Microsoft Security Bulletin(s) for February 10, 2015

Microsoft Security Bulletin(s) for February 10, 2015
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»technet.microsoft.com/library/se···ms15-feb

Critical (3)

Microsoft Security Bulletin MS15-009
Security Update for Internet Explorer (3034682)
»technet.microsoft.com/library/se···ms15-009

Microsoft Security Bulletin MS15-010
Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (3036220)
»technet.microsoft.com/library/se···ms15-010

Microsoft Security Bulletin MS15-011
Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)
»technet.microsoft.com/library/se···ms15-011

Important (6)

Microsoft Security Bulletin MS15-012
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution 3032328
»technet.microsoft.com/library/se···ms15-012

Microsoft Security Bulletin MS15-013
Vulnerability in Microsoft Office Could Allow Security Feature Bypass (3033857)
»technet.microsoft.com/library/se···ms15-013

Microsoft Security Bulletin MS15-014
Vulnerability in Group Policy Could Allow Security Feature Bypass (3004361)
»technet.microsoft.com/library/se···ms15-014

Microsoft Security Bulletin MS15-015
Vulnerability in Microsoft Windows Could Allow Elevation of Privilege (3031432)
»technet.microsoft.com/library/se···ms15-015

Microsoft Security Bulletin MS15-016
Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3029944)
»technet.microsoft.com/library/se···ms15-016

Microsoft Security Bulletin MS15-017
Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege 3035898
»technet.microsoft.com/library/se···ms15-017

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
--

 

********************************************************************
Title: Microsoft Security Bulletin Releases
Issued: February 10, 2015
********************************************************************

Summary
=======

The following bulletins have undergone a major revision increment.

* MS14-083 - Important


Bulletin Information:
=====================

MS14-083 - Important

- Title: Vulnerabilities in Microsoft Excel Could Allow Remote
Code Execution (3017347)
- https://technet.microsoft.com/library/security/ms14-083
- Reason for Revision: V2.0 (February 10, 2015): Bulletin
rereleased to announce the availability of an additional
update package for Microsoft Excel Viewer (2920791) that
addresses the vulnerabilities discussed in this bulletin.
Note that the 2920791 update also addresses a vulnerability
discussed in MS15-012, which is being released concurrently.
Microsoft recommends that customers running Microsoft Excel
Viewer apply the 2920791 update at their earliest convenience.
See the Affected Software table for the download link.
- Originally posted: December 9, 2014
- Updated: February 10, 2015
- Bulletin Severity Rating: Important
- Version: 2.0

 

February 2015 Security Release ISO Image

Details

Version:
3000483

File Name:
Windows-KB913086-201502.iso

Date Published:
2/10/2015

File Size:
3.7 GB

http://www.microsoft.com/en-us/download/details.aspx?id=45874&WT.mc_id=rss_windows_allproducts

 

Shortly after the release of KB2920732 , Microsoft became aware of an issue affecting users of PowerPoint 2013 on Windows RT devices. We have removed KB2920732 from the Microsoft Download Center and Microsoft Update and will provide a new update as soon as a fix is available. In the meantime, impacted users can refresh their PC by following the directions here: https://support.microsoft.com/kb/2751424. This will refresh the device, while keeping your personal files and settings.
http://blogs.technet.com/b/office_s...oint-2013-update-kb2920732-february-2015.aspx


The Microsoft Office Sustained Engineering Team
https://social.technet.microsoft.com/profile/The Microsoft Office Sustained Engineering Team

 

Microsoft Security Advisory Notification Issued: February 16, 2015
Security Advisories Updated or Released Today

* Microsoft Security Advisory 3009008
- Title: Vulnerability in SSL 3.0 Could Allow Information
Disclosure
- »technet.microsoft.com/library/se ··· /3009008
- Revision Note: V2.3 (February 16, 2015): Revised advisory to
announce the planned date for disabling SSL 3.0 by default in
Internet Explorer 11.
--

 

February 16, 2015 update for PowerPoint 2013 (KB2956149)
Notice
This update replaces updateKB2920732, which is no longer available. If you have already installed updateKB2920732, install this update to obtain the new version of this update.

 

Microsoft Security Bulletin Minor Revisions Issued: February 18, 2015

Summary

The following bulletins have undergone a minor revision increment.

Please see the appropriate bulletin for more details.

* MS15-010 - Critical

Bulletin Information:

MS15-010 - Critical
- Title: Vulnerabilities in Windows Kernel-Mode Driver Could
Allow Remote Code Execution
- »technet.microsoft.com/library/se ··· ms15-010
- Reason for Revision: V1.1 (February 18, 2015): Bulletin revised
to add an Update FAQ that explains why there are two packages
on the Microsoft Download Center pages for affected editions of
Windows Server 2003, Windows Server 2008, and Windows Vista.
The additional package (3037639) is not needed to be protected
from the vulnerabilities addressed by the 3013455 update; it
simply corrects a text quality problem that some customers
experienced after installing the 3013455 update on the
indicated systems.
- Originally posted: February 10, 2015
- Updated: February 18, 2015
- Bulletin Severity Rating: Critical
- Version: 1.1
--