February 2015 Updates

 microsoft windows  Comments Off on February 2015 Updates
Feb 102015
 

Today, as part of Update Tuesday, we released nine security bulletins – three rated Critical and six rated Important in severity, to address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software. 

We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate the XI, a full description can be found here.

We re-released one Security Bulletin:

One new Security Advisory was released:

One Security Advisory was revised:

We also announced changes related to SSL 3.0 and you can read more about these on the IE blog.

For the latest information, you can follow the Microsoft Security Response Center (MSRC) team on Twitter at @MSFTSecResponse.

MSRC Team

January 2015 Updates

 microsoft windows  Comments Off on January 2015 Updates
Jan 132015
 

Today, as part of Update Tuesday, we released eight security updates – one rated Critical and seven rated Important in severity, to address eight unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows.

We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate XI, a full description can be found here.

We re-released one Security Bulletin:

One Security Advisory was revised:

For the latest information, you can follow the MSRC team on Twitter at @MSFTSecResponse.

MSRC Team

December 2014 Updates

 microsoft windows  Comments Off on December 2014 Updates
Dec 092014
 

Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office and Exchange.

We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate XI, a full description can be found here.

We re-released two Security Bulletins:

 One Security Advisory was revised:

 For the latest information, you can follow the MSRC team on Twitter at @MSFTSecResponse.

Tracey Pretorius, Director
Response Communications

Advance Notification Service for the December 2014 Security Bulletin Release

 microsoft windows  Comments Off on Advance Notification Service for the December 2014 Security Bulletin Release
Dec 042014
 

Today, we provide advance notification for the release of seven Security Bulletins. Three of these updates are rated Critical and four are rated as Important in severity. These updates are for Microsoft Windows, Internet Explorer (IE), Office and Exchange.

As per our monthly process, we’ve scheduled the Security Bulletin release for the second Tuesday of the month, December 9, 2014, at approximately 10 a.m. PDT. Until then, please review the ANS summary page for more information to help you prepare for Security Bulletin testing and deployment.

Follow us on Twitter at @MSFTSecResponse

Tracey Pretorius, Director
Response Communications

MS14-012 – Critical : Cumulative Security Update for Internet Explorer (2925418) – Version: 1.0

 Microsoft Security Bulletins  Comments Off on MS14-012 – Critical : Cumulative Security Update for Internet Explorer (2925418) – Version: 1.0
Mar 112014
 

Severity Rating: Critical
Revision Note: V1.0 (March 11, 2014): Bulletin published.
Summary: This security update resolves one publicly disclosed vulnerability and seventeen privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

%d bloggers like this: