by Mark | Dec 9, 2015 | Patch Management, Patch Releases, SCCM
Microsoft’s December 2015 Patch Releases
The following twelve Patch Tuesday updates / patches have been released by Microsoft for the December 2015 Update deployment.
MS15-112 – Critical
Cumulative Security Update for Internet Explorer (3104517)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-125 – Critical
Cumulative Security Update for Microsoft Edge (3116184)
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-126 – Critical
Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3116178)
This security update resolves vulnerabilities in the VBScript scripting engine in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker hosts a specially crafted website that is designed to exploit the vulnerabilities through Internet Explorer (or leverages a compromised website or a website that accepts or hosts user-provided content or advertisements) and then convinces a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that uses the Internet Explorer rendering engine to direct the user to the specially crafted website.
MS15-127 – Critical
Security Update for Microsoft Windows DNS to Address Remote Code Execution (3100465)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted requests to a DNS server.
MS15-128 – Critical
Security Update for Microsoft Graphics Component to Address Remote Code Execution (3104503)
This security update resolves vulnerabilities in Microsoft Windows, .NET Framework, Microsoft Office, Skype for Business, Microsoft Lync, and Silverlight. The vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.
MS15-129 – Critical
Security Update for Silverlight to Address Remote Code Execution (3106614)
This security update resolves vulnerabilities in Microsoft Silverlight. The most severe of the vulnerabilities could allow remote code execution if Microsoft Silverlight incorrectly handles certain open and close requests that could result in read- and write-access violations. To exploit the vulnerability, an attacker could host a website that contains a specially crafted Silverlight application and then convince a user to visit a compromised website. The attacker could also take advantage of websites containing specially crafted content, including those that accept or host user-provided content or advertisements.
MS15-130 – Critical
Security Update for Microsoft Uniscribe to Address Remote Code Execution (3108670)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains specially crafted fonts.
MS15-131 – Critical
Security Update for Microsoft Office to Address Remote Code Execution (3116111)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-132 – Important
Security Update for Microsoft Windows to Address Remote Code Execution (3116162)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker accesses a local system and runs a specially crafted application.
MS15-133 – Important
Security Update for Windows PGM to Address Elevation of Privilege (3116130)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a target system and runs a specially crafted application that, by way of a race condition, results in references to memory locations that have already been freed. Microsoft Message Queuing (MSMQ) must be installed and the Windows Pragmatic General Multicast (PGM) protocol specifically enabled for a system to be vulnerable. MSMQ is not present in default configurations and, if it is installed, the PGM protocol is available but disabled by default.
MS15-134 – Important
Security Update for Windows Media Center to Address Remote Code Execution (3108669)
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-135 – Important
Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3119075)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a target system and runs a specially crafted application.
by Mark | Dec 5, 2015 | Patch Management, Patch Releases
WSUS 4.0 Update
Ensuring Seamless Deployment of Windows 10 Feature Upgrade (Version 1511) with KB 3095113
If you are looking for a comprehensive Windows management tool that provides a centralized location to manage and deploy software updates, then the Windows Server Update Services (WSUS) is a valuable tool to have in your IT arsenal. With the latest feature upgrade for Windows 10 (version 1511) released, it is essential to keep your WSUS up-to-date to ensure seamless deployment of the latest Windows 10 feature upgrade to your clients.
To this end, Microsoft has released a crucial patch for WSUS for WS12 and WS12R2 (KB 3095113), which enables WSUS to deploy the Windows 10 feature upgrade (version 1511) to your clients. In this article, we will take a closer look at the features and benefits of this latest WSUS update and how it can help you manage your Windows updates more efficiently.
Upgrading to Windows 10 Feature Upgrade (Version 1511)
The release of the Windows 10 feature upgrade (version 1511) marked a significant milestone for Windows 10 users, as it was the first-ever in-place upgrade for the operating system. This update offered various new features, including improvements to Cortana, Microsoft Edge, and the Start Menu, to name a few. However, to deploy this update to your Windows 10 clients, you need to ensure that your WSUS is updated with the latest patch, KB 3095113.
KB 3095113 – Enabling WSUS to Deploy the Windows 10 Feature Upgrade
The KB 3095113 patch for WSUS is critical for enabling WSUS to deploy the Windows 10 feature upgrade to your clients. This update is available for download from the Microsoft website and is easy to install, making it an essential tool for IT professionals looking to manage and deploy Windows updates seamlessly.
WSUS Upgrade Classification for Windows 10 Feature Upgrade
Once you have installed KB 3095113, you will notice that the Windows 10 1511 feature upgrade is available via WSUS. It will show up with a new Upgrades classification, making it easy to identify and deploy the feature upgrade to your Windows 10 clients. Moreover, this update applies not only to Windows 10 RTM but also to Windows 7 and Windows 8.1 machines.
The hot fix for WSUS is available to download from this link.
https://support.microsoft.com/en-us/kb/3095113.
Benefits of Upgrading WSUS to KB 3095113
Updating your WSUS to KB 3095113 offers various benefits, including:
- Easy deployment of the latest Windows 10 feature upgrade to your clients
- Centralized management of Windows updates
- Faster and more efficient management of Windows updates
- Enhanced security and stability of your Windows environment
KB 3095113 Conclusion
Updating your WSUS to KB 3095113 is essential if you want to ensure seamless deployment of the latest Windows 10 feature upgrade to your clients. This update offers various benefits, including centralized management of Windows updates, enhanced security, and stability of your Windows environment. Moreover, it is easy to install and use, making it an essential tool for IT professionals looking to manage and deploy Windows updates more efficiently. So, what are you waiting for? Download KB 3095113 today and experience the benefits of seamless Windows update deployment.
by Mark | Oct 14, 2015 | Patch Management, Patch Releases
Microsoft’s October 2015 Patch Releases
The following six Patch Tuesday patches have been released by Microsoft for deployment.
Are you ready to start deploying and remove the patching risk using
SnaPatch?
MS15-106 – Critical
Cumulative Security Update for Internet Explorer (3096441)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-107 – Important
Cumulative Security Update for Microsoft Edge (3096448)
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow information disclosure if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-108 – Critical
Security Update for JScript and VBScript to Address Remote Code Execution (3089659)
This security update resolves vulnerabilities in the VBScript and JScript scripting engines in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker hosts a specially crafted website that is designed to exploit the vulnerabilities through Internet Explorer (or leverages a compromised website or a website that accepts or hosts user-provided content or advertisements) and then convinces a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that uses the IE rendering engine to direct the user to the specially crafted website.
MS15-109 – Critical
Security Update for Windows Shell to Address Remote Code Execution (3096443)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens a specially crafted toolbar object in Windows or an attacker convinces a user to view specially crafted content online.
MS15-110 – Important
Security Updates for Microsoft Office to Address Remote Code Execution (3096440)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-111 – Important
Security Update for Windows Kernel to Address Elevation of Privilege (3096447)
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application
by Mark | Sep 18, 2015 | Patch Releases
September Patch Release
Hi All,
Microsoft has released their latest round of Patches / Updates for September Month last Tuesday.
The following patches / updates have been released for deployment
- MS15-094 – Cumulative Security Update for Internet Explorer (3089548)
- MS15-095 – Cumulative Security Update for Microsoft Edge (3089665
- MS15-096 – Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)
- MS15-097 – Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656)
- MS15-098 – Vulnerabilities in Windows Journal Could Allow Remote Code Execution (3089669)
- MS15-099 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)
- MS15-100 – Vulnerability in Windows Media Center Could Allow Remote Code Execution (3087918)
- MS15-101 – Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662)
- MS15-102 – Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege (3089657)
- MS15-103 – Vulnerabilities in Microsoft Exchange Server Could Allow Information Disclosure (3089250)
- MS15-104 – Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege (3089952)
- MS15-105 – Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287
by Mark | Aug 18, 2015 | How To, Patch Management, Patch Releases
Microsoft patches KB3177725 & KB3176493 causing printing issues
Two recently released patches from Microsoft (in the August Patch Tuesday Release) seem to be causing some issues. The problematic security updates are KB3177725 and KB3176493 both which were to patch security vulnerabilities that could allow remote code execution on both Windows 7, 8, 8.1 and 10 as well as server editions of their software, Windows server 2008, 2008 R2, 2012 and 2012 R2. The risk of not deploying these two security updates, could allow elevation of privileges, if an attacker finds an affected system and then runs some software which would then exploit these vulnerabilities and finally take control of the affected system.
So what is the issue?
The issue caused by these two security patches is the inability to print more than one page at a time. Others are reporting that it corrupts all print jobs with an error. Microsoft have reported initially that the problem is incompatibility issues between Windows and Printer Drivers, but have recently come out and acknowledged that it was in fact caused by these two updates.
Now this is quite a substantial problem, can you imagine having all your users calling your service desk with this issue???
Now, what is the fix?
UPDATE: Previously we mentioned the only work around is to uninstall either or both KB3177725 and KB3176493.
Well Microsoft have come through and have released another patch that will fix the issues caused by these two security updates. KB3187022 – Print functionality is broken after any of the MS16-098 security updates are installed
Patch is available to download from the Microsoft site https://support.microsoft.com/en-us/kb/3187022
There has been other issues this month, caused by the August Security Patches. Microsoft Patch KB3179575 causing authentication issues with Windows 2012 servers and KB3176934 breaks Windows 10 Powershell
Additionally, If you are lucky enough to be one of our many customers and are using SnaPatch, you can easily and quickly roll back your virtual machines to the prior security update deployment snapshot.
To learn more about what SnaPatch offers and how you can avoid further issues like this, click this link.
