light bulb

Did You Know?



Reply
Highlighted
Posts: 9,398
Topics: 669
Kudos: 8,442
Registered: ‎02-03-2012

Microsoft Security Bulletin Advance Notification for July 2014 Issued: July 3, 2014

********************************************************************

Microsoft Security Bulletin Advance Notification for July 2014

Issued: July 3, 2014

********************************************************************

 

Notice to IT Professionals:

 

On June 27, 2014, we notified customers that we were suspending Microsoft security notifications by email due to changing Governmental policies concerning the issuance of automated electronic messaging. We have reviewed our processes and are resuming security notifications by email commencing with the release of this monthly Advanced Notification Service (ANS) mailing.

 

This is an advance notification of security bulletins that Microsoft is intending to release on July 8, 2014.

 

The full version of the Microsoft Security Bulletin Advance Notification for July 2014 can be found at <https://technet.microsoft.com/library/security/ms14-jul>.

 

This bulletin advance notification will be replaced with the July bulletin summary on July 8, 2014. For more information about the bulletin advance notification service, see <http://technet.microsoft.com/security/gg309152>.

 

Microsoft will host a webcast to address customer questions on these bulletins on July 9, 2014 at 11:00 AM Pacific Time (US & Canada). Register for the Security Bulletin Webcast at <http://technet.microsoft.com/security/dn756352>.

 

This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. The security bulletins for this month are as follows, in order of severity:

 

 

Critical Security Bulletins

============================

 

Bulletin 1

 

  - Affected Software:

    - Windows Server 2003 Service Pack 2:

      - Internet Explorer 6

      - Internet Explorer 7

      - Internet Explorer 8

    - Windows Server 2003 x64 Edition Service Pack 2:

      - Internet Explorer 6

      - Internet Explorer 7

      - Internet Explorer 8

    - Windows Server 2003 with SP2 for Itanium-based Systems:

      - Internet Explorer 6

      - Internet Explorer 7

    - Windows Vista Service Pack 2:

      - Internet Explorer 7

      - Internet Explorer 8

      - Internet Explorer 9

    - Windows Vista x64 Edition Service Pack 2:

      - Internet Explorer 7

      - Internet Explorer 8

      - Internet Explorer 9

    - Windows Server 2008 for 32-bit Systems Service Pack 2:

      - Internet Explorer 7

      - Internet Explorer 8

      - Internet Explorer 9

      (Windows Server 2008 Server Core installation not affected)

    - Windows Server 2008 for x64-based Systems Service Pack 2:

      - Internet Explorer 7

      - Internet Explorer 8

      - Internet Explorer 9

      (Windows Server 2008 Server Core installation not affected)

    - Windows Server 2008 for Itanium-based Systems Service Pack 2:

      - Internet Explorer 7

    - Windows 7 for 32-bit Systems Service Pack 1:

      - Internet Explorer 8

      - Internet Explorer 9

      - Internet Explorer 10

      - Internet Explorer 11

    - Windows 7 for x64-based Systems Service Pack 1:

      - Internet Explorer 8

      - Internet Explorer 9

      - Internet Explorer 10

      - Internet Explorer 11

    - Windows Server 2008 R2 for x64-based Systems

      Service Pack 1:

      - Internet Explorer 8

      - Internet Explorer 9

      - Internet Explorer 10

      - Internet Explorer 11

      (Windows Server 2008 R2 Server Core installation

      not affected)

    - Windows Server 2008 R2 for Itanium-based Systems Service

      Pack 1:

      - Internet Explorer 8

    - Windows 8 for 32-bit Systems:

      - Internet Explorer 10

    - Windows 8 for x64-based Systems:

      - Internet Explorer 10

    - Windows Server 2012:

      - Internet Explorer 10

      (Windows Server 2012 Server Core installation not affected)

    - Windows RT:

      - Internet Explorer 10

    - Windows 8.1 for 32-bit Systems:

      - Internet Explorer 11

    - Windows 8.1 for x64-based Systems:

      - Internet Explorer 11

    - Windows Server 2012 R2:

      - Internet Explorer 11

      (Windows Server 2012 R2 Server Core installation not affected)

    - Windows RT 8.1:

      - Internet Explorer 11

  - Impact: Remote Code Execution

  - Version Number: 1.0

 

Bulletin 2

 

  - Affected Software:

    - Windows Vista Service Pack 2

    - Windows Vista x64 Edition Service Pack 2

    - Windows Server 2008 for 32-bit Systems Service Pack 2

      (Windows Server 2008 Server Core installation not affected)

    - Windows Server 2008 for x64-based Systems Service Pack 2

      (Windows Server 2008 Server Core installation not affected)

    - Windows 7 for 32-bit Systems Service Pack 1

    - Windows 7 for x64-based Systems Service Pack 1

    - Windows Server 2008 R2 for x64-based Systems Service Pack 1

      (Windows Server 2008 R2 Server Core installation not affected)

    - Windows 8 for 32-bit Systems

    - Windows 8 for x64-based Systems

    - Windows 8.1 for 32-bit Systems

    - Windows 8.1 for x64-based Systems

    - Windows Server 2012

      (Windows Server 2012 Server Core installation not affected)

    - Windows Server 2012 R2

      (Windows Server 2012 R2 Server Core installation not affected)

    - Windows RT

    - Windows RT 8.1

  - Impact: Remote Code Execution

  - Version Number: 1.0

 

 

Important Security Bulletins

============================

 

Bulletin 3

 

  - Affected Software:

    - Windows Vista Service Pack 2

    - Windows Vista x64 Edition Service Pack 2

    - Windows Server 2008 for 32-bit Systems Service Pack 2

      (Windows Server 2008 Server Core installation affected)

    - Windows Server 2008 for x64-based Systems Service Pack 2

      (Windows Server 2008 Server Core installation affected)

    - Windows Server 2008 for Itanium-based Systems Service Pack 2

    - Windows 7 for 32-bit Systems Service Pack 1

    - Windows 7 for x64-based Systems Service Pack 1

    - Windows Server 2008 R2 for x64-based Systems Service Pack 1

      (Windows Server 2008 R2 Server Core installation affected)

    - Windows Server 2008 R2 for Itanium-based Systems Service

      Pack 1

    - Windows 8 for 32-bit Systems

    - Windows 8 for x64-based Systems

    - Windows 8.1 for 32-bit Systems

    - Windows 8.1 for x64-based Systems

    - Windows Server 2012

      (Windows Server 2012 Server Core installation affected)

    - Windows Server 2012 R2

      (Windows Server 2012 R2 Server Core installation affected)

    - Windows RT

    - Windows RT 8.1

  - Impact: Elevation of Privilege

  - Version Number: 1.0

 

Bulletin 4

 

  - Affected Software:

    - Windows Server 2003 Service Pack 2

    - Windows Server 2003 x64 Edition Service Pack 2

    - Windows Server 2003 with SP2 for Itanium-based Systems

    - Windows Vista Service Pack 2

    - Windows Vista x64 Edition Service Pack 2

    - Windows Server 2008 for 32-bit Systems Service Pack 2

      (Windows Server 2008 Server Core installation affected)

    - Windows Server 2008 for x64-based Systems Service Pack 2

      (Windows Server 2008 Server Core installation affected)

    - Windows Server 2008 for Itanium-based Systems Service Pack 2

    - Windows 7 for 32-bit Systems Service Pack 1

    - Windows 7 for x64-based Systems Service Pack 1

    - Windows Server 2008 R2 for x64-based Systems Service Pack 1

      (Windows Server 2008 R2 Server Core installation affected)

    - Windows Server 2008 R2 for Itanium-based Systems Service

      Pack 1

    - Windows 8 for 32-bit Systems

    - Windows 8 for x64-based Systems

    - Windows 8.1 for 32-bit Systems

    - Windows 8.1 for x64-based Systems

    - Windows Server 2012

      (Windows Server 2012 Server Core installation affected)

    - Windows Server 2012 R2

      (Windows Server 2012 R2 Server Core installation affected)

    - Windows RT

    - Windows RT 8.1

  - Impact: Elevation of Privilege

  - Version Number: 1.0

 

Bulletin 5

 

  - Affected Software:

    - Windows Vista Service Pack 2

    - Windows Vista x64 Edition Service Pack 2

    - Windows Server 2008 for 32-bit Systems Service Pack 2

      (Windows Server 2008 Server Core installation not affected)

    - Windows Server 2008 for x64-based Systems Service Pack 2

      (Windows Server 2008 Server Core installation not affected)

    - Windows 7 for 32-bit Systems Service Pack 1

    - Windows 7 for x64-based Systems Service Pack 1

    - Windows Server 2008 R2 for x64-based Systems Service Pack 1

      (Windows Server 2008 R2 Server Core installation not affected)

    - Windows 8 for 32-bit Systems

    - Windows 8 for x64-based Systems

    - Windows 8.1 for 32-bit Systems

    - Windows 8.1 for x64-based Systems

    - Windows Server 2012

      (Windows Server 2012 Server Core installation not affected)

    - Windows Server 2012 R2

      (Windows Server 2012 R2 Server Core installation not affected)

  - Impact: Elevation of Privilege

  - Version Number: 1.0

 

 

Moderate Security Bulletins

============================

 

Bulletin 6

 

  - Affected Software:

    - Microsoft Service Bus for Windows Server

  - Impact: Denial of Service

  - Version Number: 1.0

 

Daniel 

coollogo_com-133794099.gif


asapvip.pngSigGVIP.pngEPA.png


Webroot® SecureAnywhere™ Internet Security Complete Beta Tester v9.0.3.19 on my main system Alienware 17R2, Windows 10 Pro x64 & HTC One M8 Android Lollipop 5.0.1 Phone v3.7.0.7159.


MVP.gif.pngMicrosoft® MVP Consumer Security  


Twitter1.png  Untitled-1.png  WBA.png

Posts: 6,032
Kudos: 5,107
Registered: ‎10-28-2012

Re: Microsoft Security Bulletin Advance Notification for July 2014 Issued: July 3, 2014

That did not take too long for Microsoft to do an "About Face" regarding email notifications....  Good decision.

 

Thanks Daniel!


David

         

New to the Community? Register now and start posting!



Helpful Webroot Links:


Download (PC)   Download (Best Buy Subscription)   Submit Trouble Ticket   Account Console   User Guides   



"If you don't learn something new every day, you need to pay more attention. I often get my daily learning here so grab a chair and stay a while!"

WSA-Complete (Beta PC), WSA Mobile (Android), WSA Business Mobile (Android) WSA-Endpoint (PC- Some of the time.....)
Posts: 9,398
Topics: 669
Kudos: 8,442
Registered: ‎02-03-2012

Re: Microsoft Security Bulletin Advance Notification for July 2014 Issued: July 3, 2014

Yes it is I guess they didn't understand the new Canadian Anti-SPAM Law and they said they would stop it for everyone so there was many complaints..................... so they said it will continue as is! :smileyfrustrated:

 

Daniel :smileywink:

 

coollogo_com-133794099.gif


asapvip.pngSigGVIP.pngEPA.png


Webroot® SecureAnywhere™ Internet Security Complete Beta Tester v9.0.3.19 on my main system Alienware 17R2, Windows 10 Pro x64 & HTC One M8 Android Lollipop 5.0.1 Phone v3.7.0.7159.


MVP.gif.pngMicrosoft® MVP Consumer Security  


Twitter1.png  Untitled-1.png  WBA.png

Posts: 4,252
Topics: 2,467
Kudos: 3,466
Blog Posts: 0
Registered: ‎06-02-2014

Re: Microsoft Security Bulletin Advance Notification for July 2014 Issued: July 3, 2014

The following article is a update on Microsoft Notification

 

(Microsoft Issues New Advice on Defending Against Pass-the-Hash Attacks)

 

By:

By Mike Lennon on July 08, 2014
 

Microsoft on Tuesday released new guidance to help customers defend against credential theft stemming from Pass-the-Hash (PtH) attacks.

In a new white paper called Mitigating Pass-the-Hash and Other Credential Theft, version 2, Microsoft encourages IT professionals to “assume breach” to highlight the need for the use of holistic planning strategies and features in Microsoft Windows to become more resilient against credential theft attacks.

Microsoft describes Pass-the-Hash attacks as a technique in which an attacker captures account logon credentials on one computer and then uses those captured credentials to authenticate other computers over the network.

This latest 60-page report is a follow-up to a previously released report from Microsoft on guidance and mitigations for Pass-the-Hash attacks.

 

SecurityWeek/ Full Read Here/ http://www.securityweek.com/microsoft-issues-new-advice-defending-against-pass-hash-attacks

Community Leader

Posts: 6,390
Topics: 83
Kudos: 5,781
Registered: ‎11-27-2013

PATCH NOW: Microsoft swats 29 security bugs, Adobe closes hijack hole

PATCH NOW: Microsoft swats 29 security bugs, Adobe closes hijack hole

Dear Windows Journal, today I got owned

Sherry

   

Helpful Webroot Links:


Download (PC) | Download (Best Buy Subscription) | Submit Trouble Ticket | Account Console | User Guides |

BrightCloud URL lookup

Register and Introduce yourself to The Community!


Mac / Yosemite(10.10.4), IPads, PCs,W 7 Pro & W 8.1 R Pro. W 7 Pro on Lenovo (VM:W7,8.1,10) & W/Vista Ultimate on Gateway Laptop.
(WSAC 5 PC,WSA Business)W/10 Preview (WSAC Android)
Posts: 902
Registered: ‎06-20-2014

Re: PATCH NOW: Microsoft swats 29 security bugs, Adobe closes hijack hole

Oh boy PATCH TUESDAY, LOL!

 

Yes, it owns you, I found the updates earlier and they are still downloading and installing.

sig



Experience Shared is Knowledge Shared, Share Yours! I'm a volunteer – my reward is your SMILE!Smiley Very Happy


Helpful Webroot Links:


                         Submit Trouble Ticket • User Guides • BrightCloud URL lookup • Account Console 

Download (PC) • Download (Best Buy/Geek Squad Subscription) • Download (Walmart and Target) • Download (MSN Subscription) 


                                         Register and Introduce yourself to The Community!

Posts: 6,032
Kudos: 5,107
Registered: ‎10-28-2012

Re: PATCH NOW: Microsoft swats 29 security bugs, Adobe closes hijack hole

This is a matter of opinion ONLY, but I thought this should be a part of a previous post, so I merged it Smiley Happy

 

Thanks Sherry!!!!  I know our usual Microsoft Guru Daniel is not available today so thank you for keeping us up to date!!!


David

         

New to the Community? Register now and start posting!



Helpful Webroot Links:


Download (PC)   Download (Best Buy Subscription)   Submit Trouble Ticket   Account Console   User Guides   



"If you don't learn something new every day, you need to pay more attention. I often get my daily learning here so grab a chair and stay a while!"

WSA-Complete (Beta PC), WSA Mobile (Android), WSA Business Mobile (Android) WSA-Endpoint (PC- Some of the time.....)
Community Guide
Posts: 228
Registered: ‎06-04-2014

Re: PATCH NOW: Microsoft swats 29 security bugs, Adobe closes hijack hole

1,3GB Updates for Windows and MS Office, and those are only the important ones which are automatically approved by WSUS Smiley Happy

 

Community Guide



-Webroot Endpoint Protection user-
Posts: 4,252
Topics: 2,467
Kudos: 3,466
Blog Posts: 0
Registered: ‎06-02-2014

Re: Microsoft Security Bulletin Advance Notification for July 2014 Issued: July 3, 2014

The following article is a update on Microsoft Notification

 

(Office Mix: Microsoft's new tool may revolutionize presentations)

 

By: By J. Peter Bruzzese | InfoWorld/ July 09, 2014

 

The PowerPoint add-on helps turn slideshows into interactive presentations with lots of bells and whistles

 

For years, I've worked with tools for creating online presentations, including TechSmith's Camtasia, Adobe's Captivate, and Articulate's Storyline. They do the job well, but they're not easy for many people to use, much less master.

So I was intrigued by Microsoft's new PowerPoint add-on, called Office Mix, that debuted in a public beta in May. Although it's touted as a "game-changer" for teachers (as evidenced by Microsoft's example gallery of "mixes" created with the tool), I saw Office Mix as a potentially useful tool for every enterprise.

 

Microsoft_Office_hp.jpg

 

InfoWorld/ Full Read Here/ http://www.infoworld.com/d/microsoft-windows/office-mix-microsofts-new-tool-may-revolutionize-presen...

Community Leader

Posts: 4,252
Topics: 2,467
Kudos: 3,466
Blog Posts: 0
Registered: ‎06-02-2014

Re: Microsoft Security Bulletin Advance Notification for July 2014 Issued: July 3, 2014

The following article is a update on Microsoft Notification

 

(Windows admins get new tools against pass-the-hash attacks)

 

Community Leader