Microsoft releases out-of-band security patch for Windows, recommends immediate installation

[Ponting]

Microsoft has announced that they will be pushing an out-of-band security patch today. The patch, which affects nearly all of the company's major platforms, is rated 'critical' and it is recommended that you install the patch immediately.

MS14-068

Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)
This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability.

The patch is rated 'critical' because it allows for elevation of privileges and will require a restart. The platforms that are affected include: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 8 and 8.1, Windows Server 2012 and Windows Server 2012 R2, Windows RT and Windows RT 8.1

The patch will be released at 10 A.M. PST.

Seeing that this is an out-of-band patch and is rated critical, it may mean that the exploit is out in the wild and Microsoft wants to patch it as quickly as possible.You can install the patch using Windows Update

Source: Microsoft

[Matsuda]

:yes:

By other side i have received another update pointed as optional, but it is 723 MB. :o

[anakin206]

By other side i have received another update pointed as optional, but it is 723 MB. :o

Yeap. I got that one too.

[Matsuda]

Here what comes in this update of 723 MB.


This update rollup includes the following new features and improvements:

• Refreshed language packs
• Defence-in-depth security and Schannel hardening
• Support for newer hardware (boot order allowance, SD card improvements, USB debugging)
• Improved Web Services for Devices (WSD) printer support during network switches
• Performance and reliability improvements in clustered virtual machine mission-critical environments
• Improved manageability
• Additional hardware support (devices that have third-party disk encryption software enabled can now be upgraded to Windows 8.1 more easily)
  

This November update rollup also includes all previous updates since our last image update in April 2014. This is a convenient single step to bring Windows clients and servers up to date. Unlike our April update, the November update rollup is not required to be able to continue to receive security or other updates. However, we strongly recommend that you deploy it to Windows clients and servers to benefit from these new features and improvements as well as to prevent many known issues that have been resolved since April. This update is thoroughly tested to the same quality level as our previous service packs. However, unlike service packs, this update does not change the version number and does not deprecate or change any APIs in a manner that would require recertification.

Applies to

• Windows Server 2012 R2 Datacenter
• Windows Server 2012 R2 Standard
• Windows Server 2012 R2 Essentials
• Windows Server 2012 R2 Foundation
• Windows 8.1 Enterprise
• Windows 8.1 Pro
• Windows 8.1
• Windows RT 8.1

http://support.microsoft.com/kb/3000850

[p4psb]

Tried to update this on my Desktop & Laptop (both Win 8.1x64). Both failed and no error message :s

[donkey-girl]

I updated this on my desktop but it only give me problem loading IE and some other programs, guess I will uinstall all again and se if it help..

[SPECTRUM]

The platforms that are affected include: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 8 and 8.1, Windows Server 2012 and Windows Server 2012 R2, Windows RT and Windows RT 8.1 and Windows 10 Technical Preview customers are affected too.

no, Windows 10 is not affected, according to: http://blogs.technet.com/b/msrc/archive/2014/11/18/out-of-band-release-for-security-bulletin-ms14-068.aspx & http://go.microsoft.com/fwlink/?LinkId=518109 & http://support.microsoft.com/kb/3011780

[axis918]

The large optional update failed for me too (win 8.1 x64), did the following (use admin command prompt):

sfc /scannow

then ran update again and it succeeded

[Beamslider]

I downloaded the 700 plus mb standalone update from MS and installed it as the update would not work in windows update.

After installing it and going back to windows update on the computer there was another update with the same KB300850 tag of 11 mb that installed.

[donkey-girl]

Got this from avast forum

https://forum.avast.com/index.php?topic=160717.0

so maybe Avast is the problem here!!!

[Airstream_Bill]

Had no problems with the updates except it took quite awhile for the updates to download and install. Everything running fine.

[dcs18]

Ah, for all the investment in time, energy and bandwidth - it is soon gonna be time (for me - at least) to upgrade to Windows 10. ^_^

[Airstream_Bill]

Ah, for all the investment in time, energy and bandwidth - it is soon gonna be time (for me - at least) to upgrade to Windows 10. ^_^

Darn dcs18 I am just now getting used to Windows 8.1 Ha ha ha. Guess I will be stuck with it for awhile. Cheers!

[p4psb]

Tried to update this on my Desktop & Laptop (both Win 8.1x64). Both failed and no error message :s

Well, this morning switched on my Desktop and after Windows screen but before log in screen, it said installing Windows Updates, and I waited about 20 minutes before reached Windows desktop. Everything was sloooooooooooow, could do nothing. Tried system restore, it said successful, but was stuck on Windows screen. Booted to my rescue disk, and reverted to a very recent backup clone of my disk. So back to normal, but will not be installing this update