Microsoft Alerts

[AplusWebMaster]

FYI...

Error launching Office applications after January updates
- http://blogs.technet.com/b/the_micro...y-updates.aspx
25 Jan 2016 - "It's been reported that after applying January 2016 update (KB 3114506*), customers are experiencing an error on Windows Server 2012 R2 and Windows Server 2008 R2 when trying to launch Office applications such as Excel, PowerPoint and OneDrive for Business. Error Examples:
System Error - The program can’t start because davclnt.dll is missing from your computer. Try reinstalling the program to fix this problem. Excel application error:
> http://blogs.technet.com/resized-ima...Screenshot.PNG
RESOLUTION: Currently, Microsoft is working on the issue and will be providing an update when a fix becomes available. As a workaround, install Desktop User Experience, which ensures the davclnt is available.
Follow this article for further information and updates:
Error: The Program can’t start because davclnt.dll is missing from your computer
- https://community.office365.com/en-us/f/172/t/427963 "

Update for Office 2013 (KB3114506)
* https://support.microsoft.com/en-us/kb/3114506
Last Review: 01/26/2016 09:05:00 - Rev: 3.0

Tags: Excel 2013, powerpoint 2013, Office 2013, davclnt

[AplusWebMaster]

FYI...

MS16-004 - buggy??
>> http://www.infoworld.com/article/302...on-errors.html
Jan 27, 2016 - "Microsoft released MS16-004 on Jan. 12, and weird Visual Basic 6, VBA, and SharePoint 2013 errors have followed in its wake... symptoms are many and varied, but all seem to be due to a problematic new version of the MSComctLib.ocx common control library for VB6 and VBA. It looks like the new version, 6.01.9846, saves templates that don't work properly on machines with older versions of MSComctLib.ocx. It's not clear to me if those same templates throw errors when run on some machines with the new version of MSComctLib.ocx... Microsoft hasn't come up with any warnings in the KB articles..."
[ The update has a different title / KB # -depending- on the version of Microsoft Office you have installed... ]
Office 2007 (KB3114541): https://support.microsoft.com/en-us/kb/3114541
Office 2010 (KB2881029): https://support.microsoft.com/en-us/kb/2881029
Office 2013 (KB3039794): https://support.microsoft.com/en-us/kb/3039794
Office 2016 (KB2920727): https://support.microsoft.com/en-us/kb/2920727
___

- http://blogs.technet.com/b/office_su...e-release.aspx
12 Jan 2016

[AplusWebMaster]

FYI...

Win10 - check your 'System Protection' setting ...
- https://isc.sans.edu/diary.html?storyid=20675
2016-01-31 - "... Many of you (may have) upgraded to Windows 10 and it would be a good idea to verify your settings to make sure 'System Protection' is enabled:
> https://isc.sans.edu/diaryimages/ima...ection_off.PNG
Here is how to check and if necessary, 'enable' System Protection:
Select [Win10 Start] -> Settings -> About -> System info -> System Protection -> Configure
Select 'Turn on system protection' to -enable- System Restore and some disk space (i.e. 10 GB):
> https://isc.sans.edu/diaryimages/ima...ff_default.PNG
Over the years, 'System Protection' has been in many cases a useful tool especially when installing failed patches or applications to be able to go back to an earlier and stable version."

[AplusWebMaster]

FYI...

MS - renewed push to force users onto Win10
- http://www.infoworld.com/article/302...indows-10.html
Feb 2, 2016 - "A cryptic post from Microsoft seems to indicate that Redmond has stepped up its push to upgrade Windows 7 and Windows 8.1 users by moving Windows 10 to 'recommended status'. According to ZDNet's Mary Jo Foley*, about 5 p.m. ET on Monday, Microsoft dropped a small bombshell:
' As we shared in late October on the Windows Blog, we are committed to making it easy for our Windows 7 and Windows 8.1 customers to upgrade to Windows 10. We updated the upgrade experience today to help our customers...'. Shortly after, Microsoft maven Paul Thurrott** confirmed the message. Apparently this is Microsoft's version of an official announcement... Until we actually see a "recommended" Windows 10 update in-the-wild, it's hard to say what Microsoft will do... your best bet is to download and run Josh Mayfield's GWX Control Panel[1]. That'll clean out the Get Windows X subsystem, reset the registry entries, and keep the hidden scheduled tasks from firing."
1] http://ultimateoutsider.com/downloads/
Version: 1.7.2.0
Jan 24, 2016
-or-
> http://ultimateoutsider.com/download...trol_panel.exe

MS pushes Win10 as a 'recommended' update ...
* http://www.zdnet.com/article/microso...mended-update/
Feb 1, 2016 - "... On February 1, Microsoft started making good on the promised push... Microsoft is not changing its policy of downloading part of the Windows 10 code 'proactively' to users' machines to make upgrading faster. The company is continuing to do that, in spite of complaints by many. However, unless users make the final decision to hit upgrade, Windows 10 will not completely install and replace their existing Windows versions. The "recommended" push will be a phased one, the spokesperson said, for Windows 7 and 8.1 consumers who have Automatic Updates turned on. For users who have chosen the "Give me recommended updates the same way I receive important updates" setting turned on, the automatic update process will kick off... for the record: Windows 10 is -not- a required update for Windows 7 and 8.1 users. It is now 'recommended'. Users who do not want it can just say no."
> http://www.zdnet.com/article/how-to-...d-at-home-too/

** https://www.thurrott.com/windows/win...dows-7-and-8-1
Feb 1, 2016 - "... the change from “optional” to “recommended” is somewhat controversial, since Windows Update is considered a -trusted- source for updates. That is, it will probably cause the Windows 10 upgrade to automatically start on many PCs because most users configure Windows Update to automatically install recommended updates... 'You will be assimilated'."
___

Compatibility update for upgrading Windows 7
- https://support.microsoft.com/en-us/kb/2952664
Last Review: 02/02/2016 20:42:00 - Rev: 17.0 - "This update helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows..."
Applies to:
Windows 7 SP1

Updated capabilities to upgrade Windows 8.1 and Windows 7
- https://support.microsoft.com/en-us/kb/3123862
Last Review: 02/03/2016 18:05:00 - Rev: 1.0
Applies to:
Windows 8.1 Enterprise
Windows 8.1 Pro
Windows 8.1
Windows 7 SP1

Compatibility update for Windows 8.1 and Windows 8
- https://support.microsoft.com/en-us/kb/2976978
Last Review: 02/02/2016 20:43:00 - Rev: 20.0
Applies to:
Windows 8.1 Enterprise
Windows 8.1
Windows 8.1 Pro
Windows 8 Enterprise
Windows 8
Windows 8 Pro

Compatibility update for Windows 7 RTM
- https://support.microsoft.com/en-us/kb/2977759
Last Review: 02/02/2016 20:42:00 - Rev: 16.0
Applies to:
Windows 7 Enterprise
Windows 7 Home Premium
Windows 7 Home Basic
Windows 7 Professional
Windows 7 Starter
Windows 7 Ultimate

[AplusWebMaster]

FYI...

Win10 - Device Guard and Applocker
- http://blogs.msmvps.com/bradley/2016...-us-need-emet/
Feb 6, 2016 - "... security enhancements are key... the key features they are pointing out here* – Device Guard and Applocker are -not- available on the Pro or Home skus. They are -only- available on the Enterprise sku..."

Can't disable Windows Store in Win10 Pro through Group Policy
* https://support.microsoft.com/en-us/kb/3135657
Last Review: 01/29/2016 19:47:00 - Rev: 4.0 - "On a computer that's running Windows 10 Pro, you upgrade to version 1511 of Windows 10. After the upgrade, you notice that the following Group Policy settings to disable Windows Store are not applied, and you cannot disable Windows Store:
Computer Configuration>Administrative Templates>Windows Components>Store>Turn off the Store application
User Configuration>Administrative Templates>Windows Components>Store>Turn off the Store
Cause: This behavior is by design. In Windows 10 version 1511, these policies are applicable to users of the Enterprise and Education editions only..."
Applies to:
Win10 Version 1511

[AplusWebMaster]

FYI...

- https://technet.microsoft.com/library/security/ms16-feb
Feb 9, 2016 - "This bulletin summary lists security bulletins released for February 2016...
(Total of -13-)

Microsoft Security Bulletin MS16-009 - Critical
Cumulative Security Update for Internet Explorer (3134220)
- https://technet.microsoft.com/library/security/MS16-009
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS16-011 - Critical
Cumulative Security Update for Microsoft Edge (3134225)
- https://technet.microsoft.com/library/security/MS16-011
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Edge

Microsoft Security Bulletin MS16-012 - Critical
Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3138938)
- https://technet.microsoft.com/en-us/...urity/MS16-012
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-013 - Critical
Security Update for Windows Journal to Address Remote Code Execution (3134811)
- https://technet.microsoft.com/library/security/MS16-013
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-014 - Important
Security Update for Microsoft Windows to Address Remote Code Execution (3134228)
- https://technet.microsoft.com/library/security/MS16-014
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-015 - Critical
Security Update for Microsoft Office to Address Remote Code Execution (3134226)
- https://technet.microsoft.com/library/security/MS16-015
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Office Services and Web Apps, Microsoft Server Software

Microsoft Security Bulletin MS16-016 - Important
Security Update for WebDAV to Address Elevation of Privilege (3136041)
- https://technet.microsoft.com/library/security/MS16-016
Important - Elevation of Privilege - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-017 - Important
Security Update for Remote Desktop Display Driver to Address Elevation of Privilege (3134700)
- https://technet.microsoft.com/library/security/MS16-017
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-018 - Important
Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3136082)
- https://technet.microsoft.com/en-us/...urity/MS16-018
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-019 - Important
Security Update for .NET Framework to Address Denial of Service (3137893)
- https://technet.microsoft.com/library/security/MS16-019
Important - Denial of Service - May require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS16-020 - Important
Security Update for Active Directory Federation Services to Address Denial of Service (3134222)
- https://technet.microsoft.com/library/security/MS16-020
Important - Denial of Service - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-021 - Important
Security Update for NPS RADIUS Server to Address Denial of Service (3133043)
- https://technet.microsoft.com/library/security/MS16-021
Important - Denial of Service - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-022 - Critical
Security Update for Adobe Flash Player (3135782)
- https://technet.microsoft.com/library/security/MS16-022
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Adobe Flash Player
V1.1 (Feb 12, 2016): Revised bulletin to add links to update 3135782 on the Download Center for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows Server 2012, and Windows Server 2012 R2. This is an informational change only. Customers who have already successfully installed the update do not need to take any further action.
___

- http://blogs.technet.com/b/msrc/arch...e-summary.aspx
9 Feb 2016

Security Advisories
- https://technet.microsoft.com/en-us/.../mt631688.aspx

MS Security Advisory 3137909
Vulnerabilities in ASP.NET Templates Could Allow Tampering
- https://technet.microsoft.com/librar...y/3137909.aspx
Feb 9, 2016
> http://www.securitytracker.com/id/1034988
Feb 10 2016
> http://www.securitytracker.com/id/1034987
Feb 10 2016

Microsoft Security Advisory 2871997
Update to Improve Credentials Protection and Management
- https://technet.microsoft.com/en-us/...curity/2871997
Published: May 13, 2014 | Updated: Feb 9, 2016 - Ver: 5.0
V5.0 (Feb 9, 2016): Re-released advisory to announce the release of update 3126593* to enable the Restricted Admin mode for Credential Security Support Provider (CredSSP) by default...
* https://support.microsoft.com/en-us/kb/3126593
___

February 2016 Office Update Release
- http://blogs.technet.com/b/office_su...e-release.aspx
9 Feb 2016 - "... there are 26 security updates (1 bulletin) and 53 non-security updates.
Security bulletins:
MS16-015 - https://technet.microsoft.com/en-us/...urity/MS16-015
All of the security and non-security updates for January are listed in KB article 3137471*..."
- https://support.microsoft.com/en-us/kb/3137471
Last Review: 02/09/2016 20:35:00 - Rev: 1.0
___

MS16-009: http://www.securitytracker.com/id/1034971
MS16-011: http://www.securitytracker.com/id/1034972
MS16-012: http://www.securitytracker.com/id/1034973
MS16-013: http://www.securitytracker.com/id/1034974
MS16-014: http://www.securitytracker.com/id/1034985
MS16-015: http://www.securitytracker.com/id/1034975
- http://www.securitytracker.com/id/1034976
MS16-016: http://www.securitytracker.com/id/1034980
MS16-017: http://www.securitytracker.com/id/1034981
MS16-018: http://www.securitytracker.com/id/1034982
MS16-019: http://www.securitytracker.com/id/1034983
MS16-020: http://www.securitytracker.com/id/1034984
MS16-021: http://www.securitytracker.com/id/1034986
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=20711
2016-02-09

Qualys Analysis
- https://blog.qualys.com/laws-of-vuln...-february-2016
Feb 9, 2016

.

[AplusWebMaster]

FYI...

MS16-014: https://technet.microsoft.com/library/security/MS16-014
V2.0 (February 10, 2016): Bulletin revised to announce the availability of update 3126041* for Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 for Itanium-based Systems, Windows 8.1, and Windows Server 2012 R2. Customers should apply the applicable updates to be protected from the vulnerabilities discussed in this bulletin...
* https://support.microsoft.com/en-us/kb/3126041
Last Review: 02/11/2016 01:34:00 - Rev: 2.1

MS16-014: https://support.microsoft.com/en-us/kb/3126587
"Known issue... Customers using Corel VideoStudio X8 or Corel VideoStudio X9 on Windows 7 may experience a crash while launching or using that product. Customers should install the latest updates from Corel to prevent this issue, or contact Corel for more information and help..."
___

.NET Framework 4.6.1 and Exchange compatibility
- http://blogs.technet.com/b/exchange/...atibility.aspx
10 Feb 2016 - "... the .NET Framework 4.6.1 has been made a -recommended- update on WU (Windows Update).
As we have already stated in the Exchange Supportability Matrix, at this time, this version of .NET framework is not supported by Exchange. In fact, we know of some issues* if it is installed. We are working with the .NET team to ensure that Exchange customers have a smooth transition to .NET Framework 4.6.1, but in the meantime, -delay- this particular .NET update on your Exchange servers..."

Mailboxes are quarantined and databases fail over unexpectedly in Exchange Server 2013
* https://support.microsoft.com/en-us/kb/3095369
Last Review: 09/16/2015 19:05:00 - Rev: 3.0
Applies to:
Microsoft Exchange Server 2013 Standard
Microsoft Exchange Server 2013 Enterprise
___

Office 2010 patch KB 3114750 clobbers Outlook Calendar (again)
- http://www.infoworld.com/article/303...dar-again.html
Feb 11, 2016
> https://support.microsoft.com/en-us/kb/3114750
Last Review: 02/09/2016 19:26:00 - Rev: 1.0
Applies to:
MS Office 2010 SP2
_____

These appear to be 'Win10 preps'/nagware that you may want to 'Hide' on your "Recommended Updates" list:

Updated capabilities to upgrade Windows 8.1 and Windows 7
- https://support.microsoft.com/en-us/kb/3123862
Last Review: 02/11/2016 01:42:00 - Rev: 3.0
Applies to:
Windows 8.1 ...
Windows 7 SP1

Compatibility update for upgrading Windows 7
- https://support.microsoft.com/en-us/kb/2952664
Last Review: 02/02/2016 20:42:00 - Rev: 17.0
Applies to:
Windows 7 SP1

Also see: http://www.infoworld.com/article/303...b-3123862.html
Feb 11, 2016

[AplusWebMaster]

FYI...

Office 2013 patch KB 3114717 freezes 32-bit Word 2013 on Win 7, 8.1, 10
There are reports of the patch causing similar lockup problems with Excel 2013 and Outlook 2013
- http://www.infoworld.com/article/303...n-7-81-10.html
Feb 12, 2016

> https://social.technet.microsoft.com...um=officeitpro
Feb 12, 2016 - "... We are continuing to investigate why Update KB3114717 causes Word to slow down or hang. As a workaround, you can safely -remove- that update and we will post more information here as we learn more..."

- https://support.microsoft.com/en-us/kb/3114717
Last Review: 02/13/2016 02:01:00 - Rev: 2.0
"Notice: Update 3114717 is no longer available because it causes Microsoft Office 2013 apps, such as Microsoft Word and Microsoft Outlook, to slow down or freeze. If you’ve installed this update and you're experiencing these issues, you can safely remove the update.
> https://support.microsoft.com/en-us/...mark-uninstall
How to uninstall this update..."

[AplusWebMaster]

FYI...

"... opened up -five- support cases to investigate 'resetting of applications' after KB3135173*"
S. Bradley - 2016-02-15

Cumulative update for Windows 10 Version 1511
* https://support.microsoft.com/en-us/kb/3135173
Last Review: 02/09/2016 19:17:00 - Rev: 1.0
Applies to:
Windows 10 Version 1511

> http://www.tenforums.com/windows-upd...-defaults.html

> https://social.technet.microsoft.com...10itprogeneral

> https://www.reddit.com/r/Windows10/c...at_is_this_bs/

> http://answers.microsoft.com/thread/...0-fcd4873ce3af

> https://www.reddit.com/r/Windows10/c...ult_was_reset/

"... this is -not- how Windows 10 is expected to handle updates."
___

- http://www.infoworld.com/article/303...-defaults.html
Feb 16, 2016

[AplusWebMaster]

FYI...

Win10 -nagware- KB 3035583 reappears on Win7/8.1 PCs
- http://www.infoworld.com/article/303...in781-pcs.html
Feb 24, 2016

Update installs 'Get Windows 10 app' in Windows 8.1 and Windows 7 SP1
> https://support.microsoft.com/en-us/kb/3035583
Last Review: 02/24/2016 15:20:00 - Rev: 10.0

- http://windowssecrets.com/patch-watc...her-get-win10/
Feb 25, 2016
___

Microsoft Security Bulletin MS16-014 - Important
Security Update for Microsoft Windows to Address Remote Code Execution (3134228)
- https://technet.microsoft.com/library/security/MS16-014

MS16-014: Description of the security update for Windows
> https://support.microsoft.com/en-us/kb/3126041
Last Review: 02/24/2016 15:21:00 - Rev: 4.0
[See: "Known issues in this security update"]
___

Win10: Telemetry and other settings
> https://technet.microsoft.com/librar...=vs.85%29.aspx
Last updated: Feb 23, 2016
Applies to: Windows 10