[BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)'
autonotify at us.ibm.com
autonotify at us.ibm.com
Wed Nov 19 02:07:22 PST 2014
Fixlet Site - 'Patches for Windows (English)'
Current Version: 2127 Published: Wed, 19 Nov 2014 03:02:31 GMT
New Fixlets:
============
***************************************************************
Title: MS14-066: Vulnerability in Schannel Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 - KB3018238 (x64)
Severity: Critical
Fixlet ID: 1406631
Fixlet Link: http://technet.microsoft.com/library/security/MS14-066
Fixlet Description: This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information.
***************************************************************
Title: MS14-066: Vulnerability in Schannel Could Allow Remote Code Execution - Windows Server 2012 Gold - KB3018238 (x64)
Severity: Critical
Fixlet ID: 1406633
Fixlet Link: http://technet.microsoft.com/library/security/MS14-066
Fixlet Description: This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows 8 Gold - KB3011780 (x64)
Severity: N/A
Fixlet ID: 1406801
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows 7 SP1 - KB3011780
Severity: N/A
Fixlet ID: 1406803
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows 8.1 Gold - KB3011780 (x64)
Severity: N/A
Fixlet ID: 1406805
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Server 2012 R2 Gold - KB3011780 (x64)
Severity: Critical
Fixlet ID: 1406807
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Server 2008 SP2 - KB3011780 (x64)
Severity: Critical
Fixlet ID: 1406809
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Server 2003 SP2 - KB3011780 (x64)
Severity: Critical
Fixlet ID: 1406811
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows 7 SP1 - KB3011780 (x64)
Severity: N/A
Fixlet ID: 1406813
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Server 2008 R2 SP1 - KB3011780 (x64)
Severity: Critical
Fixlet ID: 1406815
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Server 2008 SP2 - KB3011780
Severity: Critical
Fixlet ID: 1406817
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Vista SP2 - KB3011780
Severity: N/A
Fixlet ID: 1406819
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows 8.1 Gold - KB3011780
Severity: N/A
Fixlet ID: 1406821
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Vista SP2 - KB3011780 (x64)
Severity: N/A
Fixlet ID: 1406823
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Server 2003 SP2 - KB3011780
Severity: Critical
Fixlet ID: 1406825
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows Server 2012 Gold - KB3011780 (x64)
Severity: Critical
Fixlet ID: 1406827
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege - Windows 8 Gold - KB3011780
Severity: N/A
Fixlet ID: 1406829
Fixlet Link: http://technet.microsoft.com/library/security/MS14-068
Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3000853: Update rollup for Windows RT, Windows 8, and Windows Server 2012 - Windows 8 Gold
Severity: N/A
Fixlet ID: 300085301
Fixlet Link: http://support.microsoft.com/kb/3000853
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3000853: Update rollup for Windows RT, Windows 8, and Windows Server 2012 - Windows 8 Gold (x64)
Severity: N/A
Fixlet ID: 300085303
Fixlet Link: http://support.microsoft.com/kb/3000853
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3000853: Update rollup for Windows RT, Windows 8, and Windows Server 2012 - Windows Server 2012 Gold (x64)
Severity: N/A
Fixlet ID: 300085305
Fixlet Link: http://support.microsoft.com/kb/3000853
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3003663: Update to support many camera-specific file formats in Windows 8 and Windows RT - Windows 8 Gold (x64)
Severity: N/A
Fixlet ID: 300366301
Fixlet Link: http://support.microsoft.com/kb/3003663
Fixlet Description: The update lets users view supported RAW camera files in Windows Explorer, in built-in photo applications, and in other Windows-based applications that use Windows Imaging Codecs.
***************************************************************
Title: 3003663: Update to support many camera-specific file formats in Windows 8 and Windows RT - Windows 8 Gold
Severity: N/A
Fixlet ID: 300366303
Fixlet Link: http://support.microsoft.com/kb/3003663
Fixlet Description: The update lets users view supported RAW camera files in Windows Explorer, in built-in photo applications, and in other Windows-based applications that use Windows Imaging Codecs.
***************************************************************
Title: 3003667: Update to support many camera-specific file formats in Windows 8.1 and Windows RT 8.1 - Windows 8.1 Gold (x64)
Severity: N/A
Fixlet ID: 300366701
Fixlet Link: http://support.microsoft.com/kb/3003667
Fixlet Description: Installing the Microsoft Camera Codec Pack enables the viewing of a variety of device-specific file formats and will allow supported RAW camera files to be viewable in applications in Windows.
***************************************************************
Title: 3003667: Update to support many camera-specific file formats in Windows 8.1 and Windows RT 8.1 - Windows 8.1 Gold
Severity: N/A
Fixlet ID: 300366703
Fixlet Link: http://support.microsoft.com/kb/3003667
Fixlet Description: Installing the Microsoft Camera Codec Pack enables the viewing of a variety of device-specific file formats and will allow supported RAW camera files to be viewable in applications in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows Server 2012 R2 Gold (x64)
Severity: N/A
Fixlet ID: 300862701
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows 8 Gold
Severity: N/A
Fixlet ID: 300862703
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows 8 Gold (x64)
Severity: N/A
Fixlet ID: 300862705
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows 8.1 Gold
Severity: N/A
Fixlet ID: 300862707
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows Server 2008 SP2 (x64)
Severity: N/A
Fixlet ID: 300862711
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows Server 2008 SP2
Severity: N/A
Fixlet ID: 300862715
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows 7 SP1
Severity: N/A
Fixlet ID: 300862717
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows 8.1 Gold (x64)
Severity: N/A
Fixlet ID: 300862719
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows 7 SP1 (x64)
Severity: N/A
Fixlet ID: 300862721
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
***************************************************************
Title: 3008627: Unexpected UAC prompt after you install update 2918614 in Windows - Windows Server 2008 R2 SP1 (x64)
Severity: N/A
Fixlet ID: 300862723
Fixlet Link: http://support.microsoft.com/kb/3008627
Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability.
More information about the BigFix-Announcements
mailing list