id/1034982
MS16-019: http://www.securityt....com/id/1034983
MS16-020: http://www.securityt....com/id/1034984
MS16-021: http://www.securityt....com/id/1034986
___

ISC Analysis
- https://isc.sans.edu...l?storyid=20711
2016-02-09

Qualys Analysis
- https://blog.qualys....y-february-2016
Feb 9, 2016

.

Edited by AplusWebMaster, 15 February 2016 - 09:32 AM.

[AplusWebMaster]

FYI...

MS16-014: https://technet.micr...curity/MS16-014
V2.0 (February 10, 2016): Bulletin revised to announce the availability of update 3126041* for Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 for Itanium-based Systems, Windows 8.1, and Windows Server 2012 R2. Customers should apply the applicable updates to be protected from the vulnerabilities discussed in this bulletin...
* https://support.micr...n-us/kb/3126041
Last Review: 02/11/2016 01:34:00 - Rev: 2.1

MS16-014: https://support.micr...n-us/kb/3126587
"Known issue... Customers using Corel VideoStudio X8 or Corel VideoStudio X9 on Windows 7 may experience a crash while launching or using that product. Customers should install the latest updates from Corel to prevent this issue, or contact Corel for more information and help..."
___

.NET Framework 4.6.1 and Exchange compatibility
- http://blogs.technet...patibility.aspx
10 Feb 2016 - "... the .NET Framework 4.6.1 has been made a -recommended- update on WU (Windows Update).
As we have already stated in the Exchange Supportability Matrix, at this time, this version of .NET framework is not supported by Exchange. In fact, we know of some issues* if it is installed. We are working with the .NET team to ensure that Exchange customers have a smooth transition to .NET Framework 4.6.1, but in the meantime, -delay- this particular .NET update on your Exchange servers..."

Mailboxes are quarantined and databases fail over unexpectedly in Exchange Server 2013
* https://support.micr...n-us/kb/3095369
Last Review: 09/16/2015 19:05:00 - Rev: 3.0
Applies to:
    Microsoft Exchange Server 2013 Standard
    Microsoft Exchange Server 2013 Enterprise
___

Office 2010 patch KB 3114750 clobbers Outlook Calendar (again)
- http://www.infoworld...ndar-again.html
Feb 11, 2016
> https://support.micr...n-us/kb/3114750
Last Review: 02/09/2016 19:26:00 - Rev: 1.0
Applies to:
    MS Office 2010 SP2
_____

These appear to be 'Win10 preps'/nagware that you may want to 'Hide' on your "Recommended Updates" list:

Updated capabilities to upgrade Windows 8.1 and Windows 7
- https://support.micr...n-us/kb/3123862
Last Review: 02/11/2016 01:42:00 - Rev: 3.0
Applies to:
    Windows 8.1 ...
    Windows 7 SP1
 
Compatibility update for upgrading Windows 7
- https://support.micr...n-us/kb/2952664
Last Review: 02/02/2016 20:42:00 - Rev: 17.0
Applies to:
    Windows 7 SP1

Also see: http://www.infoworld...kb-3123862.html
Feb 11, 2016
 

Edited by AplusWebMaster, 11 February 2016 - 04:00 PM.

[AplusWebMaster]

FYI...

Office 2013 patch KB 3114717 freezes 32-bit Word 2013 on Win 7, 8.1, 10
There are reports of the patch causing similar lockup problems with Excel 2013 and Outlook 2013
- http://www.infoworld...in-7-81-10.html
Feb 12, 2016

> https://social.techn...rum=officeitpro
Feb 12, 2016 - "... We are continuing to investigate why Update KB3114717 causes Word to slow down or hang. As a workaround, you can safely -remove- that update and we will post more information here as we learn more..."

- https://support.micr...n-us/kb/3114717
Last Review: 02/13/2016 02:01:00 - Rev: 2.0
"Notice: Update 3114717 is no longer available because it causes Microsoft Office 2013 apps, such as Microsoft Word and Microsoft Outlook, to slow down or freeze. If you’ve installed this update and you're experiencing these issues, you can safely remove the update.
> https://support.micr...kmark-uninstall
How to uninstall this update..."
 

Edited by AplusWebMaster, 13 February 2016 - 07:30 AM.

[AplusWebMaster]

FYI...

"... opened up -five- support cases to investigate 'resetting of applications' after KB3135173*"
S. Bradley - 2016-02-15

Cumulative update for Windows 10 Version 1511
* https://support.micr...n-us/kb/3135173
Last Review: 02/09/2016 19:17:00 - Rev: 1.0
Applies to:
    Windows 10 Version 1511

> http://www.tenforums...t-defaults.html

> https://social.techn...n10itprogeneral

> https://www.reddit.c...hat_is_this_bs/

> http://answers.micro...10-fcd4873ce3af

> https://www.reddit.c...ault_was_reset/

"... this is -not- how Windows 10 is expected to handle updates."
___

- http://www.infoworld...r-defaults.html
Feb 16, 2016
 

Edited by AplusWebMaster, 16 February 2016 - 11:11 AM.

[AplusWebMaster]

FYI...

Win10 -nagware- KB 3035583 reappears on Win7/8.1 PCs
- http://www.infoworld...win781-pcs.html
Feb 24, 2016

Update installs 'Get Windows 10 app' in Windows 8.1 and Windows 7 SP1
> https://support.micr...n-us/kb/3035583
Last Review: 02/24/2016 15:20:00 - Rev: 10.0

- http://windowssecret...ther-get-win10/
Feb 25, 2016
___

Microsoft Security Bulletin MS16-014 - Important
Security Update for Microsoft Windows to Address Remote Code Execution (3134228)
- https://technet.micr...curity/MS16-014

MS16-014: Description of the security update for Windows
> https://support.micr...n-us/kb/3126041
Last Review: 02/24/2016 15:21:00 - Rev: 4.0
[See: "Known issues in this security update"]
___

Win10: Telemetry and other settings
> https://technet.micr...8(v=vs.85).aspx
Last updated: Feb 23, 2016
Applies to: Windows 10
 

Edited by AplusWebMaster, 27 February 2016 - 05:59 AM.

[AplusWebMaster]

FYI...

Deja vu all over again: Microsoft reissues KB 2952664, KB 2976978, KB 2977759
The three Win7/8.1 updates have returned and brought the warmed-over KB 3138612 and 3138615 Windows Update patches with them
- http://www.infoworld...kb-2977759.html
Mar 2, 2016 - "Yesterday, Microsoft re-re-released three patches - KB 2952664, KB 2976978 and KB 2977759 - all of which offer "compatibility" updates for those of you hell-bent on upgrading from Windows 7 or 8.1 to Windows 10 via Windows Update. We also received two -new- patches - KB 3138612 and KB 3138615 - that update Windows Update by replacing their tired, old counterparts... If you're running Windows 7 and headed to Windows 10 sometime soon, then by all means, install the 'patch'. If not, fuhgeddaboutit... Bottom line: Unless Windows Update is horribly slow, I don't see any reason at all to install any of these 'optional' updates."

Compatibility update for upgrading Windows 7
- https://support.micr...n-us/kb/2952664
Last Review: 03/01/2016 17:31:00 - Rev: 18.0

Compatibility update for Windows 8.1 and Windows 8
- https://support.micr...n-us/kb/2976978
Last Review: 03/01/2016 17:32:00 - Rev: 21.0

Compatibility update for Windows 7 RTM
- https://support.micr...n-us/kb/2977759
Last Review: 03/01/2016 17:33:00 - Rev: 17.0
___

Windows Update Client for Windows 7 and Windows Server 2008 R2: March 2016
- https://support.micr...n-us/kb/3138612
Last Review: 03/01/2016 17:27:00 - Rev: 1.0

Windows Update Client for Windows 8.1 and Windows Server 2012 R2: March 2016
- https://support.micr...n-us/kb/3138615
Last Review: 03/01/2016 17:27:00 - Rev: 1.0