Microsoft Alerts

AplusWebMaster · Dec 19, 2013

MS yanks second botched Surface update ...

FYI...

MS yanks second botched Surface update ...
MS pulls the bad December firmware update for the Surface Pro 2 - with no hint as to when a fix is coming or what afflicted customers should do
- http://www.infoworld.com/t/microsof...-botched-surface-update-in-many-months-232943
Dec 19, 2013 - "... On Dec. 10, Microsoft released a firmware update that was intended to improve stability, push updated Wi-Fi drivers, and promote better cover interaction with sleep, screen dimming, and more on the Surface Pro 2. Microsoft keeps a list of the firmware changes on one obscure page on its website* - not in the Knowledge Base, -not- on the official Windows blog. That page has no indication at all that the botched patch has been pulled..."
* http://www.microsoft.com/surface/en-us/support/install-update-activate/pro-2-update-history?lc=1041

:sad: :fear:

AplusWebMaster · Jan 8, 2014

MS pulls plug on MSE for XP

FYI...

MS pulls plug on MSE for XP
- http://www.infoworld.com/t/microsof...crosoft-security-essentials-windows-xp-233721
Jan 8, 2014 - "... the official end of support Web page* now states that 'Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date'... "
* http://windows.microsoft.com/en-us/windows/end-support-help
"... after April 8, 2014, technical assistance for Windows XP will no longer be available, including automatic updates that help protect your PC. Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date..."

:fear::fear:

AplusWebMaster · Jan 14, 2014

MS Security Bulletin Summary - January 2014

FYI...

- https://technet.microsoft.com/en-us/security/bulletin/ms14-jan
Jan 14, 2014 - "This bulletin summary lists security bulletins released for January 2014...
(Total of -4-)

Microsoft Security Bulletin MS14-001 - Important
Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-001
Important - Remote Code Execution - May require restart - Microsoft Office, Microsoft Server Software

Microsoft Security Bulletin MS14-002 - Important
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-002
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-003 - Important
Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2913602)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-003
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-004 - Important
Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service (2880826)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-004
Important - Denial of Service - May require restart - Microsoft Dynamics AX
___

Deployment Priority, Severity, Exploit Index
- https://blogs.technet.com/cfs-file....71/Jan_2D00_2014_2D00_Priority_2D00_Final.jpg

- https://blogs.technet.com/b/msrc/ar...re-and-the-january-2014-bulletin-release.aspx
____

- https://secunia.com/advisories/56201/ - MS14-001
- https://secunia.com/advisories/55809/ - MS14-002
- https://secunia.com/advisories/56275/ - MS14-003
- https://secunia.com/advisories/56277/ - MS14-004
___

January 2014 Office Update Release
- http://blogs.technet.com/b/office_s...ve/2014/01/14/january-2014-office-update.aspx
14 Jan 2014 - "There are 12 security updates (1 bulletin) and 1 non-security update...
SECURITY UPDATES: MS14-001...
NON-SECURITY UPDATES: To improve stability and performance for Outlook 2013...
• Update for Microsoft Outlook 2013 KB2850061: http://support.microsoft.com/kb/2850061
Please note that these updates are all found in their corresponding versions of Office Click-to-Run: Office 2013: 15.0.4551.1512 ..."
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=17429
Last Updated: 2014-01-14 18:03:19 UTC

.

AplusWebMaster · Jan 14, 2014

MS Security Advisories - 2014.01.14 ...

FYI...

Microsoft Security Advisory (2914486)
Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege
- http://technet.microsoft.com/en-us/security/advisory/2914486
Updated: Jan 14, 2014 - "... We have issued MS14-002* to address the Kernel NDProxy Vulnerability (CVE-2013-5065)..."
* https://technet.microsoft.com/en-us/security/bulletin/ms14-002

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5065 - 7.2 (HIGH)
___

Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- http://technet.microsoft.com/en-us/security/advisory/2755801
Updated: Jan 14, 2014 - "... update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10 and Internet Explorer 11... available via Windows Update*..."
* https://update.microsoft.com/
___

Microsoft Security Advisory (2916652)
Improperly Issued Digital Certificates Could Allow Spoofing
- http://technet.microsoft.com/en-us/security/advisory/2916652
V2.1 (January 15, 2015): Advisory revised to announce a detection change in update 2917500. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.

:fear::fear:

AplusWebMaster · Jan 15, 2014

KB 2913431 - Win7 ...

FYI...

Update fixes an issue that causes Windows to crash
- http://support.microsoft.com/kb/2913431/en-us
Last Review: January 14, 2014 - Revision: 1.1 - "This update fixes an issue that may cause a Windows 7 or Windows Server 2008 R2-based computer to crash. This issue occurs when a program that uses Windows Filtering Platform (such as an antivirus program) is running on the computer... This update is available from Windows Update..."

:fear::fear:

AplusWebMaster · Jan 16, 2014

XP - brief extention...

FYI...

XP - brief extention...
- https://blogs.technet.com/b/mmpc/ar...e-support-for-windows-xp.aspx?Redirected=true
15 Jan 2014 - "... To help organizations complete their migrations, Microsoft will continue to provide updates to our antimalware signatures and engine for Windows XP users through July 14, 2015. This does -not- affect the end-of-support date of Windows XP, or the supportability of Windows XP for other Microsoft products, which deliver and apply those signatures. For enterprise customers, this applies to System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune running on Windows XP. For consumers, this applies to Microsoft Security Essentials..."

OS market share
- http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomd=0
Dec 2013

:fear:

AplusWebMaster · Jan 20, 2014

MS13-081 re-released ...

FYI...

Microsoft Security Bulletin MS13-081 - Critical
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)
- http://technet.microsoft.com/en-us/security/bulletin/ms13-081
V2.0 (January 14, 2014): Rereleased bulletin to announce the reoffering of the 2862330 update to systems running Windows 7 or Windows Server 2008 R2. See the Update FAQ* for details..." *"... Customers who already installed the original update will be re-offered the 2862330 update and are encouraged to apply it at the earliest opportunity..."

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3128 - 9.3 (HIGH)

- http://support.microsoft.com/kb/2862330
"This security update was originally released on October 8, 2013. The security update was rereleased on January 14, 2014, for computers that are running Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP1. The rerelease addresses an issue in which one of the drivers of the USB 2.0 core stack is not updated in some specific computer configurations."
Last Review: Jan 14, 2014 - Revision: 8.0
___

MS13-098: Vulnerability in Windows could allow remote code execution
- http://support.microsoft.com/kb/2893294
Last Review: Dec 20, 2013 - Revision: 3.0

MS13-101: Security update for Windows kernel-mode drivers
- http://support.microsoft.com/kb/2893984
Last Review: Dec 17, 2013 - Revision: 2.0

Description of Software Update Services and Windows Server Update Services changes in content for 2014
- http://support.microsoft.com/kb/894199
Last Review: Jan 16, 2014 - Revision: 18.1

:fear:

AplusWebMaster · Feb 3, 2014

MS Exchange Server 2010 - Workaround...

FYI...

Folder views are not updated when you arrange by categories in Outlook after you apply Exchange Server 2010 Service Pack 3 Update Rollup 3 or Update Rollup 4
- http://support.microsoft.com/kb/2925273/en-us
"Workaround:
> To work around this problem when you sort messages by categories, you can update the folder view when you select a different folder view, such as Date (Conversations), and then return to the Categories view.
> To work around this problem when it occurs only in online-mode in the Outlook client, you can use Outlook in cached mode. Or, if it is possible, you can use OWA to make the change to the folder view."
Last Review: Feb 3, 2014 - Revision: 4.1
Applies to: Microsoft Exchange Server 2010 Service Pack 3

:fear::fear:

AplusWebMaster · Feb 4, 2014

MS13-098 - Known issues ...

FYI...

MS13-098 - Known issues ...
- http://support.microsoft.com/kb/2893294/en-us
"... Known issues with this security update:
After you install this security update on a computer that is running Windows Vista or Windows Server 2008, the computer name might change to "MINWINPC." When this problem occurs, you cannot log on to computer even if you restart the computer. When you try to log on, you may receive an error message that resembles the following:
The username or password is incorrect.
This issue occurs when you install the security update on a system that has partly corrupted data or when the following registry key does not exist..."
Last Review: Feb 3, 2014 - Rev: 4.0

MS Security Bulletin MS13-098 - Critical
Vulnerability in Windows Could Allow Remote Code Execution (2893294)
- http://technet.microsoft.com/en-us/security/bulletin/ms13-098

:fear: :sad:

AplusWebMaster · Feb 5, 2014

MS Security Advisory (2755801)

FYI...

MS Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- http://technet.microsoft.com/en-us/security/advisory/2755801
Updated: Feb 04, 2014 Ver: 19.0 - "Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10 and Internet Explorer 11... Microsoft recommends that customers apply the current update immediately using update management software, or by checking for updates using the Microsoft Update service..."
- https://support.microsoft.com/kb/2929825
Last Review: Feb 4, 2014 - Rev: 2.0

:fear:

AplusWebMaster · Feb 11, 2014

MS Security Bulletin Summary - Feb 2014

FYI...

- https://technet.microsoft.com/en-us/security/bulletin/ms14-feb
Feb 11, 2014 - "This bulletin summary lists security bulletins released for February 2014...
(Total of -7-)

Microsoft Security Bulletin MS14-010 - Critical
Cumulative Security Update for Internet Explorer (2909921)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-010
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS14-011 - Critical
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-011
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-007 - Critical
Vulnerability in Direct2D Could Allow Remote Code Execution (2912390)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-007
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-008 - Critical
Vulnerability in Microsoft Forefront Protection for Exchange Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/bulletin/ms14-008
Critical - Remote Code Execution - May require restart - Microsoft Security Software

Microsoft Security Bulletin MS14-009 - Important
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-009
Important - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS14-005 - Important
Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-005
Important - Information Disclosure - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-006 - Important
Vulnerability in IPv6 Could Allow Denial of Service (2904659)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-006
Important - Denial of Service - Requires restart - Microsoft Windows
___

Deployment Priority, Severity, and Exploit Index
- https://blogs.technet.com/cfs-file....s/00-00-00-45-71/February_5F00_Deployment.jpg

- https://blogs.technet.com/b/msrc/ar...4-and-our-february-2014-security-updates.aspx
___

- https://secunia.com/advisories/56771/ - MS14-005 ...Reported as a 0-day.
- https://secunia.com/advisories/56775/ - MS14-006
- https://secunia.com/advisories/56781/ - MS14-007
- https://secunia.com/advisories/56788/ - MS14-008
- https://secunia.com/advisories/56793/ - MS14-009
- https://secunia.com/advisories/56796/ - MS14-010
- https://secunia.com/advisories/56814/ - MS14-011
___

February 2014 Office Updates Release
- https://blogs.technet.com/b/office_...4-office-updates-release.aspx?Redirected=true
11 Feb 2014 - "... There are 0 security updates and 8 non-security updates...
NON-SECURITY UPDATES
To improve stability and performance for Office 2010
• Update for Microsoft SharePoint Workspace 2010 (KB2760601)
• Update for Microsoft InfoPath 2010 (KB2817396)
• Update for Microsoft InfoPath 2010 (KB2817369)
• Update for Microsoft Office 2010 (KB2837583)
• Update for Microsoft OneNote 2010 (KB2837595)
• Update for Microsoft Outlook 2010 (KB2687567)
• Update for Microsoft PowerPoint 2010 (KB2775360) ...
There are no Outlook Junk Email Filter updates for February. The next Outlook Junk Email Filters updates will ship in the March 2014 update...
There is no Click-to-Run 2013 update for February. The next Click-to-Run update will ship in the April 2014 update..."

Office 365 - Multi-Factor Authentication
- http://blogs.office.com/2014/02/10/multi-factor-authentication-for-office-365/
Feb 10, 2014
___

- http://krebsonsecurity.com/2014/02/security-updates-for-shockwave-windows/
Feb 11, 2014 - "... seven patch bundles addressing at least 31 vulnerabilities in Windows and related software... The cumulative, critical security update for all versions of Internet Explorer (MS14-010) fixes two dozen vulnerabilities, including one that Microsoft says has already been publicly disclosed. The other patch that Microsoft specifically called out — MS14-011 — addresses a vulnerability in VBScript that could cause problems for IE users..."
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=17615
Last Updated: 2014-02-11 18:11:29

.

AplusWebMaster · Feb 12, 2014

MS Security Advisories - 02.11.2014

FYI...

Microsoft Security Advisory (2915720)
Changes in Windows Authenticode Signature Verification
- http://technet.microsoft.com/en-us/security/advisory/2915720
Feb 11, 2014 - Ver: 1.2

Microsoft Security Advisory (2862973)
Update for Deprecation of MD5 Hashing Algorithm for Microsoft Root Certificate Program
- http://technet.microsoft.com/en-us/security/advisory/2862973
Feb 11, 2014 - Ver: 2.0

:fear:

AplusWebMaster · Feb 13, 2014

Install MS14-010 for IE when offered ...

FYI...

- http://windowssecrets.com/patch-watch/staying-safe-on-the-internet-year-round/
Feb 12, 2014 - "... Patch Tuesday’s Internet Explorer patch fixes -24- vulnerabilities, most susceptible to remote code-execution exploits. KB 2909921 is a -critical- update for IE versions 6–11*, on -all- supported Windows workstations. If you’re still running IE9, KB 2909921 will fix a related VBScript threat. But all other supported versions of IE need KB 2928390 ...
What to do: Attacks using the vulnerabilities patched by KB 2909921 (MS14-010) could appear soon. Install this update when offered..."
* MS14-010: Cumulative security update for Internet Explorer ...
- http://technet.microsoft.com/security/bulletin/MS14-010

- http://support.microsoft.com/kb/2909921
Last Review: Feb 11, 2014 - Rev: 1.0
___

MS14-011 - VBScript Scripting Engine ...
- http://technet.microsoft.com/security/bulletin/MS14-011

- http://support.microsoft.com/kb/2928390
Last Review: Feb 11, 2014 - Rev: 1.0

:fear::fear:

AplusWebMaster · Feb 14, 2014

IE10 0-day in-the-wild...

FYI...

IE10 0-Day found in Watering Hole Attack
- http://www.fireeye.com/blog/technic...zero-day-found-in-watering-hole-attack-2.html
Feb 13, 2014 - "FireEye Labs has identified a new Internet Explorer (IE) zero-day exploit hosted on a breached website based in the U.S. It’s a brand new zero-day that targets IE 10 users visiting the compromised website – a classic drive-by download attack. Upon successful exploitation, this zero-day attack will download a XOR encoded payload from a remote server, decode and execute it. This post was intended to serve as a warning to the general public. We are collaborating with the Microsoft Security team on research activities..."

- http://www.fireeye.com/blog/uncateg...ises-us-veterans-of-foreign-wars-website.html
Feb 13, 2014 - "... Mitigation: The exploit targets IE 10 with Adobe Flash. It aborts exploitation if the user is browsing with a different version of IE or has installed Microsoft’s Experience Mitigation Toolkit (EMET). So installing EMET or updating to IE 11 prevents this exploit from functioning..."

Related: http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/in-turn-its-pdf-time.html
Feb 13, 2013 - "... In response to the many requests we’ve received for more detailed information, we would like to let our readers know that we have been working with Adobe and have jointly agreed to refrain from posting the technical details of the zero-day at this time. This post was intended to serve as a warning to the general public. We will update this post with more information at a later time."

- https://isc.sans.edu/diary.html?storyid=17642
Last Updated: 2014-02-14 04:11:27 UTC
___

- http://www.securitytracker.com/id/1029765
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0322 - 9.3 (HIGH)
Updated: Feb 20 2014
Impact: Execution of arbitrary code via network, User access via network
Vendor Confirmed: Yes
Description: ... A specific exploit is active that targets version 10 but -exits- if Microsoft’s Experience Mitigation Toolkit (EMET) is detected...
This vulnerability is being actively exploited...
FireEye reported this vulnerability.
Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The "MSHTML Shim Workaround" Microsoft Fix it solution will prevent exploitation.
The vendor's advisory is available at:
- https://technet.microsoft.com/security/advisory/2934088
Microsoft Fix it 51007

Watering hole attack using IE 10 0-day
> http://www.symantec.com/connect/sites/default/files/users/user-2300501/ie10_0day-diagram1.png
15 Feb 2014

MS IE10 - CMarkup Use-After-Free vuln
- https://secunia.com/advisories/56974/
Last Update: 2014-02-20
Criticality: Extremely Critical
Where: From remote
Impact: System access
Solution: Apply FixIt.
Original Advisory: Microsoft (KB2934088):
Last Review: Feb 19, 2014 - Rev: 1.0
Enable MSHTML shim workaround - Microsoft Fix it 51007*
... Before you install this Fix it solution, you must first install the latest updates for Internet Explorer 9 or Internet Explorer 10. To install the most current update for Internet Explorer, go to the following Microsoft webpage:
- http://update.microsoft.com/microsoftupdate

* http://support.microsoft.com/kb/2934088#FixItForMe

CVE Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0322 - 9.3 (HIGH)
Last revised: 02/18/2014 - "... as exploited in the wild in January and February 2014."
.
- http://www.kb.cert.org/vuls/id/732479
Last revised: 19 Feb 2014

- http://arstechnica.com/security/201...-exploited-in-active-malware-attack-ms-warns/
Feb 13 2014 - "... surreptitiously installed -malware- on computers running a fully patched version 10 of the Internet Explorer browser. The attacks also work on IE 9... strongly consider switching to another browser altogether. Google Chrome has long received high marks for security, as has Mozilla Firefox."

- http://www.theinquirer.net/inquirer...-zero-day-bug-in-targeted-attacks-on-military
Feb 14 2014 - "... just avoid the Microsoft browser altogether by running an alternative like Google Chrome or Mozilla Firefox."

:fear::fear:

AplusWebMaster · Feb 20, 2014

IE9,10 - MS Fix it 51007...

FYI...

Microsoft Security Advisory (2934088)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://technet.microsoft.com/en-us/security/advisory/2934088
Feb 19, 2014

- http://support.microsoft.com/kb/2934088
Last Review: Feb 19, 2014 - Rev: 1.0
Enable MSHTML shim workaround - Microsoft Fix it 51007*
... Before you install this Fix it solution, you must first install the latest updates for Internet Explorer 9 or Internet Explorer 10. To install the most current update for Internet Explorer, go to the following Microsoft webpage:
- http://update.microsoft.com/microsoftupdate

* http://support.microsoft.com/kb/2934088#FixItForMe

- http://support.microsoft.com/kb/2909921 - MS14-010
Last Review: Mar 12, 2014 - Rev: 2.0

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0322 - 9.3 (HIGH)
Last revised: 03/06/2014 - "... as exploited in the wild in January and February 2014."

- http://atlas.arbor.net/briefs/index#-1535410988
High Severity
20 Feb 2014
"... 0day exploit code for Internet Explorer 10. IE 9 is also vulnerable. Earlier exploit activity around CVE-2014-0322 has also been observed. The actual exploit code has been made publicly available. A security bulletin and fix-it are available from Microsoft..."
___

- https://blogs.technet.com/b/msrc/ar...ecurity-advisory-2934088.aspx?Redirected=true
Feb 19, 2014 - "... impacts Internet Explorer 9 and 10. Internet Explorer 6, 7, 8 and 11 are -not- affected..."

:fear::fear:

AplusWebMaster · Feb 21, 2014

MS Security Advisories - 2.19-20.2014 ...

FYI...

Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- http://technet.microsoft.com/en-us/security/advisory/2755801
Updated: Feb 20, 2014 - "... Microsoft released an update (2934802) for Internet Explorer 10 on Windows 8, Windows Server 2012, and Windows RT, and for Internet Explorer 11 on Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. The update addresses the vulnerabilities described in Adobe Security bulletin APSB14-07. For more information about this update, including download links, see Microsoft Knowledge Base Article 2934802*.
Prerequisite: This update is not cumulative and requires that cumulative update 2916626**, released on January 14, 2014, be installed. The previous update (2929825), released on February 4, 2014, is not a dependency; the fixes it contains have been rolled into this current update (2934802).
Note: Updates for Windows RT and Windows RT 8.1 are available via Windows Update**..."
* https://support.microsoft.com/kb/2934802

** https://support.microsoft.com/kb/2916626

*** http://update.microsoft.com/microsoftupdate

- https://secunia.com/advisories/57067/
Release Date: 2014-02-21
Criticality: Highly Critical
Where: From remote
Impact: Exposure of sensitive information, System access...
For more information: https://secunia.com/SA57057/
Solution: Apply updates...
___

Microsoft Security Advisory (2934088)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://technet.microsoft.com/en-us/security/advisory/2934088
Feb 19, 2014

- http://support.microsoft.com/kb/2934088
Last Review: Feb 19, 2014 - Rev: 1.0
Enable MSHTML shim workaround - Microsoft Fix it 51007*
... Before you install this Fix it solution, you must first install the latest updates for Internet Explorer 9 or Internet Explorer 10. To install the most current update for Internet Explorer, go to the following Microsoft webpage:
- http://update.microsoft.com/microsoftupdate

* http://support.microsoft.com/kb/2934088#FixItForMe

- http://support.microsoft.com/kb/2909921 - MS14-010
Last Review: Feb 11, 2014 - Rev: 1.0

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0322 - 9.3 (HIGH)
Last revised: 02/21/2014 - "... as exploited in the wild in January and February 2014"

- http://atlas.arbor.net/briefs/index#-1535410988
High Severity
20 Feb 2014
"... 0day exploit code for Internet Explorer 10. IE 9 is also vulnerable. Earlier exploit activity around CVE-2014-0322 has also been observed. The actual exploit code has been made publicly available. A security bulletin and fix-it are available from Microsoft..."

:fear::fear:

AplusWebMaster · Feb 28, 2014

MS Security Advisory 2014.02.27 ...

FYI...

Microsoft Security Advisory (2871690)
Update to Revoke Non-compliant UEFI Modules
- http://technet.microsoft.com/en-us/security/advisory/2871690
Updated: Feb 27, 2014 Ver: 2.0 - "Microsoft is announcing the availability of an update for Windows 8 and Windows Server 2012 that revokes the digital signatures for nine private, third-party UEFI (Unified Extensible Firmware Interface) modules that could be loaded during UEFI Secure Boot. When the update is applied, the affected UEFI modules will no longer be trusted and will no longer load on systems where UEFI Secure Boot is enabled. The affected UEFI modules consist of specific Microsoft-signed modules that are either not in compliance with our certification program or their authors have requested that the packages be revoked. At the time of this release, these UEFI modules are not known to be available publicly...
... The -rereleased- update* addresses an issue where specific third-party BIOS versions did not properly validate the signature of the original update... The 2871777 update** is a -prerequisite- and must be applied before this update can be installed..."

* https://support.microsoft.com/kb/2871690
Last Review: Feb 27, 2014 - Rev: 2.0
Also see: Known issues with this security update...

** https://support.microsoft.com/kb/2871777
Last Review: Sep 18, 2013 - Rev: 6.0
Applies to: Win8, winSvr2012

:fear:

AplusWebMaster · Mar 1, 2014

MS Security Advisory 2.28.2014 ...

FYI...

Microsoft Security Advisory (2862152)
Vulnerability in DirectAccess and IPsec Could Allow Security Feature Bypass
- http://technet.microsoft.com/en-us/security/advisory/2862152
Published: Nov 12, 2013 | Updated: Feb 28, 2014 Ver: 1.1 - "Microsoft is announcing the availability of an update for all supported releases of Windows to address a vulnerability in how server connections are authenticated to clients in either DirectAccess or IPsec site-to-site tunnels. An attacker who successfully exploited the vulnerability could use a specially crafted DirectAccess server to pose as a legitimate DirectAccess Server in order to establish connections with legitimate DirectAccess clients. The attacker-controlled system, appearing to be a legitimate server, could cause a client system to automatically authenticate and connect with the attacker-controlled system, allowing the attacker to intercept the target user's network traffic and potentially determine their encrypted domain credentials. Microsoft is not aware of any active attacks that are exploiting this vulnerability as of the release of this advisory.
Recommendation: Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service*.
Note: In addition to installing the update, additional administrative steps are required to be protected from the vulnerability described in this advisory. Please see the Suggested Actions section of this advisory for more information... customers must also follow the configuration guidance provided in Microsoft Knowledge Base Article 2862152** to be fully protected from the vulnerability..."
• V1.0 (November 12, 2013): Advisory published.
• V1.1 (February 28, 2014): Advisory -revised- to announce a detection change in the 2862152 update for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows Server 2012 R2, and Windows RT 8.1. This is a detection change only. There were no changes to the update files. Customers who have already successfully updated their systems do not need to take any action.

* http://update.microsoft.com/microsoftupdate/

** http://support.microsoft.com/kb/2862152
Last Review: Dec 2, 2013 - Rev: 2.0

.

AplusWebMaster · Mar 11, 2014

MS Security Bulletin Summary - March 2014

FYI...

- https://technet.microsoft.com/en-us/security/bulletin/ms14-mar
March 11, 2014 - "This bulletin summary lists security bulletins released for March 2014...
(Total of -5-)

Microsoft Security Bulletin MS14-012 - Critical
Cumulative Security Update for Internet Explorer (2925418)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-012
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS14-013 - Critical
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2929961)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-013
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS14-014 - Important
Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-014
Important - Security Feature Bypass - Does not require restart - Microsoft Silverlight

Microsoft Security Bulletin MS14-015 - Important
Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-015
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS14-016 - Important
Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
- https://technet.microsoft.com/en-us/security/bulletin/ms14-016
Important - Security Feature Bypass - Requires restart - Microsoft Windows
___

Description of the Office updates: March 11, 2014
- http://support.microsoft.com/kb/2937335
"... Microsoft released the following nonsecurity updates... We recommend that you install all updates that apply to you..."

- https://blogs.technet.com/b/office_...4/03/11/march-2014-office-update-release.aspx
11 Mar 2014 - "... There are no security updates and 10 non-security updates..."
___

- http://krebsonsecurity.com/2014/03/adobe-microsoft-push-security-updates/
11 Mar 2014 - "... five bulletins address -23- distinct security weaknesses... The Internet Explorer patch is rated -critical- for virtually all supported versions of IE, and plugs at least -18- security holes, including a severe weakness in IE 9 and 10 that is already being exploited in targeted attacks..."
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=17795
Last Updated: 2014-03-11 17:23:47 UTC
___

- https://blogs.technet.com/b/msrc/archive/2014/03/11/the-march-2014-security-updates.aspx

Deployment Priority, Severity, and Exploit Index
- https://blogs.technet.com/resized-i...00-00-00-45-71/2248.March_5F00_Deployment.jpg

- http://blogs.technet.com/b/srd/arch...risk-for-the-march-2014-security-updates.aspx
11 Mar 2014
___

- https://secunia.com/advisories/56974/ - MS14-012
- https://secunia.com/advisories/57325/ - MS14-013
- http://www.securitytracker.com/id/1029902 - MS14-014
- https://secunia.com/advisories/57330/ - MS14-015
- http://www.securitytracker.com/id/1029901 - MS14-016

.

AplusWebMaster · Mar 11, 2014

MS Security Advisories - 3.11.2014 ...

FYI...

Microsoft Security Advisory (2934088)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://technet.microsoft.com/en-us/security/advisory/2934088
Updated: March 11, 2014 - "... We have issued MS14-012* to address this issue. For more information about this issue, including download links for an available security update, please review MS14-012..."
* https://technet.microsoft.com/en-us/security/bulletin/ms14-012

Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- http://technet.microsoft.com/en-us/security/advisory/2755801
Updated: March 11, 2014 Version: 21.0 - "... announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10 and Internet Explorer 11..."

:fear:

Microsoft Alerts

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member