From autonotify at us.ibm.com Fri Oct 3 02:05:00 2014 From: autonotify at us.ibm.com (autonotify at us.ibm.com) Date: Fri, 3 Oct 2014 02:05:00 -0700 Subject: [BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)' Message-ID: <201410030905.s93951BY023822@d03av05.boulder.ibm.com> Fixlet Site - 'Patches for Windows (English)' Current Version: 2092 Published: Fri, 03 Oct 2014 07:38:44 GMT New Fixlets: ============ *************************************************************** Title: 3001554: Update for DVD playback - Windows 7 SP1 Severity: N/A Fixlet ID: 300155401 Fixlet Link: http://support.microsoft.com/kb/3001554 Fixlet Description: Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3001554: Update for DVD playback - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 300155403 Fixlet Link: http://support.microsoft.com/kb/3001554 Fixlet Description: Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. From autonotify at us.ibm.com Wed Oct 15 02:04:37 2014 From: autonotify at us.ibm.com (autonotify at us.ibm.com) Date: Wed, 15 Oct 2014 02:04:37 -0700 Subject: [BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)' Message-ID: <201410150904.s9F94caO010935@d01av02.pok.ibm.com> Fixlet Site - 'Patches for Windows (English)' Current Version: 2098 Published: Wed, 15 Oct 2014 01:28:54 GMT New Fixlets: ============ *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 7 SP1 - IE 10 - KB2987107 Severity: Critical Fixlet ID: 1405601 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 8 Gold - IE 10 - KB2987107 (x64) Severity: Critical Fixlet ID: 1405603 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 SP2 - IE 9 - KB2987107 Severity: Moderate Fixlet ID: 1405605 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 8 Gold - IE 10 - KB2987107 Severity: Critical Fixlet ID: 1405607 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 SP2 - IE 9 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405609 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 7 SP1 - IE 10 - KB2987107 (x64) Severity: Critical Fixlet ID: 1405611 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 8.1 Gold - IE 11 - KB2987107 (x64) Severity: Critical Fixlet ID: 1405613 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Vista SP2 - IE 8 - KB2987107 Severity: Critical Fixlet ID: 1405615 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Vista SP2 - IE 7 - KB2987107 (x64) Severity: Critical Fixlet ID: 1405617 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 R2 SP1 - IE 10 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405619 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 7 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405621 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 7 SP1 - IE 9 - KB2987107 Severity: Critical Fixlet ID: 1405623 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 R2 SP1 - IE 9 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405625 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 7 SP1 - IE 9 - KB2987107 (x64) Severity: Critical Fixlet ID: 1405627 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Vista SP2 - IE 7 - KB2987107 Severity: Critical Fixlet ID: 1405629 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 SP2 - IE 7 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405631 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2012 Gold - IE 10 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405633 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 7 SP1 - IE 11 - KB2987107 Severity: Critical Fixlet ID: 1405635 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 6 - KB2987107 Severity: Moderate Fixlet ID: 1405637 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 7 - KB2987107 Severity: Moderate Fixlet ID: 1405639 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 7 SP1 - IE 8 - KB2987107 (x64) Severity: Critical Fixlet ID: 1405641 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 SP2 - IE 8 - KB2987107 Severity: Moderate Fixlet ID: 1405643 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Vista SP2 - IE 9 - KB2987107 Severity: Critical Fixlet ID: 1405645 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 8 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405647 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 8.1 Gold - IE 11 - KB2987107 Severity: Critical Fixlet ID: 1405649 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2012 R2 Gold - IE 11 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405651 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 8 - KB2987107 Severity: Moderate Fixlet ID: 1405653 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 SP2 - IE 7 - KB2987107 Severity: Moderate Fixlet ID: 1405655 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 7 SP1 - IE 8 - KB2987107 Severity: Critical Fixlet ID: 1405657 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows 7 SP1 - IE 11 - KB2987107 (x64) Severity: Critical Fixlet ID: 1405659 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Vista SP2 - IE 9 - KB2987107 (x64) Severity: Critical Fixlet ID: 1405661 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 R2 SP1 - IE 11 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405663 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 SP2 - IE 8 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405665 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 6 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405667 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2008 R2 SP1 - IE 8 - KB2987107 (x64) Severity: Moderate Fixlet ID: 1405669 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 Fixlet Description: Microsoft has released a security update that resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 R2 Gold / Windows 8.1 Gold - .NET Framework 3.5 - KB2972103 (x64) Severity: Critical Fixlet ID: 1405701 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 2.0 SP2 - KB2972098 (x64) Severity: Critical Fixlet ID: 1405703 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 R2 Gold / Windows 8.1 Gold - .NET Framework 3.5 - KB2979573 (x64) Severity: Important Fixlet ID: 1405705 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 / Windows 7 SP1 - .NET Framework 3.5.1 - KB2979570 (x64) Severity: Important Fixlet ID: 1405707 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2003 SP2 - .NET Framework 2.0 SP2 - KB2979574 Severity: Important Fixlet ID: 1405709 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 7 SP1 / Windows Server 2008 SP2 / Windows Vista SP2 / Windows Server 2003 SP2 - .NET Framework 4 - KB2972106 Severity: Critical Fixlet ID: 1405711 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 R2 Gold / Windows 8.1 Gold - .NET Framework 3.5 - KB2968296 (x64) Severity: Important Fixlet ID: 1405713 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 Gold / Windows 8 Gold - .NET Framework 4.5/4.5.1/4.5.2 - KB2978042 (x64) Severity: Critical Fixlet ID: 1405715 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2003 SP2 - .NET Framework 2.0 SP2 - KB2972105 Severity: Critical Fixlet ID: 1405717 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 / Windows 7 SP1 / Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 4.5/4.5.1/4.5.2 - KB2979578 (x64) Severity: Important Fixlet ID: 1405719 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8.1 Gold - .NET Framework 4.5.1/4.5.2 - KB2979576 Severity: Important Fixlet ID: 1405721 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8.1 Gold - .NET Framework 3.5 - KB2968296 Severity: Important Fixlet ID: 1405723 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 7 SP1 - .NET Framework 3.5.1 - KB2979570 Severity: Important Fixlet ID: 1405725 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8.1 Gold - .NET Framework 4.5.1/4.5.2 - KB2978041 Severity: Critical Fixlet ID: 1405727 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 2.0 SP2 - KB2979568 Severity: Important Fixlet ID: 1405729 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 Gold / Windows 8 Gold - .NET Framework 4.5/4.5.1/4.5.2 - KB2979577 (x64) Severity: Important Fixlet ID: 1405731 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8 Gold - .NET Framework 4.5/4.5.1/4.5.2 - KB2978042 Severity: Critical Fixlet ID: 1405733 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 7 SP1 - .NET Framework 3.5.1 - KB2968294 Severity: Important Fixlet ID: 1405735 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 2.0 SP2 - KB2968292 (x64) Severity: Important Fixlet ID: 1405737 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 / Windows 7 SP1 - .NET Framework 3.5.1 - KB2968294 (x64) Severity: Important Fixlet ID: 1405739 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 R2 Gold / Windows 8.1 Gold - .NET Framework 4.5.1/4.5.2 - KB2978041 (x64) Severity: Critical Fixlet ID: 1405741 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8.1 Gold - .NET Framework 3.5 - KB2979573 Severity: Important Fixlet ID: 1405743 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 2.0 SP2 - KB2979568 (x64) Severity: Important Fixlet ID: 1405745 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8 Gold - .NET Framework 3.5 - KB2972101 Severity: Critical Fixlet ID: 1405747 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 2.0 SP2 - KB2972098 Severity: Critical Fixlet ID: 1405749 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 / Windows 7 SP1 / Windows Server 2008 SP2 / Windows Vista SP2 / Windows Server 2003 SP2 - .NET Framework 4 - KB2979 Severity: Important Fixlet ID: 1405751 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 Gold / Windows 8 Gold - .NET Framework 3.5 - KB2972101 (x64) Severity: Critical Fixlet ID: 1405753 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 7 SP1 / Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 4.5/4.5.1/4.5.2 - KB2972107 Severity: Critical Fixlet ID: 1405755 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8.1 Gold - .NET Framework 3.5 - KB2972103 Severity: Critical Fixlet ID: 1405757 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 2.0 SP2 - KB2968292 Severity: Important Fixlet ID: 1405759 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 7 SP1 / Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 4.5/4.5.1/4.5.2 - KB2979578 Severity: Important Fixlet ID: 1405761 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2003 SP2 - .NET Framework 2.0 SP2 - KB2979574 (x64) Severity: Important Fixlet ID: 1405763 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 Gold / Windows 8 Gold - .NET Framework 3.5 - KB2979571 (x64) Severity: Important Fixlet ID: 1405765 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 / Windows 7 SP1 / Windows Server 2008 SP2 / Windows Vista SP2 / Windows Server 2003 SP2 - .NET Framework 4 - KB2972 Severity: Critical Fixlet ID: 1405767 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 / Windows 7 SP1 - .NET Framework 3.5.1 - KB2972100 (x64) Severity: Critical Fixlet ID: 1405769 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8 Gold - .NET Framework 4.5/4.5.1/4.5.2 - KB2979577 Severity: Important Fixlet ID: 1405771 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 7 SP1 / Windows Server 2008 SP2 / Windows Vista SP2 / Windows Server 2003 SP2 - .NET Framework 4 - KB2979575 Severity: Important Fixlet ID: 1405773 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 7 SP1 - .NET Framework 3.5.1 - KB2972100 Severity: Critical Fixlet ID: 1405775 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 / Windows 7 SP1 / Windows Server 2008 SP2 / Windows Vista SP2 - .NET Framework 4.5/4.5.1/4.5.2 - KB2972107 (x64) Severity: Critical Fixlet ID: 1405777 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 R2 Gold / Windows 8.1 Gold - .NET Framework 4.5.1/4.5.2 - KB2979576 (x64) Severity: Important Fixlet ID: 1405779 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8 Gold - .NET Framework 3.5 - KB2979571 Severity: Important Fixlet ID: 1405781 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2012 Gold / Windows 8 Gold - .NET Framework 3.5 - KB2968295 (x64) Severity: Important Fixlet ID: 1405783 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows 8 Gold - .NET Framework 3.5 - KB2968295 Severity: Important Fixlet ID: 1405785 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Windows Server 2003 SP2 - .NET Framework 2.0 SP2 - KB2972105 (x64) Severity: Critical Fixlet ID: 1405787 Fixlet Link: http://technet.microsoft.com/library/security/MS14-057 Fixlet Description: Microsoft has released a security update that resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2012 R2 Gold - KB3000061 (x64) Severity: Critical Fixlet ID: 1405801 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Vista SP2 - KB3000061 (x64) Severity: Critical Fixlet ID: 1405803 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows 8.1 Gold - KB3000061 Severity: Critical Fixlet ID: 1405805 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows 8 Gold - KB3000061 (x64) Severity: Critical Fixlet ID: 1405807 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows 8.1 Gold - KB3000061 (x64) Severity: Critical Fixlet ID: 1405809 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Vista SP2 - KB3000061 Severity: Critical Fixlet ID: 1405811 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows 7 SP1 - KB3000061 (x64) Severity: Critical Fixlet ID: 1405813 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows 8 Gold - KB3000061 Severity: Critical Fixlet ID: 1405815 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2003 SP2 - KB3000061 (x64) Severity: Critical Fixlet ID: 1405817 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows 7 SP1 - KB3000061 Severity: Critical Fixlet ID: 1405819 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2012 Gold - KB3000061 (x64) Severity: Critical Fixlet ID: 1405821 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2008 SP2 - KB3000061 (x64) Severity: Critical Fixlet ID: 1405823 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2008 SP2 - KB3000061 Severity: Critical Fixlet ID: 1405825 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2003 SP2 - KB3000061 Severity: Critical Fixlet ID: 1405827 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 - KB3000061 (x64) Severity: Critical Fixlet ID: 1405829 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email message or Instant Messenger message. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass - ASP.NET MVC 2.0 - KB2993939 Severity: Important Fixlet ID: 1405901 Fixlet Link: http://technet.microsoft.com/library/security/MS14-059 Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET MVC. The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to visit a webpage that contains specially crafted content designed to exploit the vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through a web browser, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker's website, or by getting them to open an attachment sent through email. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass - ASP.NET MVC 3.0 - KB2993937 Severity: Important Fixlet ID: 1405903 Fixlet Link: http://technet.microsoft.com/library/security/MS14-059 Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET MVC. The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to visit a webpage that contains specially crafted content designed to exploit the vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through a web browser, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker's website, or by getting them to open an attachment sent through email. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass - ASP.NET MVC 4.0 - KB2993928 Severity: Important Fixlet ID: 1405905 Fixlet Link: http://technet.microsoft.com/library/security/MS14-059 Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET MVC. The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to visit a webpage that contains specially crafted content designed to exploit the vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through a web browser, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker's website, or by getting them to open an attachment sent through email. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass - ASP.NET MVC 5.0 - KB2992080 Severity: Important Fixlet ID: 1405907 Fixlet Link: http://technet.microsoft.com/library/security/MS14-059 Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET MVC. The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to visit a webpage that contains specially crafted content designed to exploit the vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through a web browser, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker's website, or by getting them to open an attachment sent through email. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass - ASP.NET MVC 5.1 - KB2994397 Severity: Important Fixlet ID: 1405909 Fixlet Link: http://technet.microsoft.com/library/security/MS14-059 Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in ASP.NET MVC. The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to visit a webpage that contains specially crafted content designed to exploit the vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through a web browser, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker's website, or by getting them to open an attachment sent through email. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows Server 2012 Gold - KB3000869 (x64) Severity: Important Fixlet ID: 1406001 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows 7 SP1 - KB3000869 (x64) Severity: Important Fixlet ID: 1406003 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows 8.1 Gold - KB3000869 Severity: Important Fixlet ID: 1406005 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows 7 SP1 - KB3000869 Severity: Important Fixlet ID: 1406007 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows Server 2008 SP2 - KB3000869 (x64) Severity: Important Fixlet ID: 1406009 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows 8 Gold - KB3000869 Severity: Important Fixlet ID: 1406011 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows Vista SP2 - KB3000869 (x64) Severity: Important Fixlet ID: 1406013 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows Server 2012 R2 Gold - KB3000869 (x64) Severity: Important Fixlet ID: 1406015 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows Vista SP2 - KB3000869 Severity: Important Fixlet ID: 1406017 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows Server 2008 SP2 - KB3000869 Severity: Important Fixlet ID: 1406019 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows 8.1 Gold - KB3000869 (x64) Severity: Important Fixlet ID: 1406021 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows Server 2008 R2 SP1 - KB3000869 (x64) Severity: Important Fixlet ID: 1406023 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution - Windows 8 Gold - KB3000869 (x64) Severity: Important Fixlet ID: 1406025 Fixlet Link: http://technet.microsoft.com/library/security/MS14-060 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution - Office 2010 SP1/SP2 - KB2883008 Severity: Important Fixlet ID: 1406103 Fixlet Link: http://technet.microsoft.com/library/security/MS14-061 Fixlet Description: Microsoft has released a security update that resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution - Word 2010 SP1/SP2 - KB2883013 Severity: Important Fixlet ID: 1406105 Fixlet Link: http://technet.microsoft.com/library/security/MS14-061 Fixlet Description: Microsoft has released a security update that resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution - Office 2010 SP1/SP2 - KB2883008 (x64) Severity: Important Fixlet ID: 1406107 Fixlet Link: http://technet.microsoft.com/library/security/MS14-061 Fixlet Description: Microsoft has released a security update that resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution - Word 2007 SP3 - KB2883032 Severity: Important Fixlet ID: 1406109 Fixlet Link: http://technet.microsoft.com/library/security/MS14-061 Fixlet Description: Microsoft has released a security update that resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution - Office 2007 SP3 / Office Compatibility Pack SP 3 - KB2883031 Severity: Important Fixlet ID: 1406111 Fixlet Link: http://technet.microsoft.com/library/security/MS14-061 Fixlet Description: Microsoft has released a security update that resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution - Office Web Apps Server 2010 Gold/SP1/SP2 - KB2889827 (x64) Severity: Important Fixlet ID: 1406113 Fixlet Link: http://technet.microsoft.com/library/security/MS14-061 Fixlet Description: Microsoft has released a security update that resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution - SharePoint Server 2010 SP1/SP2 - Word Automation Services - KB2883098 (x64) Severity: Important Fixlet ID: 1406115 Fixlet Link: http://technet.microsoft.com/library/security/MS14-061 Fixlet Description: Microsoft has released a security update that resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution - Word 2010 SP1/SP2 - KB2883013 (x64) Severity: Important Fixlet ID: 1406117 Fixlet Link: http://technet.microsoft.com/library/security/MS14-061 Fixlet Description: Microsoft has released a security update that resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-062: Vulnerability in Message Queuing Service Could Allow Elevation of Privilege - Windows Server 2003 SP2 - KB2993254 Severity: Important Fixlet ID: 1406201 Fixlet Link: http://technet.microsoft.com/library/security/MS14-062 Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted input/output control (IOCTL) request to the Message Queuing service. Successful exploitation of this vulnerability could lead to full access to the affected system. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually enable the Message Queuing component are likely to be vulnerable to this issue. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-062: Vulnerability in Message Queuing Service Could Allow Elevation of Privilege - Windows Server 2003 SP2 - KB2993254 (x64) Severity: Important Fixlet ID: 1406203 Fixlet Link: http://technet.microsoft.com/library/security/MS14-062 Fixlet Description: Microsoft has released a security update that resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted input/output control (IOCTL) request to the Message Queuing service. Successful exploitation of this vulnerability could lead to full access to the affected system. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually enable the Message Queuing component are likely to be vulnerable to this issue. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege - Windows Server 2008 SP2 - KB2998579 (x64) Severity: Important Fixlet ID: 1406301 Fixlet Link: http://technet.microsoft.com/library/security/MS14-063 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32 disk partitions. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege - Windows Vista SP2 - KB2998579 Severity: Important Fixlet ID: 1406303 Fixlet Link: http://technet.microsoft.com/library/security/MS14-063 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32 disk partitions. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege - Windows Server 2008 SP2 - KB2998579 Severity: Important Fixlet ID: 1406305 Fixlet Link: http://technet.microsoft.com/library/security/MS14-063 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32 disk partitions. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege - Windows Vista SP2 - KB2998579 (x64) Severity: Important Fixlet ID: 1406307 Fixlet Link: http://technet.microsoft.com/library/security/MS14-063 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32 disk partitions. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege - Windows Server 2003 SP2 - KB2998579 (x64) Severity: Important Fixlet ID: 1406309 Fixlet Link: http://technet.microsoft.com/library/security/MS14-063 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32 disk partitions. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege - Windows Server 2003 SP2 - KB2998579 Severity: Important Fixlet ID: 1406311 Fixlet Link: http://technet.microsoft.com/library/security/MS14-063 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32 disk partitions. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. From autonotify at us.ibm.com Thu Oct 16 02:04:44 2014 From: autonotify at us.ibm.com (autonotify at us.ibm.com) Date: Thu, 16 Oct 2014 02:04:44 -0700 Subject: [BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)' Message-ID: <201410160904.s9G94jrJ012539@d01av04.pok.ibm.com> Fixlet Site - 'Patches for Windows (English)' Current Version: 2100 Published: Wed, 15 Oct 2014 16:45:00 GMT New Fixlets: ============ *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 7 - KB2987107 (x64) - CORRUPT PATCH Severity: Moderate Fixlet ID: 1405622 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 6 - KB2987107 - CORRUPT PATCH Severity: Moderate Fixlet ID: 1405638 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 7 - KB2987107 - CORRUPT PATCH Severity: Moderate Fixlet ID: 1405640 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 8 - KB2987107 (x64) - CORRUPT PATCH Severity: Moderate Fixlet ID: 1405648 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 8 - KB2987107 - CORRUPT PATCH Severity: Moderate Fixlet ID: 1405654 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 *************************************************************** Title: MS14-056: Cumulative Security Update for Internet Explorer - Windows Server 2003 SP2 - IE 6 - KB2987107 (x64) - CORRUPT PATCH Severity: Moderate Fixlet ID: 1405668 Fixlet Link: http://technet.microsoft.com/library/security/MS14-056 *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2003 SP2 - KB3000061 (x64) - CORRUPT PATCH Severity: Critical Fixlet ID: 1405818 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 *************************************************************** Title: MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution - Windows Server 2003 SP2 - KB3000061 - CORRUPT PATCH Severity: Critical Fixlet ID: 1405828 Fixlet Link: http://technet.microsoft.com/library/security/MS14-058 *************************************************************** Title: MS14-062: Vulnerability in Message Queuing Service Could Allow Elevation of Privilege - Windows Server 2003 SP2 - KB2993254 - CORRUPT PATCH Severity: Important Fixlet ID: 1406202 Fixlet Link: http://technet.microsoft.com/library/security/MS14-062 *************************************************************** Title: MS14-062: Vulnerability in Message Queuing Service Could Allow Elevation of Privilege - Windows Server 2003 SP2 - KB2993254 (x64) - CORRUPT PATCH Severity: Important Fixlet ID: 1406204 Fixlet Link: http://technet.microsoft.com/library/security/MS14-062 *************************************************************** Title: 2949927: Security Advisory: Availability of SHA-2 hashing algorithm for Windows 7 and Windows Server 2008 R2 - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 294992703 Fixlet Link: http://support.microsoft.com/kb/2949927 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2949927: Security Advisory: Availability of SHA-2 hashing algorithm for Windows 7 and Windows Server 2008 R2 - Windows 7 SP1 Severity: N/A Fixlet ID: 294992705 Fixlet Link: http://support.microsoft.com/kb/2949927 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2949927: Security Advisory: Availability of SHA-2 hashing algorithm for Windows 7 and Windows Server 2008 R2 - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 294992709 Fixlet Link: http://support.microsoft.com/kb/2949927 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2973501: Update to support RDP restricted administration for Windows 8 and Windows Server 2012 - Windows Server 2012 Gold (x64) Severity: N/A Fixlet ID: 297350101 Fixlet Link: http://support.microsoft.com/kb/2973501 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2973501: Update to support RDP restricted administration for Windows 8 and Windows Server 2012 - Windows 8 Gold Severity: N/A Fixlet ID: 297350103 Fixlet Link: http://support.microsoft.com/kb/2973501 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2973501: Update to support RDP restricted administration for Windows 8 and Windows Server 2012 - Windows 8 Gold (x64) Severity: N/A Fixlet ID: 297350105 Fixlet Link: http://support.microsoft.com/kb/2973501 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 297729203 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 297729207 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows 7 SP1 Severity: N/A Fixlet ID: 297729209 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 297729211 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 297729213 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows Server 2012 Gold (x64) Severity: N/A Fixlet ID: 297729215 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows 8 Gold Severity: N/A Fixlet ID: 297729217 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows 8.1 Gold Severity: N/A Fixlet ID: 297729219 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2977292: Security advisory: Update for Microsoft EAP implementation that enables the use of TLS - Windows 8 Gold (x64) Severity: N/A Fixlet ID: 297729221 Fixlet Link: http://support.microsoft.com/kb/2977292 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984972: Update for RDC 7.1 to support restricted administration logons on Windows 7 and Windows Server 2008 R2 - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 298497203 Fixlet Link: http://support.microsoft.com/kb/2984972 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984972: Update for RDC 7.1 to support restricted administration logons on Windows 7 and Windows Server 2008 R2 - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 298497207 Fixlet Link: http://support.microsoft.com/kb/2984972 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984972: Update for RDC 7.1 to support restricted administration logons on Windows 7 and Windows Server 2008 R2 - Windows 7 SP1 Severity: N/A Fixlet ID: 298497211 Fixlet Link: http://support.microsoft.com/kb/2984972 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984976: RDP 8.0 update for restricted administration on Windows 7 or Windows Server 2008 R2 - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 298497601 Fixlet Link: http://support.microsoft.com/kb/2984976 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984976: RDP 8.0 update for restricted administration on Windows 7 or Windows Server 2008 R2 - Windows 7 SP1 Severity: N/A Fixlet ID: 298497603 Fixlet Link: http://support.microsoft.com/kb/2984976 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984976: RDP 8.0 update for restricted administration on Windows 7 or Windows Server 2008 R2 - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 298497605 Fixlet Link: http://support.microsoft.com/kb/2984976 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984981: RDC 8.1 update for restricted administration in Windows 7 or Windows Server 2008 R2 - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 298498101 Fixlet Link: http://support.microsoft.com/kb/2984981 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984981: RDC 8.1 update for restricted administration in Windows 7 or Windows Server 2008 R2 - Windows 7 SP1 Severity: N/A Fixlet ID: 298498103 Fixlet Link: http://support.microsoft.com/kb/2984981 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984981: RDC 8.1 update for restricted administration in Windows 7 or Windows Server 2008 R2 - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 298498105 Fixlet Link: http://support.microsoft.com/kb/2984981 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3001237: Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer - Windows 8 Gold (x64) Severity: N/A Fixlet ID: 300123701 Fixlet Link: http://support.microsoft.com/kb/3001237 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 3001237: Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer - Windows Server 2012 Gold (x64) Severity: N/A Fixlet ID: 300123703 Fixlet Link: http://support.microsoft.com/kb/3001237 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 3001237: Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 300123705 Fixlet Link: http://support.microsoft.com/kb/3001237 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 3001237: Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 300123707 Fixlet Link: http://support.microsoft.com/kb/3001237 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 3001237: Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer - Windows 8.1 Gold Severity: N/A Fixlet ID: 300123709 Fixlet Link: http://support.microsoft.com/kb/3001237 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 3001237: Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer - Windows 8 Gold Severity: N/A Fixlet ID: 300123711 Fixlet Link: http://support.microsoft.com/kb/3001237 Fixlet Description: A security issue has been identified in a Microsoft software product that could affect your system. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. From autonotify at us.ibm.com Mon Oct 20 02:05:22 2014 From: autonotify at us.ibm.com (autonotify at us.ibm.com) Date: Mon, 20 Oct 2014 02:05:22 -0700 Subject: [BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)' Message-ID: <201410200905.s9K95Z4q021884@d03av05.boulder.ibm.com> Fixlet Site - 'Patches for Windows (English)' Current Version: 2103 Published: Fri, 17 Oct 2014 14:15:04 GMT New Fixlets: ============ *************************************************************** Title: 2889864: Update for SharePoint Server 2013 - KB2889864 - SharePoint Server 2013 (x64) Severity: N/A Fixlet ID: 288986401 Fixlet Link: http://support.microsoft.com/kb/2889864 Fixlet Description: Microsoft has released an update for Microsoft SharePoint Enterprise Server 2013 . This update provides the latest fixes to Microsoft SharePoint Enterprise Server 2013 . Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Enable Workaround for IE Settings (Disable SSL 3.0 and enable TLS 1.0, TLS 1.1, and TLS 1.2 in Internet Explorer) Severity: N/A Fixlet ID: 300900803 Fixlet Link: https://technet.microsoft.com/library/security/3009008 Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. *************************************************************** Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Disable Workaround for IE Settings (Disable SSL 3.0 and enable TLS 1.0, TLS 1.1, and TLS 1.2 in Internet Explorer) Severity: N/A Fixlet ID: 300900805 Fixlet Link: https://technet.microsoft.com/library/security/3009008 Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. *************************************************************** Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Enable Workaround for Server Software (Disable SSL 3.0 in Windows) Severity: N/A Fixlet ID: 300900807 Fixlet Link: https://technet.microsoft.com/library/security/3009008 Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. *************************************************************** Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Disable Workaround for Server Software (Disable SSL 3.0 in Windows) Severity: N/A Fixlet ID: 300900809 Fixlet Link: https://technet.microsoft.com/library/security/3009008 Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. From autonotify at us.ibm.com Fri Oct 24 02:04:43 2014 From: autonotify at us.ibm.com (autonotify at us.ibm.com) Date: Fri, 24 Oct 2014 02:04:43 -0700 Subject: [BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)' Message-ID: <201410240904.s9O94hct010990@d01av04.pok.ibm.com> Fixlet Site - 'Patches for Windows (English)' Current Version: 2106 Published: Thu, 23 Oct 2014 15:10:24 GMT New Fixlets: ============ *************************************************************** Title: 2970228: Update to support the new currency symbol for the Russian ruble in Windows - KB2970228 - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 297022805 Fixlet Link: http://support.microsoft.com/kb/2970228 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 2970228: Update to support the new currency symbol for the Russian ruble in Windows - KB2993651 - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 297022807 Fixlet Link: http://support.microsoft.com/kb/2970228 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 2970228: Update to support the new currency symbol for the Russian ruble in Windows - KB2970228 - Windows 7 SP1 Severity: N/A Fixlet ID: 297022809 Fixlet Link: http://support.microsoft.com/kb/2970228 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 2970228: Update to support the new currency symbol for the Russian ruble in Windows - KB2993651 - Windows 7 SP1 Severity: N/A Fixlet ID: 297022811 Fixlet Link: http://support.microsoft.com/kb/2970228 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 2970228: Update to support the new currency symbol for the Russian ruble in Windows - KB2970228 - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 297022813 Fixlet Link: http://support.microsoft.com/kb/2970228 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 2970228: Update to support the new currency symbol for the Russian ruble in Windows - KB2993651 - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 297022815 Fixlet Link: http://support.microsoft.com/kb/2970228 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 2994023: RPD 8.1 client for Windows 7 or Windows Server 2008 R2 disconnects when it is connected through a RD gateway - Windows 7 SP1 Severity: N/A Fixlet ID: 299402301 Fixlet Link: http://support.microsoft.com/kb/2994023 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2994023: RPD 8.1 client for Windows 7 or Windows Server 2008 R2 disconnects when it is connected through a RD gateway - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 299402303 Fixlet Link: http://support.microsoft.com/kb/2994023 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2994023: RPD 8.1 client for Windows 7 or Windows Server 2008 R2 disconnects when it is connected through a RD gateway - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 299402305 Fixlet Link: http://support.microsoft.com/kb/2994023 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995387: Update rollup for Windows RT, Windows 8, and Windows Server 2012 - Windows 8 Gold (x64) Severity: N/A Fixlet ID: 299538701 Fixlet Link: http://support.microsoft.com/kb/2995387 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995387: Update rollup for Windows RT, Windows 8, and Windows Server 2012 - Windows 8 Gold Severity: N/A Fixlet ID: 299538703 Fixlet Link: http://support.microsoft.com/kb/2995387 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995387: Update rollup for Windows RT, Windows 8, and Windows Server 2012 - Windows Server 2012 Gold (x64) Severity: N/A Fixlet ID: 299538705 Fixlet Link: http://support.microsoft.com/kb/2995387 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3010060: Vulnerability in Microsoft OLE Could Allow Remote Code Execution - Enable OLE packager Shim Workaround - PowerPoint 2007 / PowerPoint 2010 / PowerPoint 2013 Severity: N/A Fixlet ID: 301006001 Fixlet Link: https://technet.microsoft.com/library/security/3010060 Fixlet Description: Microsoft is aware of a vulnerability affecting all supported releases of Microsoft Windows, excluding Windows Server 2003. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that contains an OLE object. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. The attack requires user interaction to succeed on Windows clients with a default configuration, as User Account Control (UAC) is enabled and a consent prompt is displayed. Applying the Microsoft Fix it solution, "OLE packager Shim Workaround", prevents exploitation of the vulnerability.Note: Affected computers may report back as 'Pending Restart' once the update has run successfully, but will not report back their final status until the computer has been restarted. *************************************************************** Title: 3010060: Vulnerability in Microsoft OLE Could Allow Remote Code Execution - Disable OLE packager Shim Workaround - PowerPoint 2007 / PowerPoint 2010 / PowerPoint 2013 Severity: N/A Fixlet ID: 301006003 Fixlet Link: https://technet.microsoft.com/library/security/3010060 Fixlet Description: Microsoft is aware of a vulnerability affecting all supported releases of Microsoft Windows, excluding Windows Server 2003. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that contains an OLE object. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. The attack requires user interaction to succeed on Windows clients with a default configuration, as User Account Control (UAC) is enabled and a consent prompt is displayed. Applying the Microsoft Fix it solution, "OLE packager Shim Workaround", prevents exploitation of the vulnerability.Note: Affected computers may report back as 'Pending Restart' once the update has run successfully, but will not report back their final status until the computer has been restarted. From autonotify at us.ibm.com Sat Oct 25 02:04:47 2014 From: autonotify at us.ibm.com (autonotify at us.ibm.com) Date: Sat, 25 Oct 2014 02:04:47 -0700 Subject: [BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)' Message-ID: <201410250904.s9P94mAt019905@d01av02.pok.ibm.com> Fixlet Site - 'Patches for Windows (English)' Current Version: 2108 Published: Fri, 24 Oct 2014 16:29:23 GMT New Fixlets: ============ *************************************************************** Title: 940349: Availability of a Volume Shadow Copy Service (VSS) update rollup package for Windows Server 2003 to resolve some VSS snapshot issues - Windows Server 2003 SP1/SP2 (x64) Severity: N/A Fixlet ID: 94034901 Fixlet Link: http://support.microsoft.com/kb/940349 Fixlet Description: Install this update to improve the reliability, scalability, and memory optimization of the Volume Shadow Copy Service (VSS) in Windows Server 2003. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 940349: Availability of a Volume Shadow Copy Service (VSS) update rollup package for Windows Server 2003 to resolve some VSS snapshot issues - Windows Server 2003 SP1/SP2 Severity: N/A Fixlet ID: 94034905 Fixlet Link: http://support.microsoft.com/kb/940349 Fixlet Description: Install this update to improve the reliability, scalability, and memory optimization of the Volume Shadow Copy Service (VSS) in Windows Server 2003. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2760371: Update for Office 2013 - KB2760371 - Office 2013 Severity: N/A Fixlet ID: 276037101 Fixlet Link: http://support.microsoft.com/kb/2760371 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2760371: Update for Office 2013 - KB2760371 - Office 2013 (x64) Severity: N/A Fixlet ID: 276037103 Fixlet Link: http://support.microsoft.com/kb/2760371 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2806748: Incorrect results when you run AD Windows PowerShell cmdlets on a Windows Server 2012 or Windows Server 2008 R2-based domain controller - Windows 2008 R2 Gold/SP1 (x64) Severity: N/A Fixlet ID: 280674801 Fixlet Link: http://support.microsoft.com/kb/2806748 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2837582: Update for Office 2010 - KB2837582 - Office 2010 Severity: N/A Fixlet ID: 283758201 Fixlet Link: http://support.microsoft.com/kb/2837582 Fixlet Description: Microsoft has released an update for Microsoft Office 2010 32-Bit Edition. This update provides the latest fixes to Microsoft Office 2010 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2837582: Update for Office 2010 - KB2837582 - Office 2010 (x64) Severity: N/A Fixlet ID: 283758203 Fixlet Link: http://support.microsoft.com/kb/2837582 Fixlet Description: Microsoft has released an update for Microsoft Office 2010 64-Bit Edition. This update provides the latest fixes to Microsoft Office 2010 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2881004:Update for Office 2013 - KB2881004 - Office 2013 Severity: N/A Fixlet ID: 288100401 Fixlet Link: http://support.microsoft.com/kb/2881004 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2881004:Update for Office 2013 - KB2881004 - Office 2013 (x64) Severity: N/A Fixlet ID: 288100403 Fixlet Link: http://support.microsoft.com/kb/2881004 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2881010: Update for Audit and Control Management Server 2013 Severity: N/A Fixlet ID: 288101001 Fixlet Link: http://support.microsoft.com/kb/2881010 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 . This update provides the latest fixes to Microsoft Office 2013 . Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2881012: Update for Office 2013 - KB2881012 - Office 2013 (x64) Severity: N/A Fixlet ID: 288101201 Fixlet Link: http://support.microsoft.com/kb/2881012 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2881012: Update for Office 2013 - KB2881012 - Office 2013 Severity: N/A Fixlet ID: 288101203 Fixlet Link: http://support.microsoft.com/kb/2881012 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2883059: Update for OneNote 2013 -KB2883059 - OneNote2013 Severity: N/A Fixlet ID: 288305901 Fixlet Link: http://support.microsoft.com/kb/2883059 Fixlet Description: Microsoft has released an update for Microsoft OneNote 2013 32-Bit Edition. This update provides the latest fixes to Microsoft OneNote 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2883059: Update for OneNote 2013 -KB2883059 - OneNote2013 (x64) Severity: N/A Fixlet ID: 288305903 Fixlet Link: http://support.microsoft.com/kb/2883059 Fixlet Description: Microsoft has released an update for Microsoft OneNote 2013 64-Bit Edition. This update provides the latest fixes to Microsoft OneNote 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2883095: Update for Office 2013 - KB2883095 - Office 2013 Severity: N/A Fixlet ID: 288309501 Fixlet Link: http://support.microsoft.com/kb/2883095 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2883095: Update for Office 2013 - KB2883095 - Office 2013 (x64) Severity: N/A Fixlet ID: 288309503 Fixlet Link: http://support.microsoft.com/kb/2883095 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889927: Update for Office 2013 - KB2889927 - Office 2013 Severity: N/A Fixlet ID: 288992701 Fixlet Link: http://support.microsoft.com/kb/2889927 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889927: Update for Office 2013 - KB2889927 - Office 2013 (x64) Severity: N/A Fixlet ID: 288992703 Fixlet Link: http://support.microsoft.com/kb/2889927 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889929: Update for Lync 2013 - KB2889929 - Lync 2013 (x64) Severity: N/A Fixlet ID: 288992903 Fixlet Link: http://support.microsoft.com/kb/2889929 Fixlet Description: Microsoft has released an update for Microsoft Lync 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Lync 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 2889929: Update for Lync 2013 - KB2889929 - Lync 2013 Severity: N/A Fixlet ID: 288992911 Fixlet Link: http://support.microsoft.com/kb/2889929 Fixlet Description: Microsoft has released an update for Microsoft Lync 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Lync 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the Knowledge Base Article for more information. *************************************************************** Title: 2889937: Update for SharePoint Server 2013 - KB2889937 - SharePoint Server 2013 (x64) Severity: N/A Fixlet ID: 288993701 Fixlet Link: http://support.microsoft.com/kb/2889937 Fixlet Description: Microsoft has released an update for Microsoft SharePoint Enterprise Server 2013 . This update provides the latest fixes to Microsoft SharePoint Enterprise Server 2013 . Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889939: Update for Word 2013 - KB2889939 - Word 2013 Severity: N/A Fixlet ID: 288993901 Fixlet Link: http://support.microsoft.com/kb/2889939 Fixlet Description: Microsoft has released an update for Microsoft Word 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Word 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889939: Update for Word 2013 - KB2889939 - Word 2013 (x64) Severity: N/A Fixlet ID: 288993903 Fixlet Link: http://support.microsoft.com/kb/2889939 Fixlet Description: Microsoft has released an update for Microsoft Word 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Word 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889940: Update for Office 2013 - KB2889940 - Office 2013 (x64) Severity: N/A Fixlet ID: 288994001 Fixlet Link: http://support.microsoft.com/kb/2889940 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889940: Update for Office 2013 - KB2889940 - Office 2013 Severity: N/A Fixlet ID: 288994003 Fixlet Link: http://support.microsoft.com/kb/2889940 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889941: Update for Excel 2013 - KB2889941 - Excel 2013 (x64) Severity: N/A Fixlet ID: 288994101 Fixlet Link: http://support.microsoft.com/kb/2889941 Fixlet Description: Microsoft has released an update for Microsoft Excel 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Excel 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889941: Update for Excel 2013 - KB2889941 - Excel 2013 Severity: N/A Fixlet ID: 288994103 Fixlet Link: http://support.microsoft.com/kb/2889941 Fixlet Description: Microsoft has released an update for Microsoft Excel 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Excel 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889942: Update for Office 2013 - KB2889942 - Office 2013 Severity: N/A Fixlet ID: 288994201 Fixlet Link: http://support.microsoft.com/kb/2889942 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889942: Update for Office 2013 - KB2889942 - Office 2013 (x64) Severity: N/A Fixlet ID: 288994203 Fixlet Link: http://support.microsoft.com/kb/2889942 Fixlet Description: Microsoft has released an update for Microsoft Office 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Office 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889943: Update for SharePoint Foundation 2013 - KB2889943 - Sharepoint Foundation 2013 (x64) Severity: N/A Fixlet ID: 288994301 Fixlet Link: http://support.microsoft.com/kb/2889943 Fixlet Description: Microsoft has released an update for Microsoft SharePoint Foundation 2013 . This update provides the latest fixes to Microsoft SharePoint Foundation 2013 . Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2977174 - Windows 8.1 Gold Severity: N/A Fixlet ID: 298400601 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2984006 - Windows 8.1 Gold Severity: N/A Fixlet ID: 298400603 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2994897 - Windows 8.1 Gold Severity: N/A Fixlet ID: 298400605 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2995004 - Windows 8.1 Gold Severity: N/A Fixlet ID: 298400607 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2977174 - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 298400609 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2984006 - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 298400611 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2994897 - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 298400613 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2995004 - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 298400615 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2977174 - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 298400617 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2984006 - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 298400619 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2994897 - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 298400621 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2984006: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2995004 - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 298400623 Fixlet Link: http://support.microsoft.com/kb/2984006 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2986204: Update for Outlook 2013 - KB2986204 - Outlook 2013 Severity: N/A Fixlet ID: 298620401 Fixlet Link: http://support.microsoft.com/kb/2986204 Fixlet Description: Microsoft has released an update for Microsoft Outlook 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Outlook 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2986204: Update for Outlook 2013 - KB2986204 - Outlook 2013 (x64) Severity: N/A Fixlet ID: 298620403 Fixlet Link: http://support.microsoft.com/kb/2986204 Fixlet Description: Microsoft has released an update for Microsoft Outlook 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Outlook 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2989542: Windows Store apps are not updated automatically in Windows 8.1 - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 298954201 Fixlet Link: http://support.microsoft.com/kb/2989542 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2989542: Windows Store apps are not updated automatically in Windows 8.1 - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 298954203 Fixlet Link: http://support.microsoft.com/kb/2989542 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2989542: Windows Store apps are not updated automatically in Windows 8.1 - Windows 8.1 Gold Severity: N/A Fixlet ID: 298954205 Fixlet Link: http://support.microsoft.com/kb/2989542 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995388: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 299538801 Fixlet Link: http://support.microsoft.com/kb/2995388 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995388: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2996799 - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 299538803 Fixlet Link: http://support.microsoft.com/kb/2995388 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995388: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 299538805 Fixlet Link: http://support.microsoft.com/kb/2995388 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995388: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2996799 - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 299538807 Fixlet Link: http://support.microsoft.com/kb/2995388 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995388: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - Windows 8.1 Gold Severity: N/A Fixlet ID: 299538809 Fixlet Link: http://support.microsoft.com/kb/2995388 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2995388: Update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 - KB2996799 - Windows 8.1 Gold Severity: N/A Fixlet ID: 299538811 Fixlet Link: http://support.microsoft.com/kb/2995388 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2998174: Active camera is switched unexpectedly when you review photos in Camera app in Windows 8.1 or Windows Server 2012 R2 - Windows 8.1 Gold Severity: N/A Fixlet ID: 299817401 Fixlet Link: http://support.microsoft.com/kb/2998174 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2998174: Active camera is switched unexpectedly when you review photos in Camera app in Windows 8.1 or Windows Server 2012 R2 - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 299817403 Fixlet Link: http://support.microsoft.com/kb/2998174 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2998174: Active camera is switched unexpectedly when you review photos in Camera app in Windows 8.1 or Windows Server 2012 R2 - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 299817405 Fixlet Link: http://support.microsoft.com/kb/2998174 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2998812: Compatibility update for Windows 7 or Windows Server 2008 R2 - Windows 7 Gold Severity: N/A Fixlet ID: 299881201 Fixlet Link: http://support.microsoft.com/kb/2998812 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2998812: Compatibility update for Windows 7 or Windows Server 2008 R2 - Windows 7 Gold / Windows Server 2008 R2 Gold (x64) Severity: N/A Fixlet ID: 299881203 Fixlet Link: http://support.microsoft.com/kb/2998812 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000731: Update for OneDrive for Business - KB3000731 - Office 2013 (x64) Severity: N/A Fixlet ID: 300073101 Fixlet Link: http://support.microsoft.com/kb/3000731 Fixlet Description: Microsoft has released an update for Microsoft OneDrive for Business 64-Bit Edition. This update provides the latest fixes to Microsoft OneDrive for Business 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000731: Update for OneDrive for Business - KB3000731 - Office 2013 Severity: N/A Fixlet ID: 300073103 Fixlet Link: http://support.microsoft.com/kb/3000731 Fixlet Description: Microsoft has released an update for Microsoft OneDrive for Business 32-Bit Edition. This update provides the latest fixes to Microsoft OneDrive for Business 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 300098803 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows 8 Gold (x64) Severity: N/A Fixlet ID: 300098805 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows Server 2008 R2 SP1 (x64) Severity: N/A Fixlet ID: 300098809 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows Server 2012 Gold (x64) Severity: N/A Fixlet ID: 300098811 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows 8 Gold Severity: N/A Fixlet ID: 300098813 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows 8.1 Gold (x64) Severity: N/A Fixlet ID: 300098815 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows 8.1 Gold Severity: N/A Fixlet ID: 300098817 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows 7 SP1 Severity: N/A Fixlet ID: 300098819 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3000988: "The profile for the user is a temporary profile" error when you install a MSI package in Windows - Windows 7 SP1 (x64) Severity: N/A Fixlet ID: 300098821 Fixlet Link: http://support.microsoft.com/kb/3000988 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3005628: Update for the .NET Framework 3.5 on Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 - Windows 8 Gold Severity: N/A Fixlet ID: 300562801 Fixlet Link: http://support.microsoft.com/kb/3005628 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3005628: Update for the .NET Framework 3.5 on Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 - Windows 8.1 Gold Severity: N/A Fixlet ID: 300562803 Fixlet Link: http://support.microsoft.com/kb/3005628 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3005628: Update for the .NET Framework 3.5 on Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 - Windows 8 Gold / Windows Server 2012 Gold (x64) Severity: N/A Fixlet ID: 300562805 Fixlet Link: http://support.microsoft.com/kb/3005628 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 3005628: Update for the .NET Framework 3.5 on Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 - Windows 8.1 Gold / Windows Server 2012 R2 Gold (x64) Severity: N/A Fixlet ID: 300562807 Fixlet Link: http://support.microsoft.com/kb/3005628 Fixlet Description: Install this update to resolve issues in Windows. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. From autonotify at us.ibm.com Tue Oct 28 02:04:40 2014 From: autonotify at us.ibm.com (autonotify at us.ibm.com) Date: Tue, 28 Oct 2014 02:04:40 -0700 Subject: [BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)' Message-ID: <201410280904.s9S94f3X022434@d01av02.pok.ibm.com> Fixlet Site - 'Patches for Windows (English)' Current Version: 2110 Published: Mon, 27 Oct 2014 14:47:06 GMT New Fixlets: ============ *************************************************************** Title: 2889928: Update for Visio 2013 - KB2889928 - Visio 2013 (x64) Severity: N/A Fixlet ID: 288992801 Fixlet Link: http://support.microsoft.com/kb/2889928 Fixlet Description: Microsoft has released an update for Microsoft Visio 2013 64-Bit Edition. This update provides the latest fixes to Microsoft Visio 2013 64-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889928: Update for Visio 2013 - KB2889928 - Visio 2013 Severity: N/A Fixlet ID: 288992803 Fixlet Link: http://support.microsoft.com/kb/2889928 Fixlet Description: Microsoft has released an update for Microsoft Visio 2013 32-Bit Edition. This update provides the latest fixes to Microsoft Visio 2013 32-Bit Edition. Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2889930: Update for SharePoint Server 2013 - KB2889930 - SharePoint Server 2013 (x64) Severity: N/A Fixlet ID: 288993001 Fixlet Link: http://support.microsoft.com/kb/2889930 Fixlet Description: Microsoft has released an update for Microsoft SharePoint Enterprise Server 2013 . This update provides the latest fixes to Microsoft SharePoint Enterprise Server 2013 . Additionally, this update contains stability and performance improvements. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: 2899475: Update 2899475 for Outlook 2007 Junk Email Filter - Outlook 2007 Severity: N/A Fixlet ID: 289947501 Fixlet Link: http://support.microsoft.com/kb/2899475 Fixlet Description: This update provides the Junk E-mail Filter in Microsoft Office Outlook 2007 Junk Email Filter with a more current definition of which e-mail messages should be considered junk e-mail. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. From autonotify at us.ibm.com Fri Oct 31 02:04:40 2014 From: autonotify at us.ibm.com (autonotify at us.ibm.com) Date: Fri, 31 Oct 2014 02:04:40 -0700 Subject: [BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)' Message-ID: <201410310904.s9V94fQB024033@d03av05.boulder.ibm.com> Fixlet Site - 'Patches for Windows (English)' Current Version: 2113 Published: Fri, 31 Oct 2014 02:39:57 GMT New Fixlets: ============ *************************************************************** Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Enable Workaround for Client Software (Disable SSL 3.0 in Windows) Severity: N/A Fixlet ID: 300900811 Fixlet Link: https://technet.microsoft.com/library/security/3009008 Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. *************************************************************** Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Disable Workaround for Client Software (Disable SSL 3.0 in Windows) Severity: N/A Fixlet ID: 300900813 Fixlet Link: https://technet.microsoft.com/library/security/3009008 Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. *************************************************************** Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Enable Workaround for IE Settings (Disable SSL 3.0 in Internet Explorer) Severity: N/A Fixlet ID: 300900815 Fixlet Link: https://support.microsoft.com/kb/3009008 Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. *************************************************************** Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Disable Workaround for IE Settings (Disable SSL 3.0 in Internet Explorer) Severity: N/A Fixlet ID: 300900817 Fixlet Link: https://support.microsoft.com/kb/3009008 Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.