1 edit
6 recommendations |
Microsoft Security Bulletin(s) for march 10, 2015Microsoft Security Bulletin(s) for march 10, 2015 Note: There may be latency issues due to replication, if the page does not display keep refreshing Today Microsoft released the following Security Bulletin(s). Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details. Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided. Bulletin Summary: » technet.microsoft.com/en ··· ulletin/Critical (4) Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323) » technet.microsoft.com/en ··· MS15-021Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (3041836) » technet.microsoft.com/en ··· MS15-020Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3040297) » technet.microsoft.com/en ··· MS15-019Cumulative Security Update for Internet Explorer (3032359) » technet.microsoft.com/en ··· MS15-018Important (10) Vulnerability in Schannel Could Allow Security Feature Bypass (3046049) » technet.microsoft.com/en ··· MS15-031Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (3039976) » technet.microsoft.com/en ··· MS15-030Vulnerability in Windows Photo Decoder Component Could Allow Information Disclosure (3035126) » technet.microsoft.com/en ··· MS15-029Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass (3030377) » technet.microsoft.com/en ··· MS15-028Vulnerability in NETLOGON Could Allow Spoofing (3002657) » technet.microsoft.com/en ··· MS15-027Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3040856) » technet.microsoft.com/en ··· MS15-026Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680) » technet.microsoft.com/en ··· MS15-025Vulnerability in PNG Processing Could Allow Information Disclosure (3035132) » technet.microsoft.com/en ··· MS15-024Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege (3034344) » technet.microsoft.com/en ··· MS15-023Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999) » technet.microsoft.com/en ··· MS15-022 |
|
dp MVM join:2000-12-08 Greensburg, PA
1 recommendation |
dp
MVM
2015-Mar-10 1:50 pm
Thank you Nick |
|
85160670 (banned)"If U know neither the enemy nor yoursel join:2013-09-17 Edmonton, AB
1 recommendation |
to NICK ADSL UK
THX & ACK ..... Nick, got it installed 13 on Win7 & 18 on Vista |
|
1 recommendation |
to NICK ADSL UK
saw 31 updates at w8.1 32 total 80.1MB |
|
|
to NICK ADSL UK
Updated two Win7 systems. 20 packages on the one with Office, 12 on the one without. Hefty set today. But no .NET framework updates so post processing wrapped up pretty quickly after reboot. |
|
85160670 (banned)"If U know neither the enemy nor yoursel join:2013-09-17 Edmonton, AB |
85160670 (banned)
Member
2015-Mar-10 3:46 pm
4 attention gpedit folks : .......[ » www.ghacks.net/2015/03/1 ··· ch-2015/ ] |
|
phxuser join:2010-03-16 Scottsdale, AZ |
Looks like Freak attack vulnerability in IE11 has been fixed. |
|
2 edits |
to NICK ADSL UK
Installed all 12 patches for W7 64 without Office, noticing that a freeze with SeaMonkey 2.32.1 (current) now occurs when first visiting any secure site with EV, such as twitter.com, after a reboot. This is the same problem I had with subsequently yanked patch 2949927 (SHA-2 algorithm) last year. So far I cannot identify which patch is causing the problem.
I noticed that checking digital signatures now displays a new field for "algorithm," so whichever patch changed this behavior is probably the one affecting the browsers.
Edit: The problem did not occur on IE 11.
Edit: I found the culprit, KB3033929, which was Microsoft's replacement for the pulled 2949927. It took me three reboots to uninstall it, with the same CAPI2 error as when I uninstalled 2949927, but all is now working correctly. (Also, the "algorithm" field is no longer present on digital certificates.) |
|
85160670 (banned)"If U know neither the enemy nor yoursel join:2013-09-17 Edmonton, AB |
85160670 (banned)
Member
2015-Mar-10 4:17 pm
Huh ...... try both IE-11 & Chrome-41.x all open smoothly ¿ ¿ BTW, what is "EV" ? |
|
1 recommendation |
to NICK ADSL UK
i had 9 updates for "windows xpsp3"..
FREAK fixed..
font-problem fixed.. |
|
CartelIntel inside Your sensitive data outside Premium Member join:2006-09-13 Chilliwack, BC
2 recommendations |
to NICK ADSL UK
Oops! The page you are looking for may have a new location, or is no longer available. |
|
1 edit |
to 85160670
EV is "Extended Validation." Twitter is working normally for me on SM only after I uninstalled patch 3033929 (more in my edit, above).
Edit: I now think this freezing problem may be specific to SeaMonkey but am not keen to reinstall the problematic patch to test it. |
|
norwegian Premium Member join:2005-02-15 Outback |
to NICK ADSL UK
Win 8.1 update 2 x64 Office Home and Student 2010
44 updates |
|
Jrb2 Premium Member join:2001-08-31
1 recommendation |
to NICK ADSL UK
Thanks Nick!
I got 26 updates on Win7 64 bits (including Office 2010 and MSRTool) |
|
|
MuchoPatch to Alpha_Tay
Anon
2015-Mar-10 6:45 pm
to Alpha_Tay
said by Alpha_Tay:saw 31 updates at w8.1 32 total 80.1MB Me too. Most I remember seeing on Windows 8 platform. |
|
MarkAWBarry White Premium Member join:2001-08-27 Canada
1 recommendation |
to NICK ADSL UK
Thanks Nick 16 updates for my Win 7 64-bit. |
|
|
to NICK ADSL UK
some error appearing, on both win7 32&64, after windows updated and restart and disk cleanup windows catalog, run windows update check for updates again, KB3021952 and KB3032359 would reappear. if install both again, then run disk cleanup windows catalog, and run windows update check for updates again, KB3021952 and KB3032359 would reappear again. |
|
|
kayfam
Member
2015-Mar-11 9:42 am
Yep I've run into the same exact problem on my Win7 boxes after running disk cleanup. Hopefully someone will come along with a fix since the best I've been able to do is go in circles. |
|
|
the best solution right now was run disk cleanup windows catalog after 1st windows updated and restart, then run windows update check for updates again, and install KB3021952 and KB3032359 again, but dont run disk cleanup windows catalog after that this times. |
|
2 edits |
After reinstalling 3033929, the freezing problem still occurs with all Mozilla browsers, including Firefox 36.0.1. Chromium and IE 11 seem to be OK.
Update: Unfortunately, all Mozilla browsers freeze, including SM, FF, and Cyberfox. |
|
|
to NICK ADSL UK
Anyone else have a double-reboot after installing the patches? (This is 32-bit Win7 w/ Office 2007). Anyone know why it does the double reboot and maybe which patch could be the cause? |
|
your moderator at work
hidden : Off topic
|
Jrb2 Premium Member join:2001-08-31
1 recommendation |
to andyross
Re: Microsoft Security Bulletin(s) for march 10, 2015said by andyross:Anyone else have a double-reboot after installing the patches? (This is 32-bit Win7 w/ Office 2007). Anyone know why it does the double reboot and maybe which patch could be the cause? Hi, Yes, I too got a double-reboot on Win7 64-bit with Office 2010. I did the updates in three parts: 1. First the ones without the Office updates and without the IE-11 cumulative update, but with the MSRT. 2. Then the IE-11 cumulative update. 3. Then the Office updates. As far as I remember the double-reboot was in the first one; but why and which patch did cause it, I don't know; sorry. |
|
|
|
to Sportsfan
said by Sportsfan:After reinstalling 3033929, the freezing problem still occurs with all Mozilla browsers, including Firefox 36.0.1. Chromium and IE 11 seem to be OK.
Update: Unfortunately, all Mozilla browsers freeze, including SM, FF, and Cyberfox. I can't find any other web chatter regarding Mozilla products being effected by this patch. Is anyone else seeing this problem? |
|
|
to andyross
said by andyross:Anyone else have a double-reboot after installing the patches? (This is 32-bit Win7 w/ Office 2007). Anyone know why it does the double reboot and maybe which patch could be the cause? it's the update for "remote desktop protocol".. i notice that the "update" includes two individual updates.. » support.microsoft.com/kb/3036493» www.infoworld.com/articl ··· 049.html |
|
|
to planet
said by planet:said by Sportsfan:After reinstalling 3033929, the freezing problem still occurs with all Mozilla browsers, including Firefox 36.0.1. Chromium and IE 11 seem to be OK.
Update: Unfortunately, all Mozilla browsers freeze, including SM, FF, and Cyberfox. I can't find any other web chatter regarding Mozilla products being effected by this patch. Is anyone else seeing this problem? I run FF 36.0.1 and Nightly. I have no issues on neither. Sportsfan, have you tried a clean profile, or disabled the Extensions/Add-Ons? |
|
|
said by StyxKee:I run FF 36.0.1 and Nightly. I have no issues on neither. Sportsfan, have you tried a clean profile, or disabled the Extensions/Add-Ons? I might have been using a clean profile with Cyberfox, although unfortunately I don't remember. After two frustrating days, I ended up uninstalling the patch again, which required 4 reboots :-/ I could reproduce the freeze reliably by restarting the PC, opening any of the Mozilla browsers, clearing the cache, then visiting twitter.com. Opening another Mozilla browser would not cause the freeze unless the computer was rebooted again. Disabling hardware acceleration made no difference. I have not been able to find anyone else reporting this issue so far. |
|
Sportsfan
1 recommendation |
It's not the same problem I'm having, but reports are surfacing about problems with that patch kb3033929 putting some Windows 7 computers into an infinite reboot loop. Brian Krebs is advising people not to install it for now. There is definitely something wrong with this patch. » krebsonsecurity.com/2015 ··· ot-loop/» social.technet.microsoft ··· security |
|
BlackbirdBuilt for Speed Premium Member join:2005-01-14 Fort Wayne, IN 1 edit
2 recommendations |
The kb3033929 problem seems to involve at least some systems using custom boot-loaders. It appears to be hitting dual-boot users especially hard. As usual, I'm holding off Win-updating until the dust settles. Doesn't anyone work at Microsoft QA anymore??? |
|
85160670 (banned)"If U know neither the enemy nor yoursel join:2013-09-17 Edmonton, AB |
to NICK ADSL UK
Just in case some go this trouble path "Patch Tuesday update causing infinite reboot loop on Windows 7 and Server 2008 R2"....[ » www.neowin.net/news/patc ··· -2008-r2 ] |
|