Microsoft Security Bulletin(s) for November 11, 2014

Discussion in 'Software' started by NICK ADSL UK, Nov 11, 2014.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    Microsoft Security Bulletin(s) for November 11, 2014
    Note: There may be latency issues due to replication, if the page does not display keep refreshing


    Today Microsoft released the following Security Bulletin(s).
    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:
    https://technet.microsoft.com/library/security/ms14-nov


    Critical (5)
    Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)

    http://go.microsoft.com/fwlink/?LinkId=518106

    Cumulative Security Update for Internet Explorer (3003057)
    http://go.microsoft.com/fwlink/?LinkId=518103

    Vulnerability in Schannel Could Allow Remote Code Execution (2992611)
    http://go.microsoft.com/fwlink/?LinkId=518112

    Vulnerability in XML Core Services Could Allow Remote Code Execution [299395]
    http://go.microsoft.com/fwlink/?LinkId=513100

    MS14-068 Release date to be determined

    Important (9)
    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)

    http://go.microsoft.com/fwlink/?LinkId=518105

    Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)
    http://go.microsoft.com/fwlink/?LinkId=507675

    Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)
    http://go.microsoft.com/fwlink/?LinkId=518113

    Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
    http://go.microsoft.com/fwlink/?LinkId=518107

    Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)
    http://go.microsoft.com/fwlink/?LinkId=513105

    Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)
    http://go.microsoft.com/fwlink/?LinkId=518111

    MS14-075 Release date to be determined

    Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass [298299]
    http://go.microsoft.com/fwlink/?LinkId=509986

    Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3003381)
    http://go.microsoft.com/fwlink/?LinkId=518108


    Moderate (2)
    Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (3005210)

    http://go.microsoft.com/fwlink/?LinkId=509952

    Vulnerability in Kernel Mode Driver Could Allow Denial of Service (3002885)
    http://go.microsoft.com/fwlink/?LinkId=518110

    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.
    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.
    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA
     
  2. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    ********************************************************************
    Title: Microsoft Security Bulletin Releases
    Issued: November 18, 2014
    ********************************************************************
    Summary
    =======
    The following bulletin has been released.
    * MS14-068 - Critical
    The following bulletins have undergone a major revision increment.
    * MS14-066 - Critical
    * MS14-NOV

    Bulletin Information:
    =====================
    MS14-068 - Critical
    - https://technet.microsoft.com/library/security/ms14-068
    - Reason for Revision: V1.0 (November 18, 2014): Bulletin
    published.
    - Originally posted: November 18, 2014
    - Updated: November 18, 2014
    - Bulletin Severity Rating: Critical
    - Version: 1.0

    MS14-066 - Critical
    - https://technet.microsoft.com/library/security/ms14-066
    - Reason for Revision: V2.0 (November 18, 2014): Bulletin revised
    to announce the reoffering of the 2992611 update to systems
    running Windows Server 2008 R2 and Windows Server 2012. The
    reoffering addresses known issues that a small number of
    customers experienced with the new TLS cipher suites that were
    included in the original release. Customers running Windows
    Server 2008 R2 or Windows Server 2012 who installed the 2992611
    update prior to the November 18 reoffering should reapply the
    update. See Microsoft Knowledge Base Article 2992611 for more
    information.
    - Originally posted: November 11, 2014
    - Updated: November 18, 2014
    - Bulletin Severity Rating: Critical
    - Version: 2.0

    MS14-NOV
    - https://technet.microsoft.com/library/security/ms14-nov
    - Reason for Revision: V2.0 (November 18, 2014): Bulletin Summary
    revised to document the out-of-band release of MS14-068 and,
    for MS14-066, to announce the reoffering of the 2992611 update
    to systems running Windows Server 2008 R2 and Windows Server
    2012. See the respective bulletins for more information.
    - Originally posted: November 11, 2014
    - Updated: November 18, 2014
    - Version: 2.0
     
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds