dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
2883

NICK ADSL UK
MVM
join:2004-02-22
united kingd

1 edit

6 recommendations

NICK ADSL UK

MVM

Microsoft Security Bulletin(s) for march 10, 2015

Microsoft Security Bulletin(s) for march 10, 2015

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»technet.microsoft.com/en ··· ulletin/

Critical (4)
Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323)
»technet.microsoft.com/en ··· MS15-021

Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (3041836)
»technet.microsoft.com/en ··· MS15-020

Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3040297)
»technet.microsoft.com/en ··· MS15-019

Cumulative Security Update for Internet Explorer (3032359)
»technet.microsoft.com/en ··· MS15-018

Important (10)
Vulnerability in Schannel Could Allow Security Feature Bypass (3046049)
»technet.microsoft.com/en ··· MS15-031

Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (3039976)
»technet.microsoft.com/en ··· MS15-030

Vulnerability in Windows Photo Decoder Component Could Allow Information Disclosure (3035126)
»technet.microsoft.com/en ··· MS15-029

Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass (3030377)
»technet.microsoft.com/en ··· MS15-028

Vulnerability in NETLOGON Could Allow Spoofing (3002657)
»technet.microsoft.com/en ··· MS15-027

Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3040856)
»technet.microsoft.com/en ··· MS15-026

Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680)
»technet.microsoft.com/en ··· MS15-025

Vulnerability in PNG Processing Could Allow Information Disclosure (3035132)
»technet.microsoft.com/en ··· MS15-024

Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege (3034344)
»technet.microsoft.com/en ··· MS15-023

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999)
»technet.microsoft.com/en ··· MS15-022

dp
MVM
join:2000-12-08
Greensburg, PA

1 recommendation

dp

MVM

Thank you Nick
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

1 recommendation

85160670 (banned) to NICK ADSL UK

Member

to NICK ADSL UK
Click for full size
THX & ACK ..... Nick, got it installed 13 on Win7 & 18 on Vista

Alpha_Tay
join:2003-04-30
Malaysia

1 recommendation

Alpha_Tay to NICK ADSL UK

Member

to NICK ADSL UK
saw 31 updates at w8.1 32
total 80.1MB

sbconslt
join:2009-07-28
Los Angeles, CA

sbconslt to NICK ADSL UK

Member

to NICK ADSL UK
Updated two Win7 systems. 20 packages on the one with Office, 12 on the one without. Hefty set today. But no .NET framework updates so post processing wrapped up pretty quickly after reboot.
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

85160670 (banned)

Member

Click for full size
4 attention gpedit folks : .......[ »www.ghacks.net/2015/03/1 ··· ch-2015/ ]
phxuser
join:2010-03-16
Scottsdale, AZ

phxuser

Member

Looks like Freak attack vulnerability in IE11 has been fixed.

Sportsfan
join:2012-03-26

2 edits

Sportsfan to NICK ADSL UK

Member

to NICK ADSL UK
Installed all 12 patches for W7 64 without Office, noticing that a freeze with SeaMonkey 2.32.1 (current) now occurs when first visiting any secure site with EV, such as twitter.com, after a reboot. This is the same problem I had with subsequently yanked patch 2949927 (SHA-2 algorithm) last year. So far I cannot identify which patch is causing the problem.

I noticed that checking digital signatures now displays a new field for "algorithm," so whichever patch changed this behavior is probably the one affecting the browsers.

Edit: The problem did not occur on IE 11.

Edit: I found the culprit, KB3033929, which was Microsoft's replacement for the pulled 2949927. It took me three reboots to uninstall it, with the same CAPI2 error as when I uninstalled 2949927, but all is now working correctly. (Also, the "algorithm" field is no longer present on digital certificates.)
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

85160670 (banned)

Member

Click for full size
Huh ...... try both IE-11 & Chrome-41.x all open smoothly ¿ ¿ BTW, what is "EV" ?
redwolfe_98
Premium Member
join:2001-06-11

1 recommendation

redwolfe_98 to NICK ADSL UK

Premium Member

to NICK ADSL UK
i had 9 updates for "windows xpsp3"..

FREAK fixed..

font-problem fixed..

Cartel
Intel inside Your sensitive data outside
Premium Member
join:2006-09-13
Chilliwack, BC

2 recommendations

Cartel to NICK ADSL UK

Premium Member

to NICK ADSL UK
Oops!
The page you are looking for may have a new location, or is no longer available.

Sportsfan
join:2012-03-26

1 edit

Sportsfan to 85160670

Member

to 85160670
EV is "Extended Validation." Twitter is working normally for me on SM only after I uninstalled patch 3033929 (more in my edit, above).

Edit: I now think this freezing problem may be specific to SeaMonkey but am not keen to reinstall the problematic patch to test it.

norwegian
Premium Member
join:2005-02-15
Outback

norwegian to NICK ADSL UK

Premium Member

to NICK ADSL UK
Win 8.1 update 2 x64
Office Home and Student 2010

44 updates
Jrb2
Premium Member
join:2001-08-31

1 recommendation

Jrb2 to NICK ADSL UK

Premium Member

to NICK ADSL UK
Thanks Nick!

I got 26 updates on Win7 64 bits (including Office 2010 and MSRTool)

MuchoPatch
@comcast.net

MuchoPatch to Alpha_Tay

Anon

to Alpha_Tay
said by Alpha_Tay:

saw 31 updates at w8.1 32
total 80.1MB

Me too. Most I remember seeing on Windows 8 platform.

MarkAW
Barry White
Premium Member
join:2001-08-27
Canada

1 recommendation

MarkAW to NICK ADSL UK

Premium Member

to NICK ADSL UK
Thanks Nick 16 updates for my Win 7 64-bit.

Alpha_Tay
join:2003-04-30
Malaysia

Alpha_Tay to NICK ADSL UK

Member

to NICK ADSL UK
some error appearing, on both win7 32&64, after windows updated and restart and disk cleanup windows catalog, run windows update check for updates again, KB3021952 and KB3032359 would reappear. if install both again, then run disk cleanup windows catalog, and run windows update check for updates again, KB3021952 and KB3032359 would reappear again.
kayfam
join:2002-02-27
Erie, PA

kayfam

Member

Yep I've run into the same exact problem on my Win7 boxes after running disk cleanup. Hopefully someone will come along with a fix since the best I've been able to do is go in circles.

Alpha_Tay
join:2003-04-30
Malaysia

Alpha_Tay

Member

the best solution right now was run disk cleanup windows catalog after 1st windows updated and restart, then run windows update check for updates again, and install KB3021952 and KB3032359 again, but dont run disk cleanup windows catalog after that this times.

Sportsfan
join:2012-03-26

2 edits

Sportsfan

Member

After reinstalling 3033929, the freezing problem still occurs with all Mozilla browsers, including Firefox 36.0.1. Chromium and IE 11 seem to be OK.

Update: Unfortunately, all Mozilla browsers freeze, including SM, FF, and Cyberfox.

andyross
MVM
join:2003-05-04
Aurora, IL

andyross to NICK ADSL UK

MVM

to NICK ADSL UK
Anyone else have a double-reboot after installing the patches? (This is 32-bit Win7 w/ Office 2007). Anyone know why it does the double reboot and maybe which patch could be the cause?
Expand your moderator at work
Jrb2
Premium Member
join:2001-08-31

1 recommendation

Jrb2 to andyross

Premium Member

to andyross

Re: Microsoft Security Bulletin(s) for march 10, 2015

said by andyross:

Anyone else have a double-reboot after installing the patches? (This is 32-bit Win7 w/ Office 2007). Anyone know why it does the double reboot and maybe which patch could be the cause?

Hi,
Yes, I too got a double-reboot on Win7 64-bit with Office 2010.
I did the updates in three parts:
1. First the ones without the Office updates and without the IE-11 cumulative update, but with the MSRT.
2. Then the IE-11 cumulative update.
3. Then the Office updates.

As far as I remember the double-reboot was in the first one; but why and which patch did cause it, I don't know; sorry.

planet
join:2001-11-05
Oz

planet to Sportsfan

Member

to Sportsfan
said by Sportsfan:

After reinstalling 3033929, the freezing problem still occurs with all Mozilla browsers, including Firefox 36.0.1. Chromium and IE 11 seem to be OK.

Update: Unfortunately, all Mozilla browsers freeze, including SM, FF, and Cyberfox.

I can't find any other web chatter regarding Mozilla products being effected by this patch. Is anyone else seeing this problem?
redwolfe_98
Premium Member
join:2001-06-11

redwolfe_98 to andyross

Premium Member

to andyross
said by andyross:

Anyone else have a double-reboot after installing the patches? (This is 32-bit Win7 w/ Office 2007). Anyone know why it does the double reboot and maybe which patch could be the cause?

it's the update for "remote desktop protocol"..

i notice that the "update" includes two individual updates..

»support.microsoft.com/kb/3036493

»www.infoworld.com/articl ··· 049.html

StyxKee
join:2001-07-05
GTA, Canada

StyxKee to planet

Member

to planet
said by planet:

said by Sportsfan:

After reinstalling 3033929, the freezing problem still occurs with all Mozilla browsers, including Firefox 36.0.1. Chromium and IE 11 seem to be OK.

Update: Unfortunately, all Mozilla browsers freeze, including SM, FF, and Cyberfox.

I can't find any other web chatter regarding Mozilla products being effected by this patch. Is anyone else seeing this problem?

I run FF 36.0.1 and Nightly. I have no issues on neither. Sportsfan, have you tried a clean profile, or disabled the Extensions/Add-Ons?

Sportsfan
join:2012-03-26

Sportsfan

Member

said by StyxKee:

I run FF 36.0.1 and Nightly. I have no issues on neither. Sportsfan, have you tried a clean profile, or disabled the Extensions/Add-Ons?

I might have been using a clean profile with Cyberfox, although unfortunately I don't remember. After two frustrating days, I ended up uninstalling the patch again, which required 4 reboots :-/

I could reproduce the freeze reliably by restarting the PC, opening any of the Mozilla browsers, clearing the cache, then visiting twitter.com. Opening another Mozilla browser would not cause the freeze unless the computer was rebooted again. Disabling hardware acceleration made no difference. I have not been able to find anyone else reporting this issue so far.
Sportsfan

1 recommendation

Sportsfan

Member

It's not the same problem I'm having, but reports are surfacing about problems with that patch kb3033929 putting some Windows 7 computers into an infinite reboot loop. Brian Krebs is advising people not to install it for now. There is definitely something wrong with this patch.

»krebsonsecurity.com/2015 ··· ot-loop/
»social.technet.microsoft ··· security

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

1 edit

2 recommendations

Blackbird

Premium Member

The kb3033929 problem seems to involve at least some systems using custom boot-loaders. It appears to be hitting dual-boot users especially hard. As usual, I'm holding off Win-updating until the dust settles. Doesn't anyone work at Microsoft QA anymore???
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

85160670 (banned) to NICK ADSL UK

Member

to NICK ADSL UK
Just in case some go this trouble path "Patch Tuesday update causing infinite reboot loop on Windows 7 and Server 2008 R2"....[ »www.neowin.net/news/patc ··· -2008-r2 ]