Issues for two Windows kernel patches - Feb 2015
FYI...
Lingering issues for two Windows kernel patches - Feb 2015
- http://windowssecrets.com/patch-watc...ernel-patches/
Feb 25, 2015 - "We see fewer and fewer updates appearing on the unofficial, fourth-week Patch Tuesday. But we need that time to clean-up-patch-issues from the -official- Patch Tuesday. As has become typical, February saw -several- troublesome patches. But Microsoft seems to be jumping on them more quickly.
> Changing Lithuania’s currency symbol: KB 3006137 is the only official Microsoft update released this week. Its sole function is to change Lithuania’s currency symbol in Windows from litai (Lt) to euros (€). (The country adopted the euro on Jan. 1.) The update is for all current versions of Windows except Vista. (Win7 users must be on Service Pack 1, and Win8 users must be on Version 2.1 Update [KB 2919355].) You should see KB 3006137 as an -unchecked- optional patch in Windows Update, but Microsoft also offers it as a hotfix. Plus, the patch’s support page includes instructions for manually changing currency symbols and other language settings. Those of you who follow European news know that there’s an ongoing debate on whether to keep the euro. England never adopted it, and there’s recently been speculation that Greece will drop it.
But as a tourist traveling through several European nations last year, I found that using just one currency was efficient and extremely convenient.
- What to do: KB 3006137 is completely optional. If you have no need to work with Lithuanian currency, you -can- skip it — or install it just to keep your system fully up to date.
MS15-009 (3023607, 3038778): IE 11 security feature catches VPN apps: February’s critical Internet Explorer update (MS15-009) fixed -41- vulnerabilities; for IE 11, it also included two companion updates. KB 3038778 is a security enhancement that, by default, prevents SSL 3.0 fallbacks with Protected Mode sites (more info*). This was primarily a defense against POODLE attacks. KB 3023607 was designed to prevent use of the less secure Transport Layer Security protocol."
* http://blogs.msdn.com/b/ie/archive/2...-fallback.aspx
___
- http://www.infoworld.com/article/288...meltdowns.html
Feb 26, 2015
:fear::fear:
FREAK security bypass vuln - MS Security Advisory 3046015
FYI...
Microsoft Security Advisory 3046015
Vulnerability in Schannel Could Allow Security Feature Bypass
- https://technet.microsoft.com/en-us/...y/3046015.aspx
March 5, 2015 - "Microsoft is aware of a security feature bypass vulnerability in Secure Channel (Schannel) that affects all supported releases of Microsoft Windows. Our investigation has verified that the vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system. The vulnerability facilitates exploitation of the publicly disclosed FREAK technique, which is an industry-wide issue that is not specific to Windows operating systems. When this security advisory was originally released, Microsoft had not received any information to indicate that this issue had been publicly used to attack customers. We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
Mitigating Factors: A server needs to support RSA key exchange export ciphers for an attack to be successful.
Recommendation: Please see the Suggested Actions section of this advisory for workarounds* to disable the RSA export ciphers. Microsoft recommends that customers use these workarounds to mitigate this vulnerability...
* https://technet.microsoft.com/en-us/...ly_Workarounds
Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available.
• Disable RSA key exchange ciphers using the Group Policy Object Editor (Windows Vista and later systems only).
You can disable the RSA key exchange ciphers in Windows Vista and later systems by modifying the SSL Cipher Suite order in the Group Policy Object Editor..."
(More detail at the MS URL above.)
>> Browser check: https://freakattack.com/ || https://www.ssllabs.com/ssltest/viewMyClient.html
"...If you run a server …
You should immediately disable support for TLS export cipher suites. While you’re at it, you should also disable other cipher suites that are known to be insecure and enable forward secrecy. For instructions on how to secure popular HTTPS server software, we recommend Mozilla’s security configuration guide and their SSL configuration generator. We also recommend testing your configuration with the Qualys SSL Labs SSL Server Test tool**.
If you use a browser …
Make sure you have the most recent version of your browser installed, and check for updates frequently. Updates that fix the FREAK attack should be available for all major browsers soon.
** https://www.ssllabs.com/ssltest/
> https://web.nvd.nist.gov/view/vuln/d...=CVE-2015-1637
Last revised: 03/06/2015
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2015-0204 - 5.0
Last revised: 03/05/2015
___
- http://blog.trendmicro.com/trendlabs...er-encryption/
"... Microsoft[1] has confirmed all version of Windows are vulnerable. Red Hat confirmed that versions 6 and 7 of Red Hat Enterprise Linux (RHEL)[2] are vulnerable as well. Browsers that are vulnerable to the FREAK vulnerability include Internet Explorer[3], Opera (Mac OS X / Linux)[3], and Safari[3]..."
1] https://technet.microsoft.com/library/security/3046015
2] https://access.redhat.com/articles/1369543
3] http://thehackernews.com/2015/03/fre...ability_5.html
___
- https://www.us-cert.gov/ncas/current...-Vulnerability
Mar 6, 2015 - "FREAK (Factoring Attack on RSA-EXPORT Keys CVE-2015-0204) is a weakness in some implementations of SSL/TLS that may allow an attacker to decrypt secure communications between vulnerable clients and servers. Google has released an updated version of its Android OS and Chrome browser for OS X to mitigate the vulnerability. Microsoft has released a Security Advisory that includes a workaround for supported Windows systems. Users and administrators are encouraged to review Vulnerability Note VU#243585* for more information and apply all necessary mitigations as vendors make them available. Users may visit freakattack.com** to help determine whether their browsers are vulnerable..."
* http://www.kb.cert.org/vuls/id/243585
** https://freakattack.com/
___
Microsoft Security Advisory 3046015
Vulnerability in Schannel Could Allow Security Feature Bypass
- https://technet.microsoft.com/en-us/...y/3046015.aspx
Updated: March 10, 2015 - "... We have issued Microsoft Security Bulletin MS15-031* to address this issue. For more information about this issue, including download links for an available security update, please review the security bulletin. The vulnerability addressed is the Schannel Security Feature Bypass Vulnerability - https://web.nvd.nist.gov/view/vuln/d...=CVE-2015-1637 "
* https://technet.microsoft.com/library/security/MS15-031
March 10, 2015 - "This security update resolves a vulnerability in Microsoft Windows that facilitates exploitation of the publicly disclosed FREAK technique, an industry-wide issue that is not specific to Windows operating systems. The vulnerability could allow a man-in-the-middle (MiTM) attacker to force the downgrading of the key length of an RSA key to EXPORT-grade length in a TLS connection. Any Windows system using Schannel to connect to a remote TLS server with an insecure cipher suite is affected... This security update also addresses the vulnerability first described in Microsoft Security Advisory 3046015[1]. For more information about this update, see Microsoft Knowledge Base Article 3046049[2]."
1] https://technet.microsoft.com/security/advisory/3046015
2] https://support.microsoft.com/kb/3046049
:fear: :fear:
MS Security Bulletin Summary - March 2015
FYI...
- https://technet.microsoft.com/library/security/ms15-MAR
March 10, 2015 - "This bulletin summary lists security bulletins released for March 2015...
(Total of -14-)
Microsoft Security Bulletin MS15-018 - Critical
Cumulative Security Update for Internet Explorer (3032359)
- https://technet.microsoft.com/library/security/MS15-018
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS15-019 - Critical
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3040297)
- https://technet.microsoft.com/library/security/MS15-019
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS15-020 - Critical
Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (3041836)
- https://technet.microsoft.com/library/security/MS15-020
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS15-022 - Critical
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999)
- https://technet.microsoft.com/library/security/MS15-022
Critical - Remote Code Execution - May require restart - Microsoft Office, Microsoft Server Software
Microsoft Security Bulletin MS15-023 - Important
Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege (3034344)
- https://technet.microsoft.com/library/security/MS15-023
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS15-024 - Important
Vulnerability in PNG Processing Could Allow Information Disclosure (3035132)
- https://technet.microsoft.com/library/security/MS15-024
Important - Information Disclosure - May require restart - Microsoft Windows
Microsoft Security Bulletin MS15-025 - Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680)
- https://technet.microsoft.com/library/security/MS15-025
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS15-026 - Important
Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3040856)
- https://technet.microsoft.com/library/security/MS15-026
Important - Elevation of Privilege - Does not require restart - Microsoft Exchange
Microsoft Security Bulletin MS15-027 - Important
Vulnerability in NETLOGON Could Allow Spoofing (3002657)
- https://technet.microsoft.com/library/security/MS15-027
Important - Spoofing - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS15-028 - Important
Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass (3030377)
- https://technet.microsoft.com/library/security/MS15-028
Important - Security Feature Bypass - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS15-029 - Important
Vulnerability in Windows Photo Decoder Component Could Allow Information Disclosure (3035126)
- https://technet.microsoft.com/library/security/MS15-029
Important - Information Disclosure - May require restart - Microsoft Windows
Microsoft Security Bulletin MS15-030 - Important
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (3039976)
- https://technet.microsoft.com/library/security/MS15-030
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS15-031 - Important
Vulnerability in Schannel Could Allow Security Feature Bypass (3046049)
- https://technet.microsoft.com/library/security/MS15-031
Important - Security Feature Bypass - Requires restart - Microsoft Windows
___
- http://blogs.technet.com/b/msrc/arch...5-updates.aspx
10 Mar 2015 - "... we released 14 security bulletins to address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Exchange, and Internet Explorer... We released one new Security Advisory:
• Availability of SHA-2 code signing support for Windows 7 and Windows Server 2008 R2 (3033929)
Two Security Advisories were revised:
• Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (2755801)
• Vulnerability in Schannel Could Allow Security Feature Bypass (3046015)..."
Microsoft Security Advisory 3046015
Vulnerability in Schannel Could Allow Security Feature Bypass
- https://technet.microsoft.com/en-us/...curity/3046015
Published: March 5, 2015 | Updated: March 10, 2015
Version: 2.0 - "Microsoft has completed the investigation into a public report of a vulnerability. We have issued Microsoft Security Bulletin MS15-031[1] to address this issue. For more information about this issue, including download links for an available security update, please review the security bulletin. The vulnerability addressed is the Schannel Security Feature Bypass Vulnerability
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2015-1637 "
1] https://technet.microsoft.com/library/security/MS15-031
Microsoft Security Advisory 3033929
Availability of SHA-2 Code Signing Support for Windows 7 and Windows Server 2008 R2
- https://technet.microsoft.com/en-us/...curity/3033929
March 10, 2015 - "Microsoft is announcing the reissuance of an update for all supported editions of Windows 7 and Windows Server 2008 R2 to add support for SHA-2 signing and verification functionality. This update supersedes the 2949927 update that was rescinded on October 17, 2014 to address issues that some customers experienced after installation. As with the original release, Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT, and Windows RT 8.1 do not require this update because SHA-2 signing and verification functionality is already included in these operating systems. This update is not available for Windows Server 2003, Windows Vista, or Windows Server 2008.
[1]The 3033929 update has affected binaries in common with the 3035131 update being released simultaneously via MS15-025. Customers who download and install updates manually and who are planning to install -both- updates should install the 3035131* update before installing the 3033929** update. See the Advisory FAQ for more information."
* https://support.microsoft.com/kb/3035131
** https://support.microsoft.com/kb/3033929
Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- https://technet.microsoft.com/en-us/...curity/2755801
Updated: March 10, 2015 - Version: 38.0
___
March 2015 Office Update Release
- http://blogs.technet.com/b/office_su...e-release.aspx
10 Mar 2015 - "... There are 35 security updates (1 bulletin) and 39 non-security updates..."
> http://technet.microsoft.com/en-us/security/ms15-022
__
- http://www.securitytracker.com/id/1031888 - MS15-018
- http://www.securitytracker.com/id/1031887 - MS15-019
- http://www.securitytracker.com/id/1031890 - MS15-020
- http://www.securitytracker.com/id/1031889 - MS15-021
- http://www.securitytracker.com/id/1031895 - MS15-022
- http://www.securitytracker.com/id/1031896 - MS15-022
- http://www.securitytracker.com/id/1031897 - MS15-023
- http://www.securitytracker.com/id/1031898 - MS15-024
- http://www.securitytracker.com/id/1031899 - MS15-025
- http://www.securitytracker.com/id/1031900 - MS15-026
- http://www.securitytracker.com/id/1031891 - MS15-027
- http://www.securitytracker.com/id/1031893 - MS15-028
- http://www.securitytracker.com/id/1031894 - MS15-029
- http://www.securitytracker.com/id/1031892 - MS15-030
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=19445
2015-03-10
.
MS Update 3033929 causing Reboot loop, MS15-027/KB3002657, MS15-025/KB303339 - more
FYI...
MS Update 3033929 causing Reboot loop
- http://krebsonsecurity.com/2015/03/m...g-reboot-loop/
12 Mar 2015 - "One of the operating system updates Microsoft released on Tuesday of this week — KB3033929 — is causing a reboot loop for a fair number of Windows 7 users, according to postings on multiple help forums. The update in question does not appear to address a pressing security vulnerability, so users who have not yet installed it should probably delay doing so until Microsoft straightens things out. Various tech help forums ares starting to fill up with requests from Windows 7 users who are experiencing a reboot loop after applying the glitchy patch*, which is a “code signing” update that improves the ability of Windows 7 and Windows Server 2008 R2 systems to validate the integrity and authenticity of programs running on top of the operating system. At this time, none of the tech help forums seem to have a solution for the problem..."
* https://support.microsoft.com/kb/3033929
Last Review: Mar 10, 2015 - Rev: 1.0
___
Netlogon patch KB 3002657, SHA-2 signing patch KB 3033929 - Woes mount ...
- http://www.infoworld.com/article/289...confirmed.html
Mar 12, 2015 - "... Complaints are mounting among admins that the Netlogon spoofing patch, MS15-027/KB 3002657* is causing more problems... In addition to log-on failures with EMC Isilon clusters, there are also problems with Outlook, SharePoint, and NAS drives... Spiceworks also has a lengthy thread on this topic. No idea when/if Microsoft will pull the patch, but clearly it's causing lots of problems... Posters on the Patchmanagement List are complaining about a detection problem with the kernel patch MS15-025/KB 3033395** installing on Windows 2003 R2 servers. Apparently the update mechanism fails to identify the patch once it's installed, and offers it up repeatedly... confirmation on yesterday's report that the RDP patch MS15-030/KB 3036493*** requires multiple reboots - at least in some situations. It has been added to the official list of multiple-reboot renegades maintained in KB 2894518****. Admins take note: Your patching sequences may get clobbered... seeing a lot of complaints about the size of this month's bundle of patches. Those of you with Office, for example, may see as many as 50 or 60 individual patches in a swollen download package of 400MB or more..."
* https://support.microsoft.com/kb/3002657
Last Review: Mar 10, 2015 - Rev: 1.0
** https://support.microsoft.com/kb/3033395
Last Review: Mar 10, 2015 - Rev: 1.0
*** https://support.microsoft.com/kb/3036493
Last Review: Mar 10, 2015 - Rev: 1.0
**** https://support.microsoft.com/kb/2894518
Last Review: Mar 12, 2015 - Rev: 15.0
___
KB 3033929 install fails, with multiple errors
- http://www.infoworld.com/article/289...-80070005.html
Mar 12, 2015
____
- http://windowssecrets.com/patch-watc...n-like-a-lion/
Mar 11, 2015 - "... Along with a slug of Windows security fixes, Office gets an astounding 35 security updates — plus the usual load of nonsecurity fixes.
