MS Security Bulletin Summary - September 2015
FYI...
- https://technet.microsoft.com/en-us/...urity/ms15-sep
Sep 8, 2015 - "This bulletin summary lists security bulletins released for September 2015...
(Total of -12-)
Microsoft Security Bulletin MS15-094 - Critical
Cumulative Security Update for Internet Explorer (3089548)
- https://technet.microsoft.com/library/security/ms15-094
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS15-095 - Critical
Cumulative Security Update for Microsoft Edge (3089665)
- https://technet.microsoft.com/library/security/ms15-095
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Microsoft Edge
Microsoft Security Bulletin MS15-096 - Important
Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)
- https://technet.microsoft.com/library/security/ms15-096
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS15-097 - Critical
Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656)
- https://technet.microsoft.com/library/security/ms15-097
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft Office, Microsoft Lync
Microsoft Security Bulletin MS15-098 - Critical
Vulnerabilities in Windows Journal Could Allow Remote Code Execution (3089669)
- https://technet.microsoft.com/library/security/ms15-098
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS15-099 - Critical
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)
- https://technet.microsoft.com/library/security/ms15-099
Critical - Remote Code Execution - May require restart - Microsoft Office, Microsoft SharePoint Foundation
Microsoft Security Bulletin MS15-100 - Important
Vulnerability in Windows Media Center Could Allow Remote Code Execution (3087918)
- https://technet.microsoft.com/library/security/ms15-100
Important - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS15-101 - Important
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662)
- https://technet.microsoft.com/library/security/ms15-101
Important - Elevation of Privilege - Does not require restart - Microsoft Windows, Microsoft .NET Framework
Microsoft Security Bulletin MS15-102 - Important
Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege (3089657)
- https://technet.microsoft.com/library/security/ms15-102
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS15-103 - Important
Vulnerabilities in Microsoft Exchange Server Could Allow Information Disclosure (3089250)
- https://technet.microsoft.com/library/security/ms15-103
Important - Information Disclosure - May require restart - Microsoft Exchange Server
Microsoft Security Bulletin MS15-104 - Important
Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege (3089952)
- https://technet.microsoft.com/library/security/ms15-104
Important - Elevation of Privilege - Does not require restart - Skype for Business Server, Microsoft Lync Server
Microsoft Security Bulletin MS15-105 - Important
Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287)
- https://technet.microsoft.com/library/security/ms15-105
Important - Security Feature Bypass - Requires restart - Microsoft Windows
___
- http://blogs.technet.com/b/msrc/arch...e-summary.aspx
8 Sep 2015
Microsoft Security Advisory 3083992
Update to Improve AppLocker Publisher Rule Enforcement
- https://technet.microsoft.com/librar...y/3083992.aspx
Sep 8, 2015 - "... a defense-in-depth update that improves the enforcement of publisher rules by Windows AppLocker in Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. The improvement is part of ongoing efforts to bolster the effectiveness of AppLocker controls in Windows..."
___
September 2015 Office Update Release
- http://blogs.technet.com/b/office_su...e-release.aspx
8 Sep 2015 - "... There are 15 security updates (2 bulletins) and 41 non-security updates..."
> http://technet.microsoft.com/security/ms15-097
> http://technet.microsoft.com/security/ms15-099
___
MS15-094: http://www.securitytracker.com/id/1033487
MS15-095: http://www.securitytracker.com/id/1033491
MS15-096: http://www.securitytracker.com/id/1033492
MS15-097: http://www.securitytracker.com/id/1033485
- http://www.securitytracker.com/id/1033500
- http://www.securitytracker.com/id/1033501
MS15-098: http://www.securitytracker.com/id/1033484
MS15-099: http://www.securitytracker.com/id/1033488
-http://www.securitytracker.com/id/1033489
MS15-100: http://www.securitytracker.com/id/1033499
MS15-101: http://www.securitytracker.com/id/1033493
MS15-102: http://www.securitytracker.com/id/1033494
MS15-103: http://www.securitytracker.com/id/1033495
MS15-104: http://www.securitytracker.com/id/1033497
MS15-105: http://www.securitytracker.com/id/1033496
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=20129
Last Updated: 2015-09-08
.
MS15-097: Known issues ...
FYI...
MS15-097: Description of the security update for the graphics component in Windows
- https://support.microsoft.com/en-us/kb/3086255
Last Review: 09/08/2015 17:38:00 - Rev: 2.0
"... Known issues in this security update:
After you install this security update, some programs may not run. (For example, some video games may not run.) To work around this issue, you can temporarily turn on the service for the secdrv.sys driver by running certain commands, or by editing the registry.
Note: When you no longer require the service to be running, we recommend that you turn off the service again.
Warning: This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk..."
:confused:
WSUS changes in content / Cumulative update for Windows 10 ...
FYI...
Software Update Services and Windows Server Update Services changes in content for 2015
- https://support.microsoft.com/en-us/kb/894199
Last Review: 09/15/2015 22:18:00 - Revision: 195.0
___
September 2015 Quarterly Exchange Updates
- http://blogs.technet.com/b/exchange/...e-updates.aspx
15 Sep 2015
___
Cumulative update for Windows 10
- https://support.microsoft.com/en-us/kb/3095020
Last Review: 09/15/2015 20:34:00 - Rev: 1.0
:fear::fear:
IE 10, 11, Edge Flash updates
FYI...
Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge
- https://technet.microsoft.com/en-us/...curity/2755801
Updated: Sep 21, 2015 - "... Microsoft released an update (3087040) for Internet Explorer 10 on Windows 8, Windows Server 2012, and Windows RT; Internet Explorer 11 on Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10; and Microsoft Edge on Windows 10. The update addresses the vulnerabilities described in Adobe Security bulletin APSB15-23. For more information about this update, including download links, see Microsoft Knowledge Base Article 3087040*."
* https://support.microsoft.com/en-us/kb/3087040
Last Review: 09/21/2015 17:08:00 - Rev: 1.0
:fear:
MS servicing stack update - fix MS15-098 install failures...
FYI...
September 2015 servicing stack update for Windows 8 and Windows Server 2012
- https://support.microsoft.com/en-us/kb/3096053
Last Review: 09/23/2015 04:37:00 - Rev: 3.0
"Issues that are fixed in this update:
- This update fixes an issue in which you may not be able to install Security update 3069114 because of corruption that occurs during the installation. After you install update 3096053, update 3069114 can be installed successfully.
- Note: When you install update 3096053, there is a brief delay before the installation is finished. You should wait several minutes to make sure that update 3096053 is fully installed before you try to install update 3069114."
MS15-098: Description of the security update for Windows Journal: September 8, 2015
- https://support.microsoft.com/en-us/kb/3069114
Last Review: 09/08/2015 17:32:00 - Rev: 1.0
(See "Applies to...")
:fear:
MS Security Advisory 3097966
FYI...
Microsoft Security Advisory 3097966
Inadvertently Disclosed Digital Certificates Could Allow Spoofing
- https://technet.microsoft.com/library/security/3097966
Sep 24, 2015 - "Microsoft is aware of four digital certificates that were inadvertently disclosed by D-Link Corporation that could be used in attempts to spoof content. The disclosed end-entity certificates cannot be used to issue other certificates or impersonate other domains, but could be used to sign code. This issue affects all supported releases of Microsoft Windows. To help protect customers from potentially fraudulent use of the certificates, Microsoft has modified the Certificate Trust List (CTL) to remove trust for the four certificates. Furthermore, the respective issuing certificate authorities have revoked the certificates...
Recommendation: Please see the Suggested Actions section of this advisory for instructions on applying an update for specific releases of Microsoft Windows...
Suggested Actions: Apply the update for supported releases of Microsoft Windows.
An automatic updater of revoked certificates is included in supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, and Windows 10 and for devices running Windows Phone 8 and Windows Phone 8.1. For these operating systems or devices, customers do not need to take any action, because the CTL will be updated automatically. For systems running Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 that are using the automatic updater of revoked certificates (see Microsoft Knowledge Base Article 2677070* for details), customers do not need to take any action, because these systems will be automatically protected..."
* https://support.microsoft.com/en-us/kb/2677070
Last Review: 02/17/2014 Rev: 6.0
:fear:
Mistakenly-deployed test patch leads to suspicious Windows update
FYI...
Mistakenly-deployed test patch leads to suspicious Windows update
- https://isc.sans.edu/diary.html?storyid=20201
2015-09-30 - "Earlier today, various sources reported a highly-suspicious Windows update. According to Ars Technica, a Microsoft spokesperson stated the company had incorrectly published a test update and is in the process of removing it [1]. The update is no longer available, and ZDNet has confirmed this was a test update "gone errant" [2]:
> https://isc.sans.edu/diaryimages/ima...y-image-01.jpg
Shown above: A screenshot someone posted on a Microsoft community forum [3]
Thanks to everyone who notified us at the ISC. See the references below for further information."
1] http://arstechnica.com/security/2015...red-worldwide/
2] http://www.zdnet.com/article/microso...-update-patch/
3] https://answers.microsoft.com/en-us/...e62725e?auth=1
:fear::fear:
Cumulative update for Win10: Sep 30, 2015
FYI...
Cumulative update for Windows 10: September 30, 2015
- https://support.microsoft.com/en-us/kb/3093266
Last Review: 09/30/2015 18:36:00 - Rev: 1.0
- http://www.infoworld.com/article/298...-failures.html
Oct 1, 2015
:fear::fear:
MS KB's that may involve Win8.1 and Win7 Privacy issues
FYI...
MS KB's that may involve Win8.1 and Win7 Privacy issues:
MS snooping?
- http://windowssecrets.com/top-story/...s-is-snooping/
Oct 1, 2015 - See "Windows telemetry service" and "Diagnostic Tracking Service".
___
Update that adds telemetry points to consent.exe in Win8.1 and Win7
- https://support.microsoft.com/en-us/kb/3075249
3075249 - Last Review: 08/18/2015 - Rev: 1.0
See "Applies to: ..."
___
Update for customer experience and diagnostic telemetry
- https://support.microsoft.com/en-us/kb/3080149
Last Review: 09/11/2015 - Rev: 5.0
See "Applies to: ..."
___
Update for customer experience and diagnostic telemetry
- https://support.microsoft.com/en-us/kb/3068708
Last Review: 09/11/2015 - Rev: 6.0
See "Applies to: ..."
___
Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1
- https://support.microsoft.com/en-us/kb/3035583
Last Review: 10/05/2015 16:45:00 - Rev: 6.0
Compatibility update for upgrading Windows 7
- https://support.microsoft.com/en-us/kb/2952664
Last Review: 10/06/2015 16:38:00 - Rev: 15.0
Applies to: Windows 7 SP1
- http://www.infoworld.com/article/298...b-2952664.html
Oct 6, 2015
___
Other update examples could include ...
- https://technet.microsoft.com/en-us/...curity/3083992
- https://technet.microsoft.com/en-us/...curity/3042058
- https://technet.microsoft.com/en-us/...curity/3033929
- https://technet.microsoft.com/en-us/...curity/3004375
- https://support.microsoft.com/kb/3080079
- https://support.microsoft.com/kb/2574819
___
GWX Control Panel (formerly GWX Stopper) to Permanently Remove the 'Get Windows 10' Icon:
- http://blog.ultimateoutsider.com/201...ly-remove.html
:fear::fear:
MS Security Bulletin Summary - October 2015
FYI...
- https://technet.microsoft.com/en-us/...urity/ms15-oct
Oct 12, 2015 - "This bulletin summary lists security bulletins released for October 2015..."
(Total of -6-)
Microsoft Security Bulletin MS15-106 - Critical
Cumulative Security Update for Internet Explorer (3096441)
- https://technet.microsoft.com/library/security/MS15-106
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS15-107 - Important
Cumulative Security Update for Microsoft Edge (3096448)
- https://technet.microsoft.com/library/security/MS15-107
Important - Information Disclosure - Requires restart - Microsoft Windows, Microsoft Edge
Microsoft Security Bulletin MS15-108 - Critical
Security Update for JScript and VBScript to Address Remote Code Execution (3089659)
- https://technet.microsoft.com/en-us/...urity/MS15-108
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS15-109 - Critical
Security Update for Windows Shell to Address Remote Code Execution (3096443)
- https://technet.microsoft.com/library/security/MS15-109
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS15-110 - Important
Security Updates for Microsoft Office to Address Remote Code Execution (3096440)
- https://technet.microsoft.com/library/security/MS15-110
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Office Services and Web Apps, Microsoft Server Software
Microsoft Security Bulletin MS15-111 - Important
Security Update for Windows Kernel to Address Elevation of Privilege (3096447)
- https://technet.microsoft.com/library/security/MS15-111
Important - Elevation of Privilege - Requires restart - Microsoft Windows
___
- http://blogs.technet.com/b/msrc/arch...e-summary.aspx
13 Oct 2015 - "Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released..."
Security Advisories:
Microsoft Security Advisory 3097966
Inadvertently Disclosed Digital Certificates Could Allow Spoofing
- https://technet.microsoft.com/librar...y/3097966.aspx
Published: September 24, 2015 | Updated: October 13, 2015 / Ver: 2.0
> See: "Known Issues": https://support.microsoft.com/en-us/kb/3097966
[Dlink network adapter]
Microsoft Security Advisory 3042058
Update to Default Cipher Suite Priority Order
- https://technet.microsoft.com/librar...y/3042058.aspx
Published: May 12, 2015 | Updated: October 13, 2015 / Ver: 1.1
Microsoft Security Advisory 2960358
Update for Disabling RC4 in .NET TLS
- https://technet.microsoft.com/library/security/2960358
Published: May 13, 2014 | Updated: October 13, 2015 / Ver: 2.0
Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe -Flash- Player in Internet Explorer and Microsoft Edge
- https://technet.microsoft.com/librar...y/2755801.aspx
Updated: October 13, 2015 / Ver: 48.0
___
October 2015 Office Update Release
- http://blogs.technet.com/b/office_su...e-release.aspx
13 Oct 2015 - "... There are 22 security updates (4 bulletins) and 55 non-security updates..."
___
MS15-106: http://www.securitytracker.com/id/1033800
MS15-107: http://www.securitytracker.com/id/1033802
MS15-108: http://www.securitytracker.com/id/1033801
MS15-109: http://www.securitytracker.com/id/1033799
MS15-110: http://www.securitytracker.com/id/1033803
- http://www.securitytracker.com/id/1033804
MS15-111: http://www.securitytracker.com/id/1033805
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=20245
Last Updated: 2015-10-13
.