Microsoft Security Bulletin(s) for February 10, 2015

Discussion in 'other security issues & news' started by NICK ADSL UK, Feb 10, 2015.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for February 10, 2015
    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).

    Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:
    »technet.microsoft.com/library/se···ms15-feb

    Critical (3)

    Microsoft Security Bulletin MS15-009
    Security Update for Internet Explorer (3034682)
    »technet.microsoft.com/library/se···ms15-009

    Microsoft Security Bulletin MS15-010
    Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (3036220)
    »technet.microsoft.com/library/se···ms15-010

    Microsoft Security Bulletin MS15-011
    Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)
    »technet.microsoft.com/library/se···ms15-011

    Important (6)

    Microsoft Security Bulletin MS15-012
    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution 3032328
    »technet.microsoft.com/library/se···ms15-012

    Microsoft Security Bulletin MS15-013
    Vulnerability in Microsoft Office Could Allow Security Feature Bypass (3033857)
    »technet.microsoft.com/library/se···ms15-013

    Microsoft Security Bulletin MS15-014
    Vulnerability in Group Policy Could Allow Security Feature Bypass (3004361)
    »technet.microsoft.com/library/se···ms15-014

    Microsoft Security Bulletin MS15-015
    Vulnerability in Microsoft Windows Could Allow Elevation of Privilege (3031432)
    »technet.microsoft.com/library/se···ms15-015

    Microsoft Security Bulletin MS15-016
    Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3029944)
    »technet.microsoft.com/library/se···ms15-016

    Microsoft Security Bulletin MS15-017
    Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege 3035898
    »technet.microsoft.com/library/se···ms15-017

    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
    --
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    ********************************************************************
    Title: Microsoft Security Bulletin Releases
    Issued: February 10, 2015
    ********************************************************************

    Summary
    =======

    The following bulletins have undergone a major revision increment.

    * MS14-083 - Important


    Bulletin Information:
    =====================

    MS14-083 - Important

    - Title: Vulnerabilities in Microsoft Excel Could Allow Remote
    Code Execution (3017347)
    - https://technet.microsoft.com/library/security/ms14-083
    - Reason for Revision: V2.0 (February 10, 2015): Bulletin
    rereleased to announce the availability of an additional
    update package for Microsoft Excel Viewer (2920791) that
    addresses the vulnerabilities discussed in this bulletin.
    Note that the 2920791 update also addresses a vulnerability
    discussed in MS15-012, which is being released concurrently.
    Microsoft recommends that customers running Microsoft Excel
    Viewer apply the 2920791 update at their earliest convenience.
    See the Affected Software table for the download link.
    - Originally posted: December 9, 2014
    - Updated: February 10, 2015
    - Bulletin Severity Rating: Important
    - Version: 2.0
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Shortly after the release of KB2920732 , Microsoft became aware of an issue affecting users of PowerPoint 2013 on Windows RT devices. We have removed KB2920732 from the Microsoft Download Center and Microsoft Update and will provide a new update as soon as a fix is available. In the meantime, impacted users can refresh their PC by following the directions here: https://support.microsoft.com/kb/2751424. This will refresh the device, while keeping your personal files and settings.
    http://blogs.technet.com/b/office_s...oint-2013-update-kb2920732-february-2015.aspx


    The Microsoft Office Sustained Engineering Team
    https://social.technet.microsoft.com/profile/The Microsoft Office Sustained Engineering Team
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Advisory Notification Issued: February 16, 2015
    Security Advisories Updated or Released Today

    * Microsoft Security Advisory 3009008
    - Title: Vulnerability in SSL 3.0 Could Allow Information
    Disclosure
    - »technet.microsoft.com/library/se ··· /3009008
    - Revision Note: V2.3 (February 16, 2015): Revised advisory to
    announce the planned date for disabling SSL 3.0 by default in
    Internet Explorer 11.
    --
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK

    February 16, 2015 update for PowerPoint 2013 (KB2956149)
    Notice

    This update replaces updateKB2920732, which is no longer available. If you have already installed updateKB2920732, install this update to obtain the new version of this update.
     
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions Issued: February 18, 2015

    Summary


    The following bulletins have undergone a minor revision increment.

    Please see the appropriate bulletin for more details.

    * MS15-010 - Critical

    Bulletin Information:

    MS15-010 - Critical
    - Title: Vulnerabilities in Windows Kernel-Mode Driver Could
    Allow Remote Code Execution
    - »technet.microsoft.com/library/se ··· ms15-010
    - Reason for Revision: V1.1 (February 18, 2015): Bulletin revised
    to add an Update FAQ that explains why there are two packages
    on the Microsoft Download Center pages for affected editions of
    Windows Server 2003, Windows Server 2008, and Windows Vista.
    The additional package (3037639) is not needed to be protected
    from the vulnerabilities addressed by the 3013455 update; it
    simply corrects a text quality problem that some customers
    experienced after installing the 3013455 update on the
    indicated systems.
    - Originally posted: February 10, 2015
    - Updated: February 18, 2015
    - Bulletin Severity Rating: Critical
    - Version: 1.1
    --
     
Loading...
Thread Status:
Not open for further replies.