SANS ISC: Microsoft Patch Tuesday - August 2014 - SANS Internet Storm Center

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS ISC InfoSec Forums

I'm interested to know the logic behind MS14-043 being Critical for Servers, when Microsoft explicitly states that all Server OS' are unaffected.

We typically rate "server" and "client" vulnerabilities based on the use of the system, and not on the fact that the system runs a server or client designated OS. For example, you can run a web server on Windows 8, even though it may not be recommended.

In this particular case however, I reconsidered the rating and lowered it to "Important" for servers as servers typically do not use Windows Media Center.

I wonder why Windows 8.1 patch updates which fix a lot of their issues are labeled as "optional" by MS? I went through the ones this month and last month, and some of them are HUGE bugfixes, such as making things like Samba work, USB devices not somehow flake out, and many others...

'Appears to be some trouble with MS14-045 (some get BSOD's), 'not certain it has been nailed down yet.
- http://www.infoworld.com/t/microsoft-windows/blue-screen-stop-0x050-error-reported-systems-installing-kb2976897-kb2982791-and-kb2970228-248363
Aug 14, 2014
___

There is an MS thread (up to 7 pgs. last time I looked) here:
- http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_update/blue-screen-stop-0x50-after-applying-update/6da4d264-02d8-458e-89e2-a78fe68766fd

.

New Features available from Microsoft when it comes to managing old ActiveX components.

Note old java versions will be blocked in IE from early September!

Download and deploy GPO now if you need to manage this..

http://support.microsoft.com/kb/2991000

Tor

MS14-045 - See "Known issues" ...
- https://support.microsoft.com/kb/2982791
Last Review: August 16, 2014 - Revision: 4.0 - "... Status:
Microsoft has -removed- the download links to these updates while these issues are being investigated...
Mitigations: Open the Programs and Features item in Control Panel, and then click View installed updates. Find and then -uninstall- any of the following update that are currently installed:
KB2982791
KB2970228
KB2975719
KB2975331 ..."
(More detail at the URL above.)
.

in addition to the 4 patches listed above, Microsoft released today rev. 2.0 of Support Article 2991509 to inform and offer a Hotfix for systems with cumulative Internet Explorer Updates applied that may become slow and unresponsive over time.
In case you or one of your users face these issues, the Support article contains the download links for corrective action.

For more information, see Microsoft Security Bulletin MS14-051. Security update 2976627 resolves one publicly disclosed and 25 privately reported vulnerabilities in Internet Explorer.
The most severe of these vulnerabilities could allow remote code execution if you view a specially crafted webpage by using Internet Explorer.
Additionally, this security update includes several non-security fixes and improvements for Internet Explorer.
Note Internet Explorer may crash after you install this security update. See the "Known issues and more information" section for more information.

After you apply the MS14-037 (KB2962872) or MS14-051 (KB2976627) cumulative security update for Internet Explorer, web applications that implement consecutive modal dialog boxes may cause Internet Explorer to become slow and unresponsive over time.
This issue occurs in Internet Explorer versions 7 through 11. To resolve this issue, Microsoft has released updates for Internet Explorer versions 7 through 11 not yet available on WSUS or usual Microsoft or Windows Update sites.
Before you install one of the updates, you must have MS14-051 Cumulative security update for Internet Explorer (KB2976627) installed to apply the Hotfix and must restart the computer after you apply it.

and see: http://support.microsoft.com/kb/2881011

Another issue has been discovered in the August 12, 2014, update for Microsoft Outlook 2013 that prevents some users from opening archived folders. Microsoft has removed this update from availability, and has corrected this issue in update KB2889859
(http://support.microsoft.com/kb/2889859/ ).