Microsoft hat heute vierzehn Sicherheit-Bulletins im Rahmen des November 2014 Patchday veröffentlicht und zum sofortigen Download freigegeben. Vier davon werden als kritisch, acht als wichtig und zwei als moderat eingestuft. Angekündigt wurden fünf kritische, neun wichtige und zwei als moderat eingestufte Sicherheit-Bulletins. Die Sicherheit-Bulletins MS14-068 und MS14-075 werden laut Microsoft zum einen späteren Zeitpunkt erhältlich sein. Die heutigen Sicherheit-Bulletins beheben insgesamt dreiunddreißig Sicherheitslücken in Microsoft Windows, Internet Explorer, Microsoft Office, Microsoft .NET Framework und Microsoft Server Software. Rekordhalter ist auch heute der Internet Explorer, denn das kumulative Sicherheitsupdate MS14-065 für den Internet Explorer behebt siebzehn schwerwiegende Sicherheitslücken. Die kritischen Updates betreffen Windows und Internet Explorer, die wichtigen Windows, Office, .NET Framework und Server Software, die moderaten Windows und Office.
Benutzer, die die automatische Aktualisierung von Windows aktiviert haben, müssen keine Maßnahmen ergreifen, da alle Sicherheitsupdates automatisch heruntergeladen und installiert werden. Benutzer, die die automatische Aktualisierung nicht aktiviert haben, müssen auf Updates prüfen und diese Updates manuell installieren. Weitere Informationen dazu finden sich im Microsoft Security Bulletin Summary für November 2014.
Download -> Microsoft Sicherheitsupdates für November 2014
- MS14-064 – Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)
This security update resolves two vulnerabilities in Microsoft Windows. - MS14-065 – Cumulative Security Update for Internet Explorer (3003057)
This security update resolves seventeen vulnerabilities in Internet Explorer. - MS14-066 – Vulnerability in Schannel Could Allow Remote Code Execution (2992611)
This security update resolves a vulnerability in the Microsoft Secure Channel. - MS14-067 – Vulnerability in XML Core Services Could Allow Remote Code Execution (2993958)
This security update resolves a vulnerability in Microsoft Windows. - MS14-069 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)
This security update resolves three vulnerabilities in Microsoft Office. - MS14-070 – Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)
This security update resolves a vulnerability in TCP/IP. - MS14-071 – Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)
This security update resolves a vulnerability in Microsoft Windows. - MS14-072 – Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
This security update resolves a vulnerability in Microsoft .NET Framework. - MS14-073 – Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)
This security update resolves a vulnerability in Microsoft SharePoint Server. - MS14-074 – Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)
This security update resolves a vulnerability in Microsoft Windows. - MS14-076 – Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass (2982998)
This security update resolves a vulnerability in Microsoft IIS. - MS14-077 – Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3003381)
This security update resolves a vulnerability in Active Directory Federation Services. - MS14-078 – Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (3005210)
This security update resolves a vulnerability in Microsoft Input Method Editor. - MS14-079 – Vulnerability in Kernel Mode Driver Could Allow Denial of Service (3002885)
This security update resolves a vulnerability in Microsoft Windows.
Microsoft Patchday für November 2014 -> Weitere Infos
- Microsoft Security Bulletin Summary for November 2014
This bulletin summary lists security bulletins released for November 2014. With the release of the security bulletins for November 2014, this bulletin summary replaces the bulletin advance notification originally issued November 6, 2014 -> https://technet.microsoft.com/library/security/ms14-nov - TechNet Blogs » MSRC » November 2014 Updates
Today, as part of Update Tuesday, we released 14 security updates – four rated Critical, nine rated Important, and two rated Moderate, to address 33 Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office, .NET Framework, Internet Information Services (IIS), Remote Desktop Protocol (RDP), Active Directory Federation Services (ADFS), Input Method Editor (IME) (Japanese), and Kernel Mode Driver (KMD) -> http://blogs.technet.com/b/msrc/archive/2014/11/11/november-2014-updates.aspx
Microsoft empfiehlt Benutzern, ihre Software auf die neueste Version zu aktualisieren.