Microsoft Alerts

Kb 3093594

FYI...

Update for Windows Live Essentials Mail 2012
- https://support.microsoft.com/en-us/kb/3093594
Last Review: 12/18/2015 09:38:00 - Rev: 3.0
"Known issues about this update:
- Issue 1: After you install this update (that was released before December 17, 2015), you may find that the program crashes soon after start.
- Solution: Microsoft has identified the cause and has released a fix that addresses the issue for affected users on applicable platforms. To fix this issue, install this update that's released on December 17, 2015.
- Issue 2: After you install this update that's released on December 17, 2015, you may experience mail sync issues.
- This issue occurs because of a server-side problem. Microsoft is researching this issue and will post more information in this article when the information becomes available."
___

- http://www.infoworld.com/article/30...-windows-live-mail-2012-patch-kb-3093594.html
Dec 18, 2015

:fear::fear:
 
MS15-124, MS15-131, status ...

FYI...

MS15-124: Security update for Internet Explorer: December 8, 2015
- https://support.microsoft.com/en-us/kb/3104002
"... Known issues in this security update:
After you install this security update, some classic ASP applications may not work correctly. For example, you may be unable to upload image files by using classic ASP applications.
To resolve this issue, install hotfix 3125446. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
3125446 Classic ASP applications don't work correctly after security update 3104002 is installed in Windows..."
Last Review: 12/16/2015 22:53:00 - Rev: 3.0
Applies to:
Internet Explorer 11
Internet Explorer 10
Windows Internet Explorer 9
Windows Internet Explorer 8
Windows Internet Explorer 7

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6161

- https://technet.microsoft.com/en-us/library/security/MS15-124#Fix_6161

MS15-124: Vulnerability in Internet Explorer could lead to ASLR bypass: December 16, 2015
- https://support.microsoft.com/en-us/kb/3125869
Last Review: 12/17/2015 21:02:00 - Rev: 2.0
Applies to:
Internet Explorer 11
Internet Explorer 10
Windows Internet Explorer 9
Windows Internet Explorer 8
Windows Internet Explorer 7

Classic ASP applications don't work correctly after security update 3104002 is installed in Windows
- https://support.microsoft.com/en-us/kb/3125446
Symptoms: You can't upload files by using classic ASP applications in Internet Explorer after you install security update 3104002...
Hotfix Download Available...
Last Review: 12/16/2015 22:21:00 - Rev: 2.0
Applies to:
Windows Server 2012 R2 Datacenter
Windows Server 2012 R2 Standard
Windows Server 2012 R2 Foundation
Windows 8.1 Enterprise
Windows 8.1 Pro
Windows 8.1
Windows Server 2008 R2 Service Pack 1
Windows 7 Service Pack 1
Windows Server 2008 Service Pack 2
Windows Vista Service Pack 2
___

MS Security Bulletin MS15-131 - Critical
Security Update for Microsoft Office to Address Remote Code Execution (3116111)
- https://technet.microsoft.com/en-us/library/security/MS15-131
V2.1 (December 18, 2015): Bulletin revised to correct the Updates Replaced for 3101532 and 3114342, and to add a workaround for CVE-2015-6172. This is an informational change only. Customers who have successfully installed the updates do not need to take any further action.

> https://support.microsoft.com/en-us/kb/3101532
Last Review: 12/08/2015 18:44:00 - Rev: 1.0

> https://support.microsoft.com/en-us/kb/3114342
Last Review: 12/08/2015 18:42:00 - Rev: 1.0

:fear::fear:
 
Last edited:
Win10 update KB 3124200 and Office update 6366

FYI...

Win10 update KB 3124200 and Office update 6366
> http://www.infoworld.com/article/30...-kb-3124200-clobbers-word-customizations.html
Dec 23, 2015
> https://support.microsoft.com/en-us/kb/3124200
Last Review: 12/17/2015 17:41:00 - Rev: 1.0
Applies to:
Windows 10 Version 1511

Missing customizations in Office Word after an update
- https://support.microsoft.com/en-us/kb/3129969
Last Review: 12/22/2015 18:03:00 - Rev: 1.0
"Summary: After installing the latest update for Microsoft Office (6366.xxxx), all of your customizations for Word such as macros, autotext entries, and styles will no longer load. The issue is caused by a file that has been renamed during the update. To resolve this, use the following steps to help you restore the renamed file..."
Applies to:
Microsoft Word 2013
Microsoft Word 2010
Word 2016

:fear::fear:
 
Last edited:
IE10,11, Edge Flash updated

FYI...

MS Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge
- https://technet.microsoft.com/en-us/library/security/2755801
V52.0 (Dec 29, 2015): Added the 3132372 update* to the Current Update section.

* https://support.microsoft.com/en-us/kb/3132372
Last Review: 12/30/2015 21:00:00 - Rev: 2.0
"Known issues in this security update:
We are aware of limited application crashes that occur after this security update is installed on Windows 10.
Microsoft is researching this problem with Adobe and will post more information in this article when the information becomes available..."

:fear::fear:
 
Last edited:
Win10 patch notes - KB3132372, KB 3133431

FYI...

Win10 patch notes - KB3132372, KB 3133431
The first forced Win10 patch of 2016 is entirely devoted to fixing the last forced patch of 2015, which broke a score of programs that rely on Flash
- http://www.infoworld.com/article/30...ts-flash-player-back-in-the-drivers-seat.html
Jan 6, 2016 - "Yesterday I reported on KB 3132372*, the last Windows 10 patch of 2015, released on Dec. 29. That forced patch broke Skype, HP Solution Center, Incredimail, several Serif programs, GameMaker, a bunch of games, skins for Mediamonkey, eBay Turbo Lister, and heaven knows how many other programs that still rely on Flash. Last night - a week after that initial patch brought down all those programs - Microsoft released a fix... the first forced Win10 patch of 2016 is entirely devoted to fixing the last forced patch of 2015..."

> https://support.microsoft.com/en-us/kb/3133431
Last Review: 01/06/2016 22:03:00 - Rev: 3.0

* https://support.microsoft.com/en-us/kb/3132372
Last Review: 01/06/2016 22:03:00 - Rev: 4.0

:fear::fear:
 
Last edited:
Win10 nagware KB3035583 patch

FYI...

Win10 nagware...
- http://www.infoworld.com/article/30...-10-sets-its-hooks-into-windows-7-and-81.html
Jan 11, 2016 - "... Even if you use the Microsoft-sanctioned DisableGWX and DisableOSUpgrade registry settings, the KB 3035583 patch* -still- installs -all- of the Get Windows 10 nagware. GWX and all of its components sit there, hidden, running in the background even if you can't see the Get Windows 10 icon in the system tray..."

* https://support.microsoft.com/en-us/kb/3035583
Last Review: 12/15/2015 17:19:00 - Rev: 7.0

On your "Recommended updates" list, right click it and choose "Hide".

:fear::fear:
 
Last edited:
MS Security Bulletin Summary - January 2016

FYI...

- https://technet.microsoft.com/en-us/library/security/ms16-jan
Jan 12, 2016 - "This bulletin summary lists security bulletins released for January 2016...
(Total of -9-)

Microsoft Security Bulletin MS16-001 - Critical
Cumulative Security Update for Internet Explorer (3124903)
- https://technet.microsoft.com/library/security/MS16-001
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
- https://support.microsoft.com/en-us/kb/3124903
Last Review: 01/12/2016 18:35:00 - Rev: 1.0
Applies to:
Internet Explorer 11
Internet Explorer 10
Windows Internet Explorer 9
Windows Internet Explorer 8
Windows Internet Explorer 7

Microsoft Security Bulletin MS16-002 - Critical
Cumulative Security Update for Microsoft Edge (3124904)
- https://technet.microsoft.com/library/security/MS16-002
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Microsoft Edge

Microsoft Security Bulletin MS16-003 - Critical
Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3125540)
- https://technet.microsoft.com/library/security/MS16-003
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-004 - Critical
Security Update for Microsoft Office to Address Remote Code Execution (3124585)
- https://technet.microsoft.com/library/security/MS16-004
Critical - Remote Code Execution - May require restart - Microsoft Office, Visual Basic

Microsoft Security Bulletin MS16-005 - Critical
Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584)
- https://technet.microsoft.com/library/security/MS16-005
Critical - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-006 - Critical
Security Update for Silverlight to Address Remote Code Execution (3126036)
- https://technet.microsoft.com/library/security/MS16-006
Critical - Remote Code Execution - Does not require a restart - Microsoft Silverlight

Microsoft Security Bulletin MS16-007 - Important
Security Update for Microsoft Windows to Address Remote Code Execution (3124901)
- https://technet.microsoft.com/library/security/MS16-007
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-008 - Important
Security Update for Windows Kernel to Address Elevation of Privilege (3124605)
- https://technet.microsoft.com/library/security/MS16-008
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-010 - Important
Security Update in Microsoft Exchange Server to Address Spoofing (3124557)
- https://technet.microsoft.com/library/security/MS16-010
Important - Spoofing - May require restart - Microsoft Exchange Server
___

MS16-001: http://www.securitytracker.com/id/1034648
MS16-002: http://www.securitytracker.com/id/1034649
MS16-003: http://www.securitytracker.com/id/1034650
MS16-004: http://www.securitytracker.com/id/1034651
- http://www.securitytracker.com/id/1034652
- http://www.securitytracker.com/id/1034653
MS16-005: http://www.securitytracker.com/id/1034654
MS16-006: http://www.securitytracker.com/id/1034655
MS16-007: http://www.securitytracker.com/id/1034659
- http://www.securitytracker.com/id/1034660
- http://www.securitytracker.com/id/1034661
MS16-008: http://www.securitytracker.com/id/1034645
MS16-010: http://www.securitytracker.com/id/1034647
___

- http://blogs.technet.com/b/msrc/archive/2016/01/12/january-2016-security-update-release-summary.aspx
12 Jan 2016

Security Advisories 2016
- https://technet.microsoft.com/en-us/library/security/mt631688.aspx
Jan 12, 2016

Microsoft Security Advisory 3123479
Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program
- https://technet.microsoft.com/library/security/3123479.aspx

Updates for ActiveX Kill Bits 3118753
- https://technet.microsoft.com/library/security/3118753.aspx

Microsoft Security Advisory 3109853
Update to Improve TLS Session Resumption Interoperability
- https://technet.microsoft.com/library/security/3109853.aspx
___

January 2016 Office Update Release
- http://blogs.technet.com/b/office_s...01/12/january-2016-office-update-release.aspx
12 Jan 2016 - "... there are 29 security updates (1 bulletin) and 36 non-security updates.
Security bulletins: MS16-004:
- https://technet.microsoft.com/library/security/MS16-004 "
____

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=20605
2016-01-12

>> http://blog.shavlik.com/wp-content/uploads/2016/01/January-Patch-Tuesday-2016-summary.jpg
___

MS Security Support and Troubleshooting
- https://technet.microsoft.com/en-us/security/bb980617.aspx
"Find answers to a technical issue, look up a KB article, or search by error code.
Search all sources:
Look up KB article:
Look up Events and Errors: ..."

.
 
Last edited:
Last edited:
MS: Only the Latest Version of Windows Will Support New CPU Generations

FYI...

MS: Only the Latest Version of Windows Will Support New CPU Generations
- http://tech.slashdot.org/story/16/0...n-of-windows-will-support-new-cpu-generations
Jan 16, 2016 - "... news from Microsoft about how the company will support Windows now and in the future*. The company says PCs built with Intel's Skylake chip, and other new architectures in the future, will require the latest version of Windows for support. This doesn't take effect right away; Windows 7 and 8.1 will be supported on older chips until their planned end-of-life dates, in 2020 and 2023 respectively. They'll also be supported on a list of current Skylake devices for the next 18 months. After that, only the latest version of Windows will support integration** between the operating system and new CPU features. "For example, Windows 10 will be the only supported Windows platform on Intel's upcoming 'Kaby Lake' silicon, Qualcomm's upcoming '8996' silicon, and AMD's upcoming 'Bristol Ridge' silicon..."

* https://blogs.windows.com/windowsexperience/2016/01/15/windows-10-embracing-silicon-innovation/
Jan 15, 2016
** http://www.zdnet.com/article/microsoft-updates-support-policy-new-cpus-will-require-windows-10/
Jan 15, 2016

:fear::fear:
 
Deadline for obsolete IE's and Win8

FYI...

Deadline for obsolete IE's and Win8
- http://windowssecrets.com/patch-watch/a-deadline-for-obsolete-ies-and-windows-8/
Jan 14, 2016 - "With the start of a new year, Microsoft is cleaning house of “obsolete” operating systems and browsers. If you’re still on Windows 8.0, you need to update to Win8.1 to be fully supported. And for true browser protection, you need to be using the most current releases of Internet Explorer...
MS16-001 (3124275), MS16-003 (3124624)
... reducing the number of versions Microsoft needs to support is a good thing. For example, keeping secure a browser that has multiple editions in multiple languages, for multiple operating systems is a tall order, even for Microsoft. Sending out monthly fixes for fewer versions should mean more reliable updates.
With that in mind, this month’s cumulative IE update, KB 3124903, is the -last- for IE 7 and 8. According to a Microsoft product lifecycle FAQ*, “Beginning Jan. 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical support and security updates.” Going forward, on desktop Windows, IE 9 will be the -only- supported version on Vista systems; IE 11 is the -only- supported version on Win7 and Win8.1.
Along with the operating system and your anti-malware software, the browser is the most important app to keep up to date with the latest security fixes. If you remain on IE 7 or 8, your risk of infection will rise rapidly. Keep in mind that Internet Explorer is deeply tied into Windows. So even if you don’t use IE as your default browser, it’s important to keep it current. (After you install this month’s cumulative update, you’ll be -nagged- that your browser is out of date and you need to upgrade — in most cases to IE 11.)"
* https://support.microsoft.com/en-us/lifecycle#gp/Microsoft-Internet-Explorer
___

Outlook 2010 Update KB3114570 introduces a regression error
See here:
- https://answers.microsoft.com/en-us...0-update/e629c66c-647a-4e2e-99f5-00895e4f5535

And here:
- http://www.infoworld.com/article/30...ch-kb-3114570-reintroduces-calendar-bugs.html
___

Update that supports Azerbaijani Manat and Georgian Lari currency symbols in Windows Re-released?
- https://support.microsoft.com/en-us/kb/3102429
Last Review: 01/19/2016 19:40:00 - Rev: 7.0

... may cause:
Windows Update KB3102429 Does not play well with Crystal Reports for Visual Studio 2008
- https://answers.microsoft.com/en-us...c27-da72-4842-b44f-370128cd0993?page=2&auth=1

:fear::fear:
 
Last edited:
Update for Office 2013 - KB3114506

FYI...

Error launching Office applications after January updates
- http://blogs.technet.com/b/the_micr...ffice-applications-after-january-updates.aspx
25 Jan 2016 - "It's been reported that after applying January 2016 update (KB 3114506*), customers are experiencing an error on Windows Server 2012 R2 and Windows Server 2008 R2 when trying to launch Office applications such as Excel, PowerPoint and OneDrive for Business. Error Examples:
System Error - The program can’t start because davclnt.dll is missing from your computer. Try reinstalling the program to fix this problem. Excel application error:
> http://blogs.technet.com/resized-im...blogfiles/00-00-00-87-63/Error-Screenshot.PNG
RESOLUTION: Currently, Microsoft is working on the issue and will be providing an update when a fix becomes available. As a workaround, install Desktop User Experience, which ensures the davclnt is available.
Follow this article for further information and updates:
Error: The Program can’t start because davclnt.dll is missing from your computer
- https://community.office365.com/en-us/f/172/t/427963 "

Update for Office 2013 (KB3114506)
* https://support.microsoft.com/en-us/kb/3114506
Last Review: 01/26/2016 09:05:00 - Rev: 3.0

Tags: Excel 2013, powerpoint 2013, Office 2013, davclnt

:fear:
 
MS16-004 - buggy??

FYI...

MS16-004 - buggy??
>> http://www.infoworld.com/article/30...ow-spurious-vba-office-automation-errors.html
Jan 27, 2016 - "Microsoft released MS16-004 on Jan. 12, and weird Visual Basic 6, VBA, and SharePoint 2013 errors have followed in its wake... symptoms are many and varied, but all seem to be due to a problematic new version of the MSComctLib.ocx common control library for VB6 and VBA. It looks like the new version, 6.01.9846, saves templates that don't work properly on machines with older versions of MSComctLib.ocx. It's not clear to me if those same templates throw errors when run on some machines with the new version of MSComctLib.ocx... Microsoft hasn't come up with any warnings in the KB articles..."
[ The update has a different title / KB # -depending- on the version of Microsoft Office you have installed... ]
Office 2007 (KB3114541): https://support.microsoft.com/en-us/kb/3114541
Office 2010 (KB2881029): https://support.microsoft.com/en-us/kb/2881029
Office 2013 (KB3039794): https://support.microsoft.com/en-us/kb/3039794
Office 2016 (KB2920727): https://support.microsoft.com/en-us/kb/2920727
___

- http://blogs.technet.com/b/office_s...01/12/january-2016-office-update-release.aspx
12 Jan 2016

:fear::fear:
 
Last edited:
Win10 - check your 'System Protection' setting

FYI...

Win10 - check your 'System Protection' setting ...
- https://isc.sans.edu/diary.html?storyid=20675
2016-01-31 - "... Many of you (may have) upgraded to Windows 10 and it would be a good idea to verify your settings to make sure 'System Protection' is enabled:
> https://isc.sans.edu/diaryimages/images/win10_protection_off.PNG
Here is how to check and if necessary, 'enable' System Protection:
Select [Win10 Start] -> Settings -> About -> System info -> System Protection -> Configure
Select 'Turn on system protection' to -enable- System Restore and some disk space (i.e. 10 GB):
> https://isc.sans.edu/diaryimages/images/win10_protection_off_default.PNG
Over the years, 'System Protection' has been in many cases a useful tool especially when installing failed patches or applications to be able to go back to an earlier and stable version."

:fear::fear:
 
Updategate: M$ labels Win10 as a 'recommended' update

FYI...

MS - renewed push to force users onto Win10
- http://www.infoworld.com/article/30...ewed-push-to-force-users-onto-windows-10.html
Feb 2, 2016 - "A cryptic post from Microsoft seems to indicate that Redmond has stepped up its push to upgrade Windows 7 and Windows 8.1 users by moving Windows 10 to 'recommended status'. According to ZDNet's Mary Jo Foley*, about 5 p.m. ET on Monday, Microsoft dropped a small bombshell:
' As we shared in late October on the Windows Blog, we are committed to making it easy for our Windows 7 and Windows 8.1 customers to upgrade to Windows 10. We updated the upgrade experience today to help our customers...'. Shortly after, Microsoft maven Paul Thurrott** confirmed the message. Apparently this is Microsoft's version of an official announcement... Until we actually see a "recommended" Windows 10 update in-the-wild, it's hard to say what Microsoft will do... your best bet is to download and run Josh Mayfield's GWX Control Panel[1]. That'll clean out the Get Windows X subsystem, reset the registry entries, and keep the hidden scheduled tasks from firing."
1] http://ultimateoutsider.com/downloads/
Version: 1.7.2.0
Jan 24, 2016
-or-
> http://ultimateoutsider.com/downloads/GWX_control_panel.exe

MS pushes Win10 as a 'recommended' update ...
* http://www.zdnet.com/article/microsoft-starts-pushing-windows-10-as-a-recommended-update/
Feb 1, 2016 - "... On February 1, Microsoft started making good on the promised push... Microsoft is not changing its policy of downloading part of the Windows 10 code 'proactively' to users' machines to make upgrading faster. The company is continuing to do that, in spite of complaints by many. However, unless users make the final decision to hit upgrade, Windows 10 will not completely install and replace their existing Windows versions. The "recommended" push will be a phased one, the spokesperson said, for Windows 7 and 8.1 consumers who have Automatic Updates turned on. For users who have chosen the "Give me recommended updates the same way I receive important updates" setting turned on, the automatic update process will kick off... for the record: Windows 10 is -not- a required update for Windows 7 and 8.1 users. It is now 'recommended'. Users who do not want it can just say no."
> http://www.zdnet.com/article/how-to...des-on-your-business-network-and-at-home-too/

** https://www.thurrott.com/windows/wi...mes-a-recommended-update-on-windows-7-and-8-1
Feb 1, 2016 - "... the change from “optional” to “recommended” is somewhat controversial, since Windows Update is considered a -trusted- source for updates. That is, it will probably cause the Windows 10 upgrade to automatically start on many PCs because most users configure Windows Update to automatically install recommended updates... 'You will be assimilated'."
___

Compatibility update for upgrading Windows 7
- https://support.microsoft.com/en-us/kb/2952664
Last Review: 02/02/2016 20:42:00 - Rev: 17.0 - "This update helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows..."
Applies to:
Windows 7 SP1

Updated capabilities to upgrade Windows 8.1 and Windows 7
- https://support.microsoft.com/en-us/kb/3123862
Last Review: 02/03/2016 18:05:00 - Rev: 1.0
Applies to:
Windows 8.1 Enterprise
Windows 8.1 Pro
Windows 8.1
Windows 7 SP1

Compatibility update for Windows 8.1 and Windows 8
- https://support.microsoft.com/en-us/kb/2976978
Last Review: 02/02/2016 20:43:00 - Rev: 20.0
Applies to:
Windows 8.1 Enterprise
Windows 8.1
Windows 8.1 Pro
Windows 8 Enterprise
Windows 8
Windows 8 Pro

Compatibility update for Windows 7 RTM
- https://support.microsoft.com/en-us/kb/2977759
Last Review: 02/02/2016 20:42:00 - Rev: 16.0
Applies to:
Windows 7 Enterprise
Windows 7 Home Premium
Windows 7 Home Basic
Windows 7 Professional
Windows 7 Starter
Windows 7 Ultimate

:fear::fear:
 
Last edited:
Win10 - Device Guard and Applocker

FYI...

Win10 - Device Guard and Applocker
- http://blogs.msmvps.com/bradley/2016/02/06/not-so-fast-some-of-us-need-emet/
Feb 6, 2016 - "... security enhancements are key... the key features they are pointing out here* – Device Guard and Applocker are -not- available on the Pro or Home skus. They are -only- available on the Enterprise sku..."

Can't disable Windows Store in Win10 Pro through Group Policy
* https://support.microsoft.com/en-us/kb/3135657
Last Review: 01/29/2016 19:47:00 - Rev: 4.0 - "On a computer that's running Windows 10 Pro, you upgrade to version 1511 of Windows 10. After the upgrade, you notice that the following Group Policy settings to disable Windows Store are not applied, and you cannot disable Windows Store:
Computer Configuration>Administrative Templates>Windows Components>Store>Turn off the Store application
User Configuration>Administrative Templates>Windows Components>Store>Turn off the Store
Cause: This behavior is by design. In Windows 10 version 1511, these policies are applicable to users of the Enterprise and Education editions only..."
Applies to:
Win10 Version 1511

:fear::fear:
 
MS Security Bulletin Summary - Feb 2016

FYI...

- https://technet.microsoft.com/library/security/ms16-feb
Feb 9, 2016 - "This bulletin summary lists security bulletins released for February 2016...
(Total of -13-)

Microsoft Security Bulletin MS16-009 - Critical
Cumulative Security Update for Internet Explorer (3134220)
- https://technet.microsoft.com/library/security/MS16-009
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS16-011 - Critical
Cumulative Security Update for Microsoft Edge (3134225)
- https://technet.microsoft.com/library/security/MS16-011
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Edge

Microsoft Security Bulletin MS16-012 - Critical
Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3138938)
- https://technet.microsoft.com/en-us/library/security/MS16-012
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-013 - Critical
Security Update for Windows Journal to Address Remote Code Execution (3134811)
- https://technet.microsoft.com/library/security/MS16-013
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-014 - Important
Security Update for Microsoft Windows to Address Remote Code Execution (3134228)
- https://technet.microsoft.com/library/security/MS16-014
Important - Remote Code Execution - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-015 - Critical
Security Update for Microsoft Office to Address Remote Code Execution (3134226)
- https://technet.microsoft.com/library/security/MS16-015
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Office Services and Web Apps, Microsoft Server Software

Microsoft Security Bulletin MS16-016 - Important
Security Update for WebDAV to Address Elevation of Privilege (3136041)
- https://technet.microsoft.com/library/security/MS16-016
Important - Elevation of Privilege - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-017 - Important
Security Update for Remote Desktop Display Driver to Address Elevation of Privilege (3134700)
- https://technet.microsoft.com/library/security/MS16-017
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-018 - Important
Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3136082)
- https://technet.microsoft.com/en-us/library/security/MS16-018
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS16-019 - Important
Security Update for .NET Framework to Address Denial of Service (3137893)
- https://technet.microsoft.com/library/security/MS16-019
Important - Denial of Service - May require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS16-020 - Important
Security Update for Active Directory Federation Services to Address Denial of Service (3134222)
- https://technet.microsoft.com/library/security/MS16-020
Important - Denial of Service - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-021 - Important
Security Update for NPS RADIUS Server to Address Denial of Service (3133043)
- https://technet.microsoft.com/library/security/MS16-021
Important - Denial of Service - May require restart - Microsoft Windows

Microsoft Security Bulletin MS16-022 - Critical
Security Update for Adobe Flash Player (3135782)
- https://technet.microsoft.com/library/security/MS16-022
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Adobe Flash Player
V1.1 (Feb 12, 2016): Revised bulletin to add links to update 3135782 on the Download Center for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows Server 2012, and Windows Server 2012 R2. This is an informational change only. Customers who have already successfully installed the update do not need to take any further action.
___

- http://blogs.technet.com/b/msrc/arc...ary-2016-security-update-release-summary.aspx
9 Feb 2016

Security Advisories
- https://technet.microsoft.com/en-us/library/security/mt631688.aspx

MS Security Advisory 3137909
Vulnerabilities in ASP.NET Templates Could Allow Tampering
- https://technet.microsoft.com/library/security/3137909.aspx
Feb 9, 2016
> http://www.securitytracker.com/id/1034988
Feb 10 2016
> http://www.securitytracker.com/id/1034987
Feb 10 2016

Microsoft Security Advisory 2871997
Update to Improve Credentials Protection and Management
- https://technet.microsoft.com/en-us/library/security/2871997
Published: May 13, 2014 | Updated: Feb 9, 2016 - Ver: 5.0
V5.0 (Feb 9, 2016): Re-released advisory to announce the release of update 3126593* to enable the Restricted Admin mode for Credential Security Support Provider (CredSSP) by default...
* https://support.microsoft.com/en-us/kb/3126593
___

February 2016 Office Update Release
- http://blogs.technet.com/b/office_s...2/09/february-2016-office-update-release.aspx
9 Feb 2016 - "... there are 26 security updates (1 bulletin) and 53 non-security updates.
Security bulletins:
MS16-015 - https://technet.microsoft.com/en-us/library/security/MS16-015
All of the security and non-security updates for January are listed in KB article 3137471*..."
- https://support.microsoft.com/en-us/kb/3137471
Last Review: 02/09/2016 20:35:00 - Rev: 1.0
___

MS16-009: http://www.securitytracker.com/id/1034971
MS16-011: http://www.securitytracker.com/id/1034972
MS16-012: http://www.securitytracker.com/id/1034973
MS16-013: http://www.securitytracker.com/id/1034974
MS16-014: http://www.securitytracker.com/id/1034985
MS16-015: http://www.securitytracker.com/id/1034975
- http://www.securitytracker.com/id/1034976
MS16-016: http://www.securitytracker.com/id/1034980
MS16-017: http://www.securitytracker.com/id/1034981
MS16-018: http://www.securitytracker.com/id/1034982
MS16-019: http://www.securitytracker.com/id/1034983
MS16-020: http://www.securitytracker.com/id/1034984
MS16-021: http://www.securitytracker.com/id/1034986
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=20711
2016-02-09

Qualys Analysis
- https://blog.qualys.com/laws-of-vulnerabilities/2016/02/09/patch-tuesday-february-2016
Feb 9, 2016

.
 
Last edited:
Patch trouble - MS16-014 and .NET Framework 4.6.1

FYI...

MS16-014: https://technet.microsoft.com/library/security/MS16-014
V2.0 (February 10, 2016): Bulletin revised to announce the availability of update 3126041* for Microsoft Windows Vista, Windows Server 2008, Windows Server 2008 for Itanium-based Systems, Windows 8.1, and Windows Server 2012 R2. Customers should apply the applicable updates to be protected from the vulnerabilities discussed in this bulletin...
* https://support.microsoft.com/en-us/kb/3126041
Last Review: 02/11/2016 01:34:00 - Rev: 2.1

MS16-014: https://support.microsoft.com/en-us/kb/3126587
"Known issue... Customers using Corel VideoStudio X8 or Corel VideoStudio X9 on Windows 7 may experience a crash while launching or using that product. Customers should install the latest updates from Corel to prevent this issue, or contact Corel for more information and help..."
___

.NET Framework 4.6.1 and Exchange compatibility
- http://blogs.technet.com/b/exchange...amework-4-6-1-and-exchange-compatibility.aspx
10 Feb 2016 - "... the .NET Framework 4.6.1 has been made a -recommended- update on WU (Windows Update).
As we have already stated in the Exchange Supportability Matrix, at this time, this version of .NET framework is not supported by Exchange. In fact, we know of some issues* if it is installed. We are working with the .NET team to ensure that Exchange customers have a smooth transition to .NET Framework 4.6.1, but in the meantime, -delay- this particular .NET update on your Exchange servers..."

Mailboxes are quarantined and databases fail over unexpectedly in Exchange Server 2013
* https://support.microsoft.com/en-us/kb/3095369
Last Review: 09/16/2015 19:05:00 - Rev: 3.0
Applies to:
Microsoft Exchange Server 2013 Standard
Microsoft Exchange Server 2013 Enterprise
___

Office 2010 patch KB 3114750 clobbers Outlook Calendar (again)
- http://www.infoworld.com/article/30...-3114750-clobbers-outlook-calendar-again.html
Feb 11, 2016
> https://support.microsoft.com/en-us/kb/3114750
Last Review: 02/09/2016 19:26:00 - Rev: 1.0
Applies to:
MS Office 2010 SP2
_____

These appear to be 'Win10 preps'/nagware that you may want to 'Hide' on your "Recommended Updates" list:

Updated capabilities to upgrade Windows 8.1 and Windows 7
- https://support.microsoft.com/en-us/kb/3123862
Last Review: 02/11/2016 01:42:00 - Rev: 3.0
Applies to:
Windows 8.1 ...
Windows 7 SP1

Compatibility update for upgrading Windows 7
- https://support.microsoft.com/en-us/kb/2952664
Last Review: 02/02/2016 20:42:00 - Rev: 17.0
Applies to:
Windows 7 SP1

Also see: http://www.infoworld.com/article/30...ecommended-windows-781-update-kb-3123862.html
Feb 11, 2016

:fear::fear:
 
Last edited:
Office 2013 patch KB 3114717 freezes ...

FYI...

Office 2013 patch KB 3114717 freezes 32-bit Word 2013 on Win 7, 8.1, 10
There are reports of the patch causing similar lockup problems with Excel 2013 and Outlook 2013
- http://www.infoworld.com/article/30...-freezes-32-bit-word-2013-on-win-7-81-10.html
Feb 12, 2016

> https://social.technet.microsoft.co...013-problems-with-kb3114717?forum=officeitpro
Feb 12, 2016 - "... We are continuing to investigate why Update KB3114717 causes Word to slow down or hang. As a workaround, you can safely -remove- that update and we will post more information here as we learn more..."

- https://support.microsoft.com/en-us/kb/3114717
Last Review: 02/13/2016 02:01:00 - Rev: 2.0
"Notice: Update 3114717 is no longer available because it causes Microsoft Office 2013 apps, such as Microsoft Word and Microsoft Outlook, to slow down or freeze. If you’ve installed this update and you're experiencing these issues, you can safely remove the update.
> https://support.microsoft.com/en-us/kb/3114717#bookmark-uninstall
How to uninstall this update..."

:fear::fear:
 
Last edited:
'Resetting of applications' after KB3135173

FYI...

"... opened up -five- support cases to investigate 'resetting of applications' after KB3135173*"
S. Bradley - 2016-02-15

Cumulative update for Windows 10 Version 1511
* https://support.microsoft.com/en-us/kb/3135173
Last Review: 02/09/2016 19:17:00 - Rev: 1.0
Applies to:
Windows 10 Version 1511

> http://www.tenforums.com/windows-up...-custom-file-associations-reset-defaults.html

> https://social.technet.microsoft.co...app-default-was-reset?forum=win10itprogeneral

> https://www.reddit.com/r/Windows10/comments/458821/an_app_default_was_reset_what_is_this_bs/

> http://answers.microsoft.com/thread/7f51d3de-8e67-478f-9a10-fcd4873ce3af

> https://www.reddit.com/r/Windows10/comments/45wc58/finally_a_fix_for_an_app_default_was_reset/

"... this is -not- how Windows 10 is expected to handle updates."
___

- http://www.infoworld.com/article/30...35173-changes-browser-and-other-defaults.html
Feb 16, 2016

:fear::fear:
 
Last edited:
Windows - updated...

FYI...

Win10 -nagware- KB 3035583 reappears on Win7/8.1 PCs
- http://www.infoworld.com/article/30...3035583-suddenly-reappears-on-win781-pcs.html
Feb 24, 2016

Update installs 'Get Windows 10 app' in Windows 8.1 and Windows 7 SP1
> https://support.microsoft.com/en-us/kb/3035583
Last Review: 02/24/2016 15:20:00 - Rev: 10.0

- http://windowssecrets.com/patch-watch/recalled-office-fix-and-another-get-win10/
Feb 25, 2016
___

Microsoft Security Bulletin MS16-014 - Important
Security Update for Microsoft Windows to Address Remote Code Execution (3134228)
- https://technet.microsoft.com/library/security/MS16-014

MS16-014: Description of the security update for Windows
> https://support.microsoft.com/en-us/kb/3126041
Last Review: 02/24/2016 15:21:00 - Rev: 4.0
[See: "Known issues in this security update"]
___

Win10: Telemetry and other settings
> https://technet.microsoft.com/library/mt577208(v=vs.85).aspx
Last updated: Feb 23, 2016
Applies to: Windows 10

:fear::fear:
 
Last edited:
You must log in or register to reply here.
Back
Top