Thursday, September 04, 2014

Microsoft Security Bulletin Advance Notice for September, 2014

Security Bulletin
On Tuesday, September 9, 2014, Microsoft is planning to release four (4) bulletins.  One bulletin is identified as Critical with the remaining three as Important.

The updates address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework and Lync.

Outdated ActiveX Controls

It is expected that the postponed addition to Internet Explorer in which outdated ActiveX controls will be blocked will be included in the update.  Unfortunately, this will not apply to IE on Windows Vista, so those people with Oracle Java installed will need to continue carefully monitoring the Java install on their computer.

The supported configurations in which the out-of-date ActiveX control blocking feature will work with are the following:
  • Windows 7 SP1, Internet Explorer 8 through Internet Explorer 11
  • Windows 8 and up, Internet Explorer for the desktop
  • All Security Zones—such as the Internet Zone—but not the Local Intranet Zone and the Trusted Sites Zone
Additional details are available in the IE Blog post referenced below.

Reminder

As has been widely publicized, support ended for Windows XP and Office 2003 on April 8, 2014.  See Tim Rains article, The Risk of Running Windows XP After Support Ends April 2014. Note also that Microsoft Security Essentials will no longer be available for download for Windows XP.

As happens each month, Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...







    No comments: