Adobe Security Bulletin

Security Bulletins / Advisories No Comments »

Security Updates available for Adobe Reader and Acrobat


Release date: September 16, 2014 Vulnerability identifier: APSB14-20 Priority: See table below CVE Numbers: CVE-2014-0560, CVE-2014-0561, CVE-2014-0562, CVE-2014-0563, CVE-2014-0565, CVE-2014-0566, CVE-2014-0567, CVE-2014-0568 Platform: Windows and Macintosh

Summary


Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to take over the affected system. Adobe recommends users update their product installations to the latest versions:
  • Users of Adobe Reader XI (11.0.08) and earlier versions should update to version 11.0.09.
  • For users of Adobe Reader X (10.1.11) and earlier versions who cannot update to version 11.0.09, Adobe has made available version 10.1.12.
  • Users of Adobe Acrobat XI (11.0.08) and earlier versions should update to version 11.0.09.
  • For users of Adobe Acrobat X (10.1.11) and earlier versions, who cannot update to version 11.0.09, Adobe has made available version 10.1.12.

Affected software versions


  • Adobe Reader XI (11.0.08) and earlier 11.x versions for Windows
  • Adobe Reader XI (11.0.07) and earlier 11.x versions for Macintosh
  • Adobe Reader X (10.1.11) and earlier 10.x versions for Windows
  • Adobe Reader X (10.1.10) and earlier 10.x versions for Macintosh
  • Adobe Acrobat XI (11.0.08) and earlier 11.x versions for Windows
  • Adobe Acrobat XI (11.0.07) and earlier 11.x versions for Macintosh
  • Adobe Acrobat X (10.1.11) and earlier 10.x versions for Windows
  • Adobe Acrobat X (10.1.10) and earlier 10.x versions for Macintosh

Solution


Adobe recommends users update their software installations by following the instructions below: Adobe Reader The product’s default update mechanism is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help > Check for Updates. Adobe Reader users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows Adobe Reader users on Macintosh can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh Adobe Acrobat The product’s default update mechanism is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help > Check for Updates. Acrobat Standard and Pro users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows Acrobat Pro users on Macintosh can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Priority and severity ratings


Adobe categorizes these updates with the following priority ratings and recommends users update their installations to the newest versions: http://helpx.adobe.com/security/products/reader/apsb14-20.html

Microsoft Security Bulletin Minor Revisions Issued: September 16, 2014

Security Bulletins / Advisories No Comments »
Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS14-046 – Important

Bulletin Information:

MS14-046 – Important

– »technet.microsoft.com/library/se···ms14-046
– Reason for Revision: V1.1 (September 16, 2014): Bulletin revised
to announce a detection change in the 2966827 update for
Microsoft .NET Framework 3.0 Service Pack 2 on Windows 8 and
Windows Server 2012. This is a detection change only. There were
no changes to the update files. Customers who have already
successfully updated their systems do not need to take any
action.
– Originally posted: August 12, 2014
– Updated: September 16, 2014
– Bulletin Severity Rating: Important
– Version: 1.1

Microsoft Security Bulletin Re-Releases Issued: September 15, 2014

Security Bulletins / Advisories No Comments »
Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS14-055 – Important

Bulletin Information:

MS14-055 – Important

https://technet.microsoft.com/library/security/ms14-055
– Reason for Revision: V2.0 (September 15, 2014): Bulletin revised to
remove Download Center links for Microsoft security update
2982385 for Microsoft Lync Server 2010. See the Update FAQ for
details.
– Originally posted: September 9, 2014
– Updated: September 15, 2014
– Bulletin Severity Rating: Important
– Version: 2.0

Microsoft Security Bulletin Minor Revisions Issued: September 10, 2014

Security Bulletins / Advisories 1 Comment »
Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS14-016 – Important

Bulletin Information:

MS14-016 – Important

– »technet.microsoft.com/library/se···ms14-016
– Reason for Revision: V1.1 (September 10, 2014): Revised Update
FAQ and entries in the Operating System column of the Affected
Software table to further clarify what version of Active
Directory must be installed on a system to be offered the update.
These are informational changes only.
– Originally posted: March 11, 2014
– Updated: September 10, 2014
– Bulletin Severity Rating: Important
– Version: 1.2

Microsoft Security Advisory Notification Issued: September 9, 2014

Security Bulletins / Advisories No Comments »
Security Advisories Updated or Released Today

* Microsoft Security Advisory (2755801)
– Title: Update for Vulnerabilities in Adobe Flash Player in
Internet Explorer
– »technet.microsoft.com/library/se···/2755801
– Revision Note: V28.0 (September 9, 2014): Added the 2987114
update to the Current Update section.

* Microsoft Security Advisory (2871997)
– Title: Update to Improve Credentials Protection and Management
– »technet.microsoft.com/library/se···/2871997
– Revision Note: V3.0 (September 9, 2014): Rereleased advisory to
announce the release of update 2982378 to provide additional
protection for users credentials when logging into a Windows 7
or Windows Server 2008 R2 system. See Updates Related to this
Advisory for details.

* Microsoft Security Advisory (2905247)
– Title: Insecure ASP.NET Site Configuration Could Allow Elevation
of Privilege
– »technet.microsoft.com/library/se···/2905247
– Revision Note: V2.0 (September 9, 2014): Advisory rereleased to
announce the offering of the security update via Microsoft
Update, in addition to the Download-Center-only option that was
provided when this advisory was originally released.
Additionally, some of the updates were reissued to improve their
quality. See the Update FAQ for details.

Microsoft Security Bulletin(s) for September 09, 2014

Security Bulletins / Advisories No Comments »
 

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
https://technet.microsoft.com/library/security/ms14-sep

Critical (1)

Microsoft Security Bulletin MS14-052
Cumulative Security Update for Internet Explorer (2977629)
https://technet.microsoft.com/library/security/ms14-052

Important (3)

Microsoft Security Bulletin MS14-053
Vulnerability in .NET Framework Could Allow Denial of Service (2990931)
https://technet.microsoft.com/library/security/ms14-053

Microsoft Security Bulletin MS14-054
Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (2988948)
https://technet.microsoft.com/library/security/ms14-054

Microsoft Security Bulletin MS14-055
Vulnerabilities in Microsoft Lync Server Could Allow Denial of Service (2990928)
https://technet.microsoft.com/library/security/ms14-055

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website – visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

Microsoft Security Bulletin Advance Notification – September 4, 2014

Security Bulletins / Advisories Comments Off
This is an advance notification of 4 security bulletins that Microsoft is intending to release on September 9, 2014.

1 rated as Critical and 3 with a rating of Important.

https://technet.microsoft.com/en-us/security/bulletin/ms14-sep

img

Microsoft Security Bulletin Minor Revisions Issued: September 3, 2014

Security Bulletins / Advisories Comments Off
Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS14-028 – Important

Bulletin Information:

MS14-028 – Important

– »technet.microsoft.com/library/se···ms14-028
– Reason for Revision: V1.1 (September 3, 2014): Updated the
Known Issues entry in the Knowledge Base Article section from
“None” to “Yes”. See Knowledge Base Article 2962485 for details.
– Originally posted: May 13, 2014
– Updated: September 3, 2014
– Bulletin Severity Rating: Important
– Version: 1.1

Microsoft Security Bulletin Re-Releases Issued: August 27, 2014

Security Bulletins / Advisories Comments Off
Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS14-045 – Important


Bulletin Information:

MS14-045 – Important

https://technet.microsoft.com/library/security/ms14-045
– Reason for Revision: V3.0 (August 27, 2014): Bulletin rereleased
to announce the replacement of the 2982791 update with the 2993651
update for all supported releases of Microsoft Windows. See the
Update FAQ for details.
– Originally posted: August 12, 2014
– Updated: August 27, 2014
– Bulletin Severity Rating: Important
– Version: 3.0

Microsoft Security Bulletin Minor Revisions Issued: August 20, 2014

Security Bulletins / Advisories Comments Off

Summary

The following bulletin has undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS14-049 – Important

Bulletin Information:

MS14-049 – Important

– »technet.microsoft.com/library/se···ms14-049
– Reason for Revision: V1.1 (August 20, 2014): Bulletin revised to
add prerequisite information for customers running Windows Server
2003 who install updates manually. See Update FAQ for more
information.
– Originally posted: August 12, 2014
– Updated: August 20, 2014
– Bulletin Severity Rating: Important
– Version: 1.1


© 2014 DP's Security Bits.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in