Virtual Administrator's October 2014 Patch Recommendations

8 Security Bulletins were released – 3 Critical, 5 Important, and 0 Moderate

This Month In Brief

8 Security Bulletins were released – 3 Critical, 5 Important

We have not uncovered any widespread problems with any of the 8 Security Bulletins and are releasing all of them.

MS14-056, MS14-057 and MS14-058 are rated Critical. After your next patch cycle completes you should follow up and make sure this is installed. Some have had trouble installing MS14-058 (KB3000061) – see “Heads Up” below.

No out-of-band updates were released during the last month.

Heads Up
“KB3000061 fails to install on Server 2012”
https://social.technet.microsoft.com/Forums/windowsserver/en-US/f77691d8-a9d0-4714-98ad-71665cfa8965/kb3000061-fails-to-install-on-server-2012?forum=winserver8gen

Problems with Non-rated Security Updates and Optional Updates also released this month.

KB2984972 Non-rated Security Updates (High Priority)
http://support.microsoft.com/kb/2984972
Problem: KB2984972 on Server 2008R2 RD server caused issues with Wyse thinclients
More information:http://www.thinstuff.com/faq/index.php?solution_id=1122
Problem: App-V issues
More information:https://social.technet.microsoft.com/Forums/en-US/c90212b0-b32c-4488-9753-fb952112828c/warning-kb2984972-and-autodeskrelated-46-appv-packages?forum=mdopappv

KB2949927 Non-rated Security Updates (High Priority)
http://support.microsoft.com/kb/2949927
Problem: KB2949927 will fail to install and revert the changes at the next boot if you have BitLocker disabled.
More Information: https://social.technet.microsoft.com/Forums/en-US/bc191121-94ab-483f-ae9f-d5056ca3aae5/kb2949927-fails-to-install-if-bitlocker-fvevol-service-is-disabled?forum=w7itproinstall

KB2995388 Updates (Optional – Software)
http://support.microsoft.com/kb/2995388
Problem: After installing the patch, every time you try to boot a virtual machine, you get a message: “Not enough physical memory is available to power on this virtual machine with its configured settings.”
More information:http://blogs.vmware.com/workstation/2014/10/workstation-10-issue-recent-microsoft-windows-8-1-update.html8″>http://blogs.vmware.com/workstation/2014/10/workstation-10-issue-recent-microsoft-windows-8-1-update.html8 Security Bulletins were released – 3 Critical, 5 Important

We have not uncovered any widespread problems with any of the 8 Security Bulletins and are releasing all of them.

MS14-056, MS14-057 and MS14-058 are rated Critical. After your next patch cycle completes you should follow up and make sure this is installed. Some have had trouble installing MS14-058 (KB3000061) – see “Heads Up” below.

No out-of-band updates were released during the last month.

Heads Up
“KB3000061 fails to install on Server 2012”
https://social.technet.microsoft.com/Forums/windowsserver/en-US/f77691d8-a9d0-4714-98ad-71665cfa8965/kb3000061-fails-to-install-on-server-2012?forum=winserver8gen

Problems with Non-rated Security Updates and Optional Updates also released this month.

KB2984972 Non-rated Security Updates (High Priority)
http://support.microsoft.com/kb/2984972
Problem: KB2984972 on Server 2008R2 RD server caused issues with Wyse thinclients
More information:http://www.thinstuff.com/faq/index.php?solution_id=1122
Problem: App-V issues
More information:https://social.technet.microsoft.com/Forums/en-US/c90212b0-b32c-4488-9753-fb952112828c/warning-kb2984972-and-autodeskrelated-46-appv-packages?forum=mdopappv

KB2949927 Non-rated Security Updates (High Priority)
http://support.microsoft.com/kb/2949927
Problem: KB2949927 will fail to install and revert the changes at the next boot if you have BitLocker disabled.
More Information: https://social.technet.microsoft.com/Forums/en-US/bc191121-94ab-483f-ae9f-d5056ca3aae5/kb2949927-fails-to-install-if-bitlocker-fvevol-service-is-disabled?forum=w7itproinstall

KB2995388 Updates (Optional – Software)
http://support.microsoft.com/kb/2995388
Problem: After installing the patch, every time you try to boot a virtual machine, you get a message: “Not enough

physical memory is available to power on this virtual machine with its configured settings.”
More information:http://blogs.vmware.com/workstation/2014/10/workstation-10-issue-recent-microsoft-windows-8-1-update.html

Exploitability

• Publically disclosed: MS14-062
• Being exploited: MS14-056, MS14-058, MS14-060
• Rated CRITICAL: MS14-056, MS14-057, MS14-058
• (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)

Requires Restart

• Servers: No
• Workstations: No

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

	MS14-056 Cumulative Security Update for Internet Explorer (2987107)	(Internet Explorer) The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. Details KB in Kaseya: KB2987107 Affected Software: Internet Explorer 6-11 Known Issues per MS:
	MS14-057 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414)	(.Net Framework) The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application. Details KB in Kaseya: KB2968292, KB2968294, KB2968295, KB2968296, KB2972098, KB2972100, KB2972101, KB2972103, KB2972105, KB2972106, KB2972107, KB2978041, KB2978042, KB2979568, KB2979570, KB2979571, KB2979573, KB2979574, KB2979575, KB2979576, KB2979577, KB2979578 Affected Software: .NET 2.0 sp2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2 Known Issues per MS:
	MS14-058 Vulnerability in Kernel-Mode Driver Could Allow Remote Code Execution (3000061)	(Microsoft Windows) The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts. Details KB in Kaseya: KB3000061 Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT Known Issues per MS:

IMPORTANT

	MS14-059 Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942)	(Microsoft Developer Tools) The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to visit a webpage that contains specially crafted content designed to exploit the vulnerability. Details KB in Kaseya: KB2992080, KB2993928, KB2993937, KB2993939, KB2994397 Affected Software: ASP.NET MVC 2.0/3.0/4.0/5.0/5.1 Known Issues per MS:
	MS14-060 Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869)	(Microsoft Windows) The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. Details KB in Kaseya: KB3000869 Affected Software: Vista, Windows 7/8/8.1, Server 2008/2008R2/2012/2012R2, Windows RT Known Issues per MS:
	MS14-061 Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434)	(Microsoft Office) The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. Details KB in Kaseya: KB2883008, KB2883013, KB2883031, KB2883098, KB2883032, KB2889827, KB3004865 Affected Software: Office 2007/2010, Office 2011 for MAC, SharePoint Server 2010,Office 2010 Web Apps Known Issues per MS:
	MS14-062 Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254)	(Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker sends a specially crafted input/output control (IOCTL) request to the Message Queuing service. Details KB in Kaseya: KB2993254 Affected Software: Server 2003 Known Issues per MS:
	MS14-063 Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege (2998579)	(Microsoft Windows) An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges. Details KB in Kaseya: KB2998579 Affected Software: Vista, Server 2003/2008 Known Issues per MS: