Home / vulnerabilities

PDF

Microsoft Security Bulletin Revision Increment For December, 2014

Posted on 10 December 2014
Source : packetstormsecurity.org Link

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Bulletin Releases
Issued: December 9, 2014
********************************************************************

Summary
=======

The following bulletins have undergone a major revision increment.

* MS14-065 - Critical
* MS14-066 - Critical

Bulletin Information:
=====================

MS14-065 - Critical

- Title: Cumulative Security Update for Internet Explorer
- https://technet.microsoft.com/library/security/ms14-065
- Reason for Revision: V2.0 (December 9, 2014): To address issues
with Security Update 3003057, Microsoft re-released MS14-065 to
comprehensively address CVE-2014-6353. Customers running
Internet Explorer 8 on Windows 7 or Windows Server 2008, or
Internet Explorer 10 should either install the newly offered
update or install the December Internet Explorer Cumulative
Update (3008923). See Microsoft Knowledge Base Article 3003057
for more information.
- Originally posted: November 11, 2014
- Updated: December 9, 2014
- Bulletin Severity Rating: Critical
- Version: 2.0

MS14-066 - Critical

- Title: Vulnerability in Schannel Could Allow Remote Code
Execution
- https://technet.microsoft.com/library/security/ms14-066
- Reason for Revision: V3.0 (December 9, 2014): Bulletin revised to
announce the reoffering of the 2992611 update to systems running
Windows Vista and Windows Server 2008. The reoffering addresses
an issue in the original release. Customers running Windows Vista
or Windows Server 2008 who installed the 2992611 update prior to
the December 9 reoffering should reapply the update. See
Microsoft Knowledge Base Article 2992611 for more information.
- Originally posted: November 11, 2014
- Updated: December 9, 2014
- Bulletin Severity Rating: Critical
- Version: 3.0

Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious websites. Microsoft does
not distribute security updates via email.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters you’ve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950)
Charset: utf-8

wsFVAwUBVIYdjr8Fv/Q6pUnlAQijUw//d5WnPtFfxSMIfaybCzgJ7UQkuk8m2Z46
e5JAMlhK6yMwfGs7oV8yKpOwTbZajOfULwlOFIlAmJiEyaGG/+kpvcP+XynfeMtI
5fjxvhDRzDmnsf0fhUw1EJjDO3+mAxZdElPGmEdRO0piO82GLLXA6QV+rLjcZ9tw
/F3AuGNDX6gNckRzSwpYXFjULqINUfC71wCY/6XClq+lmtWG6GcZIQulNXmQgetI
gf3EyL854/6OvxNbjJlk8bD+L3xKADbqc+QG8HUKIMWTgE3ELcfnYjOHjx6xG6XS
Y2JWgvOioPzIImMdlBongXxHIxDd2H9Id330n//yLc/30IZmj3pO3tYKQJpyLPD7
sbba6u/zXPFvLuW8TM1zTGg/wktXclH+y5zAPEV9IoNuAcfvT3ITspWiUjMWgAml
F+YY7N295/h+EHNGl4cQ7Tgammpnc9bOph/Vy76TmmLx1/iVMXFkK1bFw01GbdGK
DKby9YuSZs18BT53hZhNQaktRGEwDfSkqpxxzfLFDLHyJG066HvGmzF8n4Ss+IXo
CTMZs+jiHWTd4HbvGB3yPk6rko7LdExHebGJbRQ+5MQgNOjDb8HflCv7lY6qaLhe
xXoYrMVQN9Anmp/C6rFssdSNJ36nGUypcr7wZ2euY9N5uYm5FNmXS5kOsJYb73Tm
qBUq2v8Lqv0=
=pGHY
-----END PGP SIGNATURE-----

 

TOP