February 2015 Updates - MSRC - Site Home - TechNet BlogsToday, as part of Update Tuesday, we released nine security bulletins– three rated Critical and six rated Important in severity, to address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software.
We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate the XI, a full description can be found here.
We re-released one Security Bulletin:
- MS14-083 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
One new Security Advisory was released:
- Update for Windows Command Line Auditing (3004375).
One Security Advisory was revised:
- Vulnerability in SSL 3.0 Could Allow Information Disclosure (3009008).
We also announced changes related to SSL 3.0 and you can read more about these on the IE blog.
For the latest information, you can follow the Microsoft Security Response Center (MSRC) team on Twitter at@MSFTSecResponse.
MSRC TeamNoteUPDATE:New KB3021952, KB3038930, and KB3040021 Windows Updates for Windows 10
Just a FYI (KB3001652) Update to Visual Studio 2010 Tools for Office runtime seems to be stuck doing nothing for 30 mins on 3 of my machines. May want to skip that update and install it separately. 2 Windows 7 machines and a Windows 8.1 machine.
Going for them !
Here are the updates I received today:
My tablet is stuck on the VS update (too late to skip it) I love patch TuesdayJust a FYI (KB3001652) Update to Visual Studio 2010 Tools for Office runtime seems to be stuck doing nothing for 30 mins on 3 of my machines. May want to skip that update and install it separately. 2 Windows 7 machines and a Windows 8.1 machine.
Barry Dorrans said on Twitter that KB3001652 has been pulled.
Thanks for the information.Barry Dorrans said on Twitter that KB3001652 has been pulled.
Jeff
Not before it screwed up countless PC's worldwide. I am an unpaid beta tester........... I have a Windows 8 machine that boots to attempt to install the patch. Frankly I fail to see how on earth Windows 10 will be ready in June 2015? Depends on the definition of ready???
Do any of the updates fix the above problem?
Barry Dorrans said on Twitter that KB3001652 has been pulled.
Yanked in 2 hours! Got it on my surface pro 3 and it totally roached software distribution folder! Thanks God Windows Update Diagnostic Tool fixed it. I had to rather ungracefully powerbutton-volumecontrol re-boot!
from ZDNet:
Finally, one optional update released today, an Update Rollup for Visual Studio 2010 Tools for Office Runtime, was pulled from distribution within two hours after widespread reports that the update was causing the update process to hang on some systems. That might be a record for fastest-ever response for a balky update.
Microsoft's Patch Tuesday release leaves one big vulnerability unpatched | ZDNet
