No Image

December 2014 Updates

2014-12-10 KENNETH 0

Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office and Exchange. We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate XI, a full description can be found here. We re-released two Security Bulletins: MS14-065 Cumulative Security Update for Internet Explorer MS14-066 Vulnerability in Schannel Could Allow Remote Code Execution  One Security Advisory was revised: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (2755801).  For the latest information, you can follow the MSRC team [ more… ]

No Image

Advance Notification Service for the December 2014 Security Bulletin Release

2014-12-05 KENNETH 0

Today, we provide advance notification for the release of seven Security Bulletins. Three of these updates are rated Critical and four are rated as Important in severity. These updates are for Microsoft Windows, Internet Explorer (IE), Office and Exchange. As per our monthly process, we’ve scheduled the Security Bulletin release for the second Tuesday of the month, December 9, 2014, at approximately 10 a.m. PDT. Until then, please review the ANS summary page for more information to help you prepare for Security Bulletin testing and deployment. Follow us on Twitter at @MSFTSecResponse Tracey Pretorius, Director Response Communications Source: ms-msrc

No Image

Security Bulletin MS14-068 released

2014-11-20 KENNETH 0

Today, we released an out-of-band security update to address a vulnerability in Kerberos which could allow Elevation of Privilege. This update is for all supported versions of Windows Server and includes a defense-in-depth update for all supported versions of Windows. We strongly encourage customers to apply this update as soon as possible by following the directions in Security Bulletin MS14-068. Tracey Pretorius, Director Response Communications Source: ms-msrc

No Image

Out-of-band release for Security Bulletin MS14-068

2014-11-18 KENNETH 0

On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows. We strongly encourage customers to apply this update as soon as possible, following the directions in the security bulletin. More information about this bulletin can be found at Microsoft’s Bulletin Summary page. Tracey Pretorius, Director Response Communications Source: ms-msrc

No Image

November 2014 Updates

2014-11-12 KENNETH 0

Today, as part of Update Tuesday, we released 14 security updates – four rated Critical, nine rated Important, and two rated Moderate, to address 33 Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office, .NET Framework, Internet Information Services (IIS), Remote Desktop Protocol (RDP), Active Directory Federation Services (ADFS), Input Method Editor (IME) (Japanese), and Kernel Mode Driver (KMD). We encourage you to apply all of these updates, but for those who need to prioritize deployment planning, we recommend focusing on the Critical updates first. For additional insight on deployment priority, review the Security Research and Defense blog “Assessing risk for the November 2014 security updates.” For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are [ more… ]