Sign up for our Newsletters

First Name:
Last Name:
Email:


December 9, 2014

Microsoft Security Bulletin Releases

Summary

=======

The following bulletins have undergone a major revision increment.

  * MS14-065 - Critical

  * MS14-066 - Critical

Bulletin Information:

=====================

MS14-065 - Critical

 - Title: Cumulative Security Update for Internet Explorer

 - https://technet.microsoft.com/library/security/ms14-065

 - Reason for Revision: V2.0 (December 9, 2014): To address issues

   with Security Update 3003057, Microsoft re-released MS14-065 to

   comprehensively address CVE-2014-6353. Customers running

   Internet Explorer 8 on Windows 7 or Windows Server 2008, or

   Internet Explorer 10 should either install the newly offered

   update or install the December Internet Explorer Cumulative

   Update (3008923). See Microsoft Knowledge Base Article 3003057

   for more information.

 - Originally posted: November 11, 2014

 - Updated: December 9, 2014

 - Bulletin Severity Rating: Critical

 - Version: 2.0

MS14-066 - Critical

 - Title: Vulnerability in Schannel Could Allow Remote Code

   Execution

 - https://technet.microsoft.com/library/security/ms14-066

 - Reason for Revision: V3.0 (December 9, 2014): Bulletin revised to

   announce the reoffering of the 2992611 update to systems running

   Windows Vista and Windows Server 2008. The reoffering addresses

   an issue in the original release. Customers running Windows Vista

   or Windows Server 2008 who installed the 2992611 update prior to

   the December 9 reoffering should reapply the update. See

   Microsoft Knowledge Base Article 2992611 for more information.

 - Originally posted: November 11, 2014

 - Updated: December 9, 2014

 - Bulletin Severity Rating: Critical

 - Version: 3.0

Other Information

=================

Recognize and avoid fraudulent email to Microsoft customers:

=============================================================

If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates.

You can obtain the MSRC public PGP key at <https://technet.microsoft.com/security/dn753714>.

********************************************************************

THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS"

WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

********************************************************************

Microsoft respects your privacy. Please read our online Privacy Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security notification alerts by email from Microsoft and its family of companies please visit the following website to unsubscribe:

<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar

d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters youb

December, 09 2014