Microsoft-Patchday February 2015

February 10, 2015, Microsoft has issued a couple of security updates for Windows, Office, Internet Explorer and other products. Here is a brief overview what has been updated.


Advertising

9 Updates for Windows, Office and Internet Explorer

Microsoft hat published the following bulletin list of Windows, IE  and Office updates within Security TechCenter:

Bulletin
KB Title Rating
MS15-017 3035898 Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege Important
MS15-016 3029944 Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure Important
MS15-015 3031432 Vulnerability in Microsoft Windows Could Allow Elevation of Privilege Important
MS15-014 3004361 Vulnerability in Group Policy Could Allow Security Feature Bypass Important
MS15-013 3033857 Vulnerability in Microsoft Office Could Allow Security Feature Bypass Important
MS15-012 3032328 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution Important
MS15-011 3000483 Vulnerability in Group Policy Could Allow Remote Code Execution Critical
MS15-010 3036220 Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution Critical
MS15-009 3034682 Security Update for Internet Explorer Critical

Microsoft Security Bulletin Summary for February 2015 with  executive summaries and affected software is published here.

Security updates for Office, OneDrive and Visual Studio

Beside the upper list, Microsoft has updated also a few other products, including Office 2013. Here a list of updates I've found on my machines so far – the links to KB articles are still not valid.

  • Definition update for Microsoft Office 2013 (KB2920752) 32-Bit-Edition, size: 3,1 MB; Important
  • Security update for Microsoft Excel 2013 (KB2920753) 32-Bit-Edition, size: 84,9 MB, restart needed, Important
  • Security update for Microsoft Office 2013 (KB2910941) 32-Bit-Edition; size: 228 KB, Important
  • Update for Microsoft Access 2013 (KB2910930) 32-Bit-Edition, size: 24,7 MB, restart needed, Important
  • Update for Microsoft Lync 2013 (KB2920744) 32-Bit-Edition, size: 84,9 MB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2827223) 32-Bit-Edition, size: 6,6 MB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2880977) 32-Bit-Edition, size: 420 KB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2889846) 32-Bit-Edition, size: 8,9 MB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2910921) 32-Bit-Edition, size: 2,9 MB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2920735) 32-Bit-Edition, size: 75 KB, restart needed, Important 
  • Update for Microsoft Office 2013 (KB2920740) 32-Bit-Edition, size: 29,3 MB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2920742) 32-Bit-Edition, size: 563 KB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2920745) 32-Bit-Edition, size: 8,6 MB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2920769) 32-Bit-Edition; size: 888 KB, restart needed, Important
  • Update for Microsoft Office 2013 (KB2920798) 32-Bit-Edition, size: 119,5 MB, restart needed, Important 
  • Update for Microsoft Office 2013 (KB2956102) 32-Bit-Edition, size: 65,7 MB, restart needed, Important
  • Update for Microsoft OneDrive for Business (KB2920746) 32-Bit-Edition, size: 66,8 MB, restart needed, Important 
  • Update for Microsoft OneNote 2013 (KB2920739) 32-Bit-Edition, size: 76,0 MB, restart needed, Important
  • Update for Microsoft Outlook 2013 (KB2956087) 32-Bit-Edition, size: 84,0 MB, restart needed, Important 
  • Update for Microsoft PowerPoint 2013 (KB2920732) 32-Bit-Edition, size: 48,8 MB, restart needed, Important
  • Update for Microsoft Project 2013 (KB2956091) 32-Bit-Edition, size: 29,4 MB, restart needed, Important
  • Update for Microsoft Publisher 2013 (KB2883048) 32-Bit-Edition, size: 37,1 MB, restart needed, Important
  • Update for Microsoft Word 2013 (KB2956085) 32-Bit-Edition, size: 161,1 MB, restart needed, Important

Update for Microsoft Visual Studio 2010-Tools for Office runtime (KB3001652), size: 38,3 MB, to be withdrawn, because it's causing issues (won't install).

Update MS14-083 (KB-3017347) for Excel, issued December 2014 has been re-released:


Advertising

Vulnerabilities in Microsoft Excel Could Allow Remote
   Code Execution (3017347)
Title: Vulnerabilities in Microsoft Excel Could Allow Remote
   Code Execution (3017347)
https://technet.microsoft.com/library/security/ms14-083
– Reason for Revision: V2.0 (February 10, 2015): Bulletin
   rereleased to announce the availability of an additional
   update package for Microsoft Excel Viewer (2920791) that
   addresses the vulnerabilities discussed in this bulletin.
   Note that the 2920791 update also addresses a vulnerability
   discussed in MS15-012, which is being released concurrently.
   Microsoft recommends that customers running Microsoft Excel
   Viewer apply the 2920791 update at their earliest convenience.
   See the Affected Software table for the download link.
– Originally posted: December 9, 2014
– Updated: February 10, 2015
– Bulletin Severity Rating: Important

Microsoft Security Essentials/Windows Defender Definition Update

There has been also two additional updates for MSE and Defender:

Definition update KB2310138 (Definition 1.191.4500.0), size 473 KByte for Microsoft Security Essentials

Windows Defender definition update KB2267602 (Definition 1.191.4536.0), size 8,2 MB.

Windows 10 Build 9926

Also patches KB 3038357, 3021953  and 3037975 (Flash Player) has also been released for Windows 10 (see Tweet from Gabe Aul and here).


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in computer, Office, Windows and tagged , , , , . Bookmark the permalink.

3 Responses to Microsoft-Patchday February 2015

  1. Pingback: Warning: Do not install MS update KB 3001652 | Born's Tech and Windows World

  2. guenni says:

    Side notes: Since publishing this article, I made a few new observersions.

    First of all, KB 3001652 causes systems hung and the update has been pulled. Further Details here: Warning: Do not install MS update KB 3001652

    My MVP collegue Ed Bott writes at ZDNet.com, that IE XSS vulnerability hasn't been fixed. Also a vulnerability in Windows Server 2003 hasn't been fixed.

  3. Pingback: Update KB3001652 re-released, KB3013455 has still issues, KB2920732 for PowerPoint 2013 has been pulled | Born's Tech and Windows World

Leave a Reply

Your email address will not be published. Required fields are marked *