Microsoft Alerts

[AplusWebMaster]

FYI... Windows Update Client Win7, Win8.1 - Updated MS15-046, MS15-081, MS15-099...

Windows Update Client for Windows 7 and Windows Server 2008 R2: October 2015
- https://support.microsoft.com/en-us/kb/3083710
Last Review: 10/13/2015 18:31:00 - Rev: 2.0
Applies to:
Windows Server 2008 R2 Service Pack 1
Windows 7 Service Pack 1
Windows Embedded Standard 7 Service Pack 1
___

Windows Update Client for Windows 8.1 and Windows Server 2012 R2: October 2015
- https://support.microsoft.com/en-us/kb/3083711
Last Review: 10/13/2015 18:33:00 - Rev: 2.0
Applies to:
Windows Server 2012 R2 Datacenter
Windows Server 2012 R2 Standard
Windows Server 2012 R2 Essentials
Windows Server 2012 R2 Foundation
Windows 8.1 Enterprise
Windows 8.1 Pro
Windows 8.1
Windows RT 8.1
___

Microsoft Security Bulletin MS15-046 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)
- https://technet.microsoft.com/en-us/.../ms15-046.aspx
Published: May 12, 2015 | Updated: October 13, 2015
V4.0 (October 13, 2015): Revised bulletin to announce the availability of a new update (3085544) for Microsoft Office 2007 that addresses issues with the previously-released update (2965282). Customers running Microsoft Office 2007 are encouraged to install update 3085544 at the earliest opportunity to be fully protected from the vulnerability discussed in this bulletin. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3085544* for more information and download links.
* https://support.microsoft.com/en-us/kb/3085544

Microsoft Security Bulletin MS15-081 - Critical
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790)
- https://technet.microsoft.com/en-us/.../ms15-081.aspx
Published: August 11, 2015 | Updated: October 13, 2015
V3.0 (October 13, 2015): Revised bulletin to announce the availability of update packages for Microsoft Office 2016, Microsoft Visio 2016, and Microsoft Word 2016. Customers running Microsoft Office 2016, Microsoft Visio 2016, or Microsoft Word 2016 should apply the applicable updates to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the updates will be downloaded and installed automatically.

Microsoft Security Bulletin MS15-099 - Critical
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)
- https://technet.microsoft.com/en-us/.../ms15-099.aspx
Published: September 8, 2015 | Updated: October 13, 2015
V4.0 (October 13, 2015): Revised bulletin to announce the availability of an update package for Microsoft Excel 2016. Customers running Microsoft Excel 2016 should apply update 2920693 to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically.
___

>> https://community.qualys.com/blogs/l...y-october-2015
Oct 13, 2015
___

Compatibility update for upgrading to Windows 10: October 14, 2015
- https://support.microsoft.com/en-us/kb/3097626
Last Review: 10/14/2015 16:34:00 - Rev: 2.0

[AplusWebMaster]

FYI...

Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge
- https://technet.microsoft.com/en-us/...curity/2755801
Updated: Oct 19, 2015 - Ver: 49.0 - "Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10; the update is also available for Adobe Flash Player in Microsoft Edge on all supported editions of Windows 10. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge...
On October 19, 2015, Microsoft released an update (3105216) for Internet Explorer 10 on Windows 8, Windows Server 2012, and Windows RT; Internet Explorer 11 on Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10; and Microsoft Edge on Windows 10. The update addresses the vulnerabilities described in Adobe Security bulletin APSB15-27*. For more information about this update, including download links, see Microsoft Knowledge Base Article 3105216**...
* https://helpx.adobe.com/security/pro...apsb15-27.html
Oct 16, 2015
** https://support.microsoft.com/en-us/kb/3105216
Last Review: 10/19/2015 21:09:00 - Rev: 1.0

[AplusWebMaster]

FYI... Win10 'Nagware'

Update installs 'Get Windows 10 app' in Windows 8.1 and Windows 7 SP1
- https://support.microsoft.com/en-us/kb/3035583
Last Review: 10/05/2015 16:45:00 - Rev: 6.0
___

Nagware KB 3035583 is marked 'Important' on some PCs and will thus install on Automatic Update
- http://www.infoworld.com/article/298...b-2952664.html
Oct 6, 2015

Disable Windows 10 upgrade 'nagware' on Windows 7, Windows 8.1 computers
- http://www.infoworld.com/article/299...computers.html
Oct 14, 2015

Microsoft says that the optional update was enabled by mistake
>> http://arstechnica.com/information-t...s-7-8-systems/
Oct 15, 2015

"HIDE 'UPDATE'" ?

[AplusWebMaster]

FYI...

Win10 System Center Configuration Manager
- http://blogs.technet.com/b/configmgr...nd-intune.aspx
27 Oct 2015 - "... Windows 10 comes in two basic flavors: (1) a Current Branch (also known as Windows-as-a-Service) and (2) the Long-Term Servicing Branch with a more traditional support model. The Current Branch also has the option of Current Branch for Business, which is the same build as the Current Branch, just deferred to a later date to give you time to further validate in your environment. If this is all news to you, stop reading and click here* for more information and guidance. Then come on back when you are ready.
* https://technet.microsoft.com/en-us/...=vs.85%29.aspx
... we will release a -new- version of Configuration Manager by the end of this calendar year. This -new- version will bring -full- support for the deployment, upgrade, and management of Windows 10. The new System Center Configuration Manager, as it will simply be called, is designed to support the much faster pace of updates for Windows 10 and Microsoft Intune. This -new- version will also simplify the Configuration Manager upgrade experience itself, and allow us to listen and more quickly respond to your feedback...
'In Summary: Planning and Guidance'..." (see the chart there).

[AplusWebMaster]

FYI...

Installing and searching for updates is slow and high CPU usage occurs in Win7 and Win Server 2008 R2
- https://support.microsoft.com/en-us/kb/3102810
Last Review: 11/04/2015 03:09:00 - Rev: 2.0
Applies to:
Windows Server 2008 R2 Service Pack 1
Windows 7 Service Pack 1

Also:
Installing and searching for updates is slow and high CPU usage occurs in Win8.1 and Win Server 2012 R2
- https://support.microsoft.com/en-us/kb/3102812
Last Review: 11/04/2015 03:09:00 - Rev 2.0

Hmmm...

[AplusWebMaster]

FYI...

- https://technet.microsoft.com/en-us/...urity/ms15-nov
Nov 10, 2015 - "This bulletin summary lists security bulletins released for November 2015...
(Total of -12-)

Microsoft Security Bulletin MS15-112 - Critical
Cumulative Security Update for Internet Explorer (3104517)
- https://technet.microsoft.com/library/security/MS15-112
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS15-113 - Critical
Cumulative Security Update for Microsoft Edge (3104519)
- https://technet.microsoft.com/library/security/MS15-113
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Microsoft Edge

Microsoft Security Bulletin MS15-114 - Critical
Security Update for Windows Journal to Address Remote Code Execution (3100213)
- https://technet.microsoft.com/library/security/MS15-114
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-115 - Critical
Security Update for Microsoft Windows to Address Remote Code Execution (3105864)
- https://technet.microsoft.com/library/security/MS15-115
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-116 - Important
Security Update for Microsoft Office to Address Remote Code Execution (3104540)
- https://technet.microsoft.com/library/security/MS15-116
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Office Services and Web Apps, Microsoft Lync, Skype for Business

Microsoft Security Bulletin MS15-117 - Important
Security Update for NDIS to Address Elevation of Privilege (3101722)
- https://technet.microsoft.com/library/security/MS15-117
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-118 - Important
Security Update for .NET Framework to Address Elevation of Privilege
- https://technet.microsoft.com/library/security/MS15-118
Important - Elevation of Privilege - Does not require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS15-119 - Important
Security Update for Winsock to Address Elevation of Privilege (3104521)
- https://technet.microsoft.com/library/security/MS15-119
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-120 - Important
Security Update for IPSec to Address Denial of Service (3102939)
- https://technet.microsoft.com/library/security/MS15-120
Important - Denial of Service - May require restart - Microsoft Windows

Microsoft Security Bulletin MS15-121 - Important
Security Update for Schannel to Address Spoofing (3081320)
- https://technet.microsoft.com/library/security/MS15-121
Important - Spoofing - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-122 - Important
Security Update for Kerberos to Address Security Feature Bypass (3105256)
- https://technet.microsoft.com/library/security/MS15-122
Important - Security Feature Bypass - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS15-123 - Important
Security Update for Skype for Business and Microsoft Lync to Address Information Disclosure (3105872)
- https://technet.microsoft.com/library/security/MS15-123
Important - Information Disclosure - May require restart - Microsoft Lync, Skype for Business
___

MS15-112: http://www.securitytracker.com/id/1034112
MS15-113: http://www.securitytracker.com/id/1034113
MS15-114: http://www.securitytracker.com/id/1034110
MS15-115: http://www.securitytracker.com/id/1034114
MS15-116: http://www.securitytracker.com/id/1034117
- http://www.securitytracker.com/id/1034119
- http://www.securitytracker.com/id/1034122
MS15-117: http://www.securitytracker.com/id/1034115
MS15-118: http://www.securitytracker.com/id/1034116
MS15-119: http://www.securitytracker.com/id/1034121
MS15-120: http://www.securitytracker.com/id/1034123
MS15-121: http://www.securitytracker.com/id/1034124
MS15-122: http://www.securitytracker.com/id/1034125
MS15-123: http://www.securitytracker.com/id/1034126
- http://www.securitytracker.com/id/1034127
___

- http://blogs.technet.com/b/msrc/arch...e-summary.aspx
10 Nov 2015 - "Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released..."

Security Advisories:
Microsoft Security Advisory 3108638
Update for Windows Hyper-V to Address CPU Weakness
- https://technet.microsoft.com/librar...y/3108638.aspx
Nov 10, 2015

Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge
- https://technet.microsoft.com/librar...y/2755801.aspx
Nov 10, 2015 V50.0
___

Nov 2015 Office Update Release
- http://blogs.technet.com/b/office_su...e-release.aspx
10 Nov 2015 - "... there are -60- security updates (2 bulletins) and 39 non-security updates..."
MS15-099 (updated): https://technet.microsoft.com/en-us/...urity/MS15-099
MS15-116: https://technet.microsoft.com/en-us/...urity/MS15-116
"... All of the security and non-security updates for November are listed in KB article 3108456..."
> https://support.microsoft.com/en-us/kb/3108456
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=20359
2015-11-10 18:05:54 UTC

.

[AplusWebMaster]

FYI...

MS15-115 -KB3097877 causing severe difficulties for some Win7 users
- http://myonlinesecurity.co.uk/kb3097...ndows-updates/
11 Nov 2015 - "KB3097877 causing severe difficulties for some Windows 7 users November 2015 Windows updates. We are seeing numerous reports from Windows 7 users about difficulties logging on to windows after doing the November 2015 patch Tuesday updates. We are also hearing about crashes in Outlook 2010 and 2013 when viewing HTML emails.
We also are hearing about crashes in gadgets in windows sidebar on Windows 7 computers. Gadgets have been deprecated and are not recommended for use any longer due to security issues...
All the problems appear to be caused by KB3097877 which is part of a vital security update included in MS15-115. This update is a security update that updates Win32k.sys and Gdiplus.dll to help prevent a remote code execution if an attacker convinces a user to open a specially crafted document or to go to an untrusted webpage that contains embedded fonts.
Best advice we can give at the moment is NOT to install KB3097877 on any Windows7 computer until Microsoft have investigated and issued a workaround or revised patch. If you are suffering from Crashes in Outlook, then -uninstall- KB3097877..."

MS15-115: https://support.microsoft.com/en-us/kb/3097877
Last Review: 11/10/2015 18:28:00 - Rev: 1.0
___

>> https://social.technet.microsoft.com...eitproprevious

>> http://www.infoworld.com/article/300...k-screens.html
Nov 11, 2015

[AplusWebMaster]

FYI...

MS15-115 / re-released ...
- https://technet.microsoft.com/library/security/MS15-115
V2.0 (November 11, 2015): Bulletin revised to inform customers running Windows 7 that the 3097877 update has been re-released to address an issue that caused crashes for some customers when they viewed certain emails. Customers who previously installed update 3097877 should -reinstall- the update to correct this known issue. See Microsoft Knowledge Base Article 3097877* for more information.

* https://support.microsoft.com/en-us/kb/3097877
Last Review: 11/11/2015 22:26:00 - Rev: 2.0 - "... Issues in this security update: We are aware of reports of crashes in all supported versions of Microsoft Outlook that occur when users are reading certain emails after this update is installed..."

[AplusWebMaster]

FYI...

MS15-115 / re-released ...
- https://technet.microsoft.com/library/security/MS15-115
V2.0 (November 12, 2015): Bulletin revised to inform customers that the 3097877* update for Windows 7 and Windows Server 2008 R2 has been rereleased to correct a problem with the original update that could cause some applications to quit unexpectedly. Customers who have already successfully installed the update on Windows 7 or Windows Server 2008 R2 systems should reinstall the update.

* https://support.microsoft.com/en-us/kb/3097877
Last Review: 11/12/2015 19:00:00 - Rev: 5.0
___

- https://support.microsoft.com/en-us/kb/3097877
Last Review: 11/13/2015 02:21:00 - Rev: 8.0 <<
___

MS15-112 - File is "moved or deleted" or "cannot be found" error when you download PDF files in Internet Explorer 11 in Windows
- https://support.microsoft.com/en-us/kb/3110711
Last Review: 11/13/2015 07:25:00 - Rev: 3.0 <
"Prerequisites... you must install MS15-112: Security update for Internet Explorer: November 10, 2015 before you install this hotfix..."

[AplusWebMaster]

FYI...

Win10 upgrade woes include deleted apps, system hangs
The rollout of Windows 10 version 1511 has hit a few bumps, but we have solutions
- http://www.infoworld.com/article/300...tem-hangs.html
Nov 13, 2015