MS15-018 (3032359), MS15-019 (3030403, 3030398)
Patching the usual browser suspects: ... browser security starts with keeping Internet Explorer fully patched — even if you rarely use it. IE is deeply tied into Windows.
KB 3032359 (MS15-018) is rated -critical- for client versions of Windows. It fixes -eight- privately reported vulnerabilities and one publicly disclosed vulnerability, and it applies to all supported versions of the browser, including IE in Windows 10 Technical Preview. There are no reports of active exploits at this time. Among other things, the update makes changes to the VBScript engine and ensures proper enforcement of cross-domain policies. This should help prevent attackers from taking control of a PC when a user clicks-a-malicious-webpage.
Those of you still running IE 7 or an earlier version of the browser (or systems lacking IE, such as Windows 2008 Server Core editions) also need KB 3030398 or KB 3030403 (MS15-019), a related fix for the Windows VBScript engine. These updates should show up on Vista, Server 2003, Server 2008, and some Server Core machines. PCs running Windows 8 or higher will see an Adobe Flash Player update a bit sooner than those running Win7. As noted in MS Security Advisory 2755801, Microsoft released KB 3044132 for embedded Flash on March 10. Adobe’s Flash update will be released two days later... "
:fear::fear:
MS KB revision updates ...
FYI... MS KB revision updates:
MS15-018: Cumulative security update for Internet Explorer...
- http://support.microsoft.com/en-us/kb/3032359
Last Review: Mar 16, 2015 - Rev: 3.0
Applies to:
•Internet Explorer 10
•Internet Explorer 11
•Microsoft Internet Explorer 6.0
•Windows Internet Explorer 7
•Windows Internet Explorer 8
•Windows Internet Explorer 9
___
MS15-020 - Critical
Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (3041836)
- https://technet.microsoft.com/library/security/MS15-020
V1.1 (March 10, 2015): Bulletin revised to better explain the attack vector for the DLL Planting Remote Code Execution Vulnerability (CVE-2015-0096).
Updated: March 10, 2015 - "... For more information about this update, see Microsoft Knowledge Base Article 3041836*..."
MS15-020 ... remote code execution
* - https://support.microsoft.com/en-us/kb/3041836
"Known issues and additional information about this security update:
The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link...":
Last Review: Mar 12, 2015 - Rev: 2.0
Related:
MS15-020 ... Windows text svcs
- https://support.microsoft.com/en-us/kb/3033889
Last Review: Mar 14, 2015 - Rev: 2.0
MS15-020 ... Windows shell
- https://support.microsoft.com/en-us/kb/3039066
Last Review: Mar 14, 2015 - Rev: 3.0
:fear:
Netlogon patch KB 3002657 re-issued
FYI...
Netlogon patch KB 3002657 re-issued
If you're running Win Svr 2003, Microsoft advises you install KB 3002657-v2 on top of the first patch
- http://www.infoworld.com/article/289...b-3002657.html
Mar 17, 2015 - "... Microsoft finally acknowledged the problem and posted a fix - for Windows Server 2003 -only- although I've seen unverified reports of similar problems on other versions of Windows Server... The KB article references problems with EMC Isilon OneFS in the "Known Issues" section...
Updated Security Bulletin MS15-027:
- https://technet.microsoft.com/library/security/MS15-027 "
Updated: March 16, 2015 - Ver: 2.0
V2.0 (March 16, 2015): To address a connectivity issue with update 3002657 when installed on supported editions of Windows Server 2003, Microsoft released update 3002657-v2 for all supported editions of Windows Server 2003. Customers who have not already installed the 3002657 update should install update 3002657-v2 to be fully protected from this vulnerability. To avoid the possibility of future detection logic problems, Microsoft recommends that customers running Windows Server 2003 who have already successfully installed the 3002657 update -also- apply update 3002657-v2 even though they are already protected from this vulnerability. Customers running other Microsoft operating systems are not affected by this re-release and do not need to take any action. See Microsoft Knowledge Base Article 3002657* for more information."
* https://support.microsoft.com/en-us/kb/3002657
Last Review: Mar 17, 2015 - Rev: 2.0
:fear::fear:
MS Security Advisory 3046310 ...
FYI...
MS Security Advisory 3046310
Improperly Issued Digital Certificates Could Allow Spoofing
- https://isc.sans.edu/diary.html?storyid=19475
Mar 16, 2015 - "Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue. To help protect customers from potentially fraudulent use of this digital certificate, it has been revoked by the issuing CA and Microsoft is updating the Certificate Trust list (CTL) for all supported releases of Microsoft Windows to remove the trust of certificates that are causing this issue... For customers running Windows Server 2003, or for customers who choose not to install the automatic updater of revoked certificates, Microsoft recommends that the 3046310 update* be applied immediately using update management software, by checking for updates using the Microsoft Update service, or by downloading and applying the update manually..."
* https://support.microsoft.com/en-us/kb/3046310
Last Review: Mar 16, 2015 - Rev: 1.0
(See 'Applies to...')
___
Support for urgent Trusted Root updates for Windows Root Certificate Program in Windows
- https://support2.microsoft.com/defau...;en-us;3004394
Last Review: Mar 16, 2015 - Rev: 4.0
(See 'Applies to...')
___
Update Rollup 16 for Exchange Server 2007 SP3
- https://support.microsoft.com/en-us/kb/3030086
Last Review: Mar 17, 2015 - Rev: 1.0
Applies to:
Microsoft Exchange Server 2007 Service Pack 3, when used with:
Microsoft Exchange Server 2007 Enterprise Edition
Microsoft Exchange Server 2007 Standard Edition
:fear:
MS Security Advisory 3046310 - V2 Rev3
FYI...
Microsoft Security Advisory 3046310
Improperly Issued Digital Certificates Could Allow Spoofing
- https://technet.microsoft.com/en-us/...y/3046310.aspx
Published: March 16, 2015 | Updated: March 19, 2015
V2.0 (March 19, 2015): Advisory re-released to announce that the update for supported editions of Windows Server 2003 is now available. See Knowledge Base Article 3046310* for more information and download links.
* https://support.microsoft.com/en-us/kb/3046310
Last Review: Mar 19, 2015 - Rev: 3.0
(See "Applies to...")
:fear:
MS15-018, MS15-020, MS15-027 revisions ...
FYI...
MS15-018: Cumulative security update for Internet Explorer...
- https://support.microsoft.com/en-us/kb/3032359
Last Review: Mar 16, 2015 - Rev: 3.0
"... Known issues with this security update:
After you install this security update, applications may crash when they render table-based content in Internet Explorer 11, Internet Explorer 10, Internet Explorer 9, and Internet Explorer 8.
Status: Microsoft is working on a fix for this issue..."
___
MS15-020: Description of the security update for Windows text services ...
- https://support2.microsoft.com/defau...;en-us;3033889
Last Review: Mar 18, 2015 - Rev: 3.0
- https://support.microsoft.com/en-us/kb/3048778
Last Review: Mar 20, 2015 - Rev: 4.0
(See "Applies to...")
___
MS15-027: Vulnerability in NETLOGON could allow spoofing...
- https://support.microsoft.com/en-us/kb/3002657
Last Review: Mar 20, 2015 - Rev: 5.0
(See "Applies to...")
___
Enterprise Site Discovery on IE8, IE9, IE10, and IE11
- http://blogs.msdn.com/b/ie/archive/2...ancements.aspx
March 20, 2015 - "... The March 2015 update expands Enterprise Site Discovery beyond Internet Explorer 11 to include Internet Explorer 8, 9, & 10. By default, data collection is turned off. When collection is enabled, data will be collected from all sites visited by users with Internet Explorer unless otherwise configured. Data is collected during each browsing event and is associated to the browsed URL..."
(More detail at the URL above.)
:fear::fear: