Microsoft Security Bulletin for February 2015

Microsoft has released nine bulletins, three rated as Critical and six Important.

The updates address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software.

One Security Bulletin was re-released: MS14-083 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution

One new Security Advisory was released: Update for Windows Command Line Auditing (3004375).

One Security Advisory was revised: Vulnerability in SSL 3.0 Could Allow Information Disclosure (3009008).

MSRC: http://blogs.technet.com/b/msrc/archive/2015/02/10/february-2015-updates.aspx
TechNet: https://technet.microsoft.com/library/security/ms15-feb

Tags:

Microsoft Security Bulletin for January 2015

MSRC Team

Today, as part of Update Tuesday, we released eight security updates – one rated Critical and seven rated Important in severity, to address eight unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows.

We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate XI, a full description can be found here.

We re-released one Security Bulletin:

MS14-080 Cumulative Security Update for Internet Explorer

One Security Advisory was revised:

Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

For the latest information, you can follow the MSRC team on Twitter at @MSFTSecResponse.

http://blogs.technet.com/b/msrc/archive/2015/01/13/january-2015-updates.aspx
Security TechCenter: https://technet.microsoft.com/library/security/ms15-jan

Tags:

Microsoft Security Bulletin for December 2014

From Microsoft’s MSRC Team

Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office and Exchange.

We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate XI, a full description can be found here.

We re-released two Security Bulletins:

MS14-065 Cumulative Security Update for Internet Explorer
MS14-066 Vulnerability in Schannel Could Allow Remote Code Execution

One Security Advisory was revised:

Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (2755801).

For the latest information, you can follow the MSRC team on Twitter at @MSFTSecResponse.

Tracey Pretorius, Director
Response Communications

krebsonsecurity
Microsoft, Adobe Push Critical Security Fixes

Tags: -

Microsoft Security Bulletin for November 2014

Microsoft Security Response Center:

Today, we provide advance notification for the release of 16 Security Bulletins. Five of these updates are rated Critical, nine are rated as Important, and two are rated Moderate in severity. These updates are for Microsoft Windows, Internet Explorer, Office, Exchange, .NET Framework, Internet Information Services (IIS), Remote Desktop Protocol (RDP), Active Directory Federation Services (ADFS), Input Method Editor (IME) (Japanese), and Kernel Mode Driver (KMD).

As per our monthly process, we’ve scheduled the Security Bulletin release for the second Tuesday of the month, November 11, 2014, at approximately 10 a.m. PST. At that time, we’ll provide deployment guidance. Until then, please review the ANS summary page for more information to help you prepare for Security Bulletin testing and deployment.

MSRC:
http://blogs.technet.com/b/msrc/archive/2014/11/06/advance-notification-service-for-the-november-2014-security-bulletin-release.aspx
Security TechCenter:
https://technet.microsoft.com/library/security/ms14-nov

Tags:

Microsoft Security Bulletin for October 2014

Today, we provide advance notification for the release of nine Security Bulletins. Three of these updates are rated Critical, five are rated as Important, and one is rated Moderate in severity. These updates are for Microsoft Windows, Internet Explorer, Office, .NET Framework, and ASP.NET.

As per our usual process, we’ve scheduled the Security Bulletin release for the second Tuesday of the month, October 14, 2014, at approximately 10 a.m. PDT. Revisit this blog then for analysis of the relative impact, as well as deployment guidance, together with a brief video overview of the month’s updates. Until then, please review the ANS summary page for more information to help you prepare for Security Bulletin testing and deployment.

MSRC:
http://blogs.technet.com/b/msrc/archive/2014/10/09/advance-notification-service-for-the-october-2014-security-bulletin-release.aspx

Technet: https://technet.microsoft.com/library/security/ms14-oct

Tags:

Microsoft Security Bulletin Summary for September 2014

Microsoft released four bulletins, one critical and three important.

This bulletin summary lists security bulletins released for September 2014.

With the release of the security bulletins for September 2014, this bulletin summary replaces the bulletin advance notification originally issued September 4, 2014. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.

Microsoft is hosting a webcast to address customer questions on these bulletins on September 10, 2014, at 11:00 AM Pacific Time (US & Canada). To view the monthly webcast and for links to additional security bulletin webcasts, see Microsoft Security Bulletin Webcast.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

https://technet.microsoft.com/library/security/ms14-sep

Tags:

Microsoft Security Bulletin Summary for September 2014

Microsoft released four bulletins, one critical and three important.

This bulletin summary lists security bulletins released for September 2014.

With the release of the security bulletins for September 2014, this bulletin summary replaces the bulletin advance notification originally issued September 4, 2014. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.

Microsoft is hosting a webcast to address customer questions on these bulletins on September 10, 2014, at 11:00 AM Pacific Time (US & Canada). To view the monthly webcast and for links to additional security bulletin webcasts, see Microsoft Security Bulletin Webcast.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

https://technet.microsoft.com/library/security/ms14-sep

Tags:

Microsoft Security Bulletin for August 2014

On Tuesday, August 12, 2014, Microsoft is planning to release nine bulletins.

MSRC

Two of these are rated Critical, and the remaining seven are rated Important in severity. These Updates are for SQL Server, SharePoint, OneNote, .NET, Microsoft Windows, and Internet Explorer.

As per our usual process, we’ve scheduled the Security Bulletin release for the second Tuesday of the month, August 12, 2014, at approximately 10 a.m. PDT

http://blogs.technet.com/b/msrc/archive/2014/08/07/advance-notification-service-for-the-august-2014-security-bulletin-release.aspx

https://technet.microsoft.com/en-us/library/security/ms14-aug.aspx

Tags:

Microsoft Security Bulletin for July 2014

MSRC

This month’s release includes six new security bulletins, addressing 29 Common Vulnerability and Exposures (CVEs) in Microsoft Windows and Internet Explorer. Two of these security bulletins are rated Critical, three are rated Important, and one rated Moderate in severity. As always, we encourage you to apply all of the updates, but for those who prioritize, we recommend the Windows Journal and Internet Explorer (IE) updates be on the top of your list.

http://blogs.technet.com/b/msrc/archive/2014/07/08/july-2014-security-bulletin-release.aspx

https://technet.microsoft.com/library/security/ms14-jul

Tags:

Microsoft Security Bulletin for June 2014

Microsoft released seven bulletins. Two listed as Critical and five Important in severity, addressing 66 Common Vulnerabilities and Exposures (CVEs) for Microsoft Windows, Internet Explorer, and Microsoft Office customers.

Theoretical Thinking and the June 2014 Bulletin Release
http://blogs.technet.com/b/msrc/archive/2014/06/10/theoretical-thinking-and-the-june-2014-bulletin-release.aspx

Technet: https://technet.microsoft.com/library/security/ms14-jun

Tags: