Microsoft Will Release MS14-068 Later Today

Published: 2014-11-18
Last Updated: 2014-11-18 16:24:05 UTC
by Johannes Ullrich (Version: 1)
2 comment(s)

Today, Microsoft will release MS14-068. This is one of the bulletins that was skipped in November's patch Tuesday update. 

The bulletin fixes a privilege escalation vulnerability and Microsoft rated it Critical.

It does however appear that Microsoft still has process issues with releasing updates. For example, the "Monthly Bulletin Summary" for November now only lists this one bulletin [1]. The bulletin page itself is still blank, but will likely be released around 1:30pm ET.

We will update/replace this diary once the full bulletin is released.

[1] https://technet.microsoft.com/en-us/library/security/ms14-nov.aspx

 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords:
2 comment(s)

Comments

Dr. J:

[quote]It does however appear that Microsoft still has process issues with releasing updates[/quote] I will try my attempt at some humor. On my desk is a Round coaster, inside the circle of that coaster printed in caps TO IT! Figure it out? Answer below. :o

I, like others have found unless intense pressure is applied to MS, ie Gov pressuring EFFECTIVE IMMEDIATELY ...... MS fixes security problems when they (MS) gets "Round To It" One would deduce with the huge market share loss to their browser.. ie FF and others they would smell the "Seattle's Best"



Well, so much for logic!
> lists only one update

Revisions

•V1.0 (November 11, 2014): Bulletin Summary published.

•V2.0 (November 18, 2014): Bulletin Summary revised to document the out-of-band release of MS14-068 and, for MS14-066, to announce the reoffering of the 2992611 update to systems running Windows Server 2008 R2 and Windows Server 2012.

Page generated 2014-11-18 6:52Z-08:00.
------------------

So, they have fixed their bulletin (and their operating system).
Why is it always "good programmers, but bad technical writers" ?

Diary Archives