Virtual Administrator's October 2014 Patch Recommendations

8 Security Bulletins were released – 3 Critical, 5 Important, and 0 Moderate

This Month In Brief

8 Security Bulletins were released – 3 Critical, 5 Important

We have not uncovered any widespread problems with any of the 8 Security Bulletins and are releasing all of them.

MS14-056, MS14-057 and MS14-058 are rated Critical. After your next patch cycle completes you should follow up and make sure this is installed. Some have had trouble installing MS14-058 (KB3000061) – see “Heads Up” below.

No out-of-band updates were released during the last month.

Heads Up
“KB3000061 fails to install on Server 2012”
https://social.technet.microsoft.com/Forums/windowsserver/en-US/f77691d8-a9d0-4714-98ad-71665cfa8965/kb3000061-fails-to-install-on-server-2012?forum=winserver8gen

Problems with Non-rated Security Updates and Optional Updates also released this month.

KB2984972 Non-rated Security Updates (High Priority)
http://support.microsoft.com/kb/2984972
Problem: KB2984972 on Server 2008R2 RD server caused issues with Wyse thinclients
More information:http://www.thinstuff.com/faq/index.php?solution_id=1122
Problem: App-V issues
More information:https://social.technet.microsoft.com/Forums/en-US/c90212b0-b32c-4488-9753-fb952112828c/warning-kb2984972-and-autodeskrelated-46-appv-packages?forum=mdopappv

KB2949927 Non-rated Security Updates (High Priority)
http://support.microsoft.com/kb/2949927
Problem: KB2949927 will fail to install and revert the changes at the next boot if you have BitLocker disabled.
More Information: https://social.technet.microsoft.com/Forums/en-US/bc191121-94ab-483f-ae9f-d5056ca3aae5/kb2949927-fails-to-install-if-bitlocker-fvevol-service-is-disabled?forum=w7itproinstall

KB2995388 Updates (Optional – Software)
http://support.microsoft.com/kb/2995388
Problem: After installing the patch, every time you try to boot a virtual machine, you get a message: “Not enough physical memory is available to power on this virtual machine with its configured settings.”
More information:http://blogs.vmware.com/workstation/2014/10/workstation-10-issue-recent-microsoft-windows-8-1-update.html8″>http://blogs.vmware.com/workstation/2014/10/workstation-10-issue-recent-microsoft-windows-8-1-update.html8 Security Bulletins were released – 3 Critical, 5 Important

We have not uncovered any widespread problems with any of the 8 Security Bulletins and are releasing all of them.

MS14-056, MS14-057 and MS14-058 are rated Critical. After your next patch cycle completes you should follow up and make sure this is installed. Some have had trouble installing MS14-058 (KB3000061) – see “Heads Up” below.

No out-of-band updates were released during the last month.

Heads Up
“KB3000061 fails to install on Server 2012”
https://social.technet.microsoft.com/Forums/windowsserver/en-US/f77691d8-a9d0-4714-98ad-71665cfa8965/kb3000061-fails-to-install-on-server-2012?forum=winserver8gen

Problems with Non-rated Security Updates and Optional Updates also released this month.

KB2984972 Non-rated Security Updates (High Priority)
http://support.microsoft.com/kb/2984972
Problem: KB2984972 on Server 2008R2 RD server caused issues with Wyse thinclients
More information:http://www.thinstuff.com/faq/index.php?solution_id=1122
Problem: App-V issues
More information:https://social.technet.microsoft.com/Forums/en-US/c90212b0-b32c-4488-9753-fb952112828c/warning-kb2984972-and-autodeskrelated-46-appv-packages?forum=mdopappv

KB2949927 Non-rated Security Updates (High Priority)
http://support.microsoft.com/kb/2949927
Problem: KB2949927 will fail to install and revert the changes at the next boot if you have BitLocker disabled.
More Information: https://social.technet.microsoft.com/Forums/en-US/bc191121-94ab-483f-ae9f-d5056ca3aae5/kb2949927-fails-to-install-if-bitlocker-fvevol-service-is-disabled?forum=w7itproinstall

KB2995388 Updates (Optional – Software)
http://support.microsoft.com/kb/2995388
Problem: After installing the patch, every time you try to boot a virtual machine, you get a message: “Not enough

physical memory is available to power on this virtual machine with its configured settings.”
More information:http://blogs.vmware.com/workstation/2014/10/workstation-10-issue-recent-microsoft-windows-8-1-update.html

Exploitability

Requires Restart

  • Servers: No
  • Workstations: No

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS14-056 Cumulative Security Update for Internet Explorer (2987107) (Internet Explorer) The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Details
KB in Kaseya: KB2987107
Affected Software: Internet Explorer 6-11
Known Issues per MS:
MS14-057 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414) (.Net Framework) The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application.
Details
KB in Kaseya: KB2968292, KB2968294, KB2968295, KB2968296, KB2972098, KB2972100, KB2972101, KB2972103, KB2972105, KB2972106, KB2972107, KB2978041, KB2978042, KB2979568, KB2979570, KB2979571, KB2979573, KB2979574, KB2979575, KB2979576, KB2979577, KB2979578
Affected Software: .NET 2.0 sp2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2
Known Issues per MS:
MS14-058 Vulnerability in Kernel-Mode Driver Could Allow Remote Code Execution (3000061) (Microsoft Windows) The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts.
Details
KB in Kaseya: KB3000061
Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT
Known Issues per MS:

IMPORTANT

MS14-059 Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942) (Microsoft Developer Tools) The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to visit a webpage that contains specially crafted content designed to exploit the vulnerability.
Details
KB in Kaseya: KB2992080, KB2993928, KB2993937, KB2993939, KB2994397
Affected Software: ASP.NET MVC 2.0/3.0/4.0/5.0/5.1
Known Issues per MS:
MS14-060 Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869) (Microsoft Windows) The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object.
Details
KB in Kaseya: KB3000869
Affected Software: Vista, Windows 7/8/8.1, Server 2008/2008R2/2012/2012R2, Windows RT
Known Issues per MS:
MS14-061 Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) (Microsoft Office) The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file.
Details
KB in Kaseya: KB2883008, KB2883013, KB2883031, KB2883098, KB2883032, KB2889827, KB3004865
Affected Software: Office 2007/2010, Office 2011 for MAC, SharePoint Server 2010,Office 2010 Web Apps
Known Issues per MS:
MS14-062 Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254) (Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker sends a specially crafted input/output control (IOCTL) request to the Message Queuing service.
Details
KB in Kaseya: KB2993254
Affected Software: Server 2003
Known Issues per MS:
MS14-063 Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege (2998579) (Microsoft Windows) An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges.
Details
KB in Kaseya: KB2998579
Affected Software: Vista, Server 2003/2008
Known Issues per MS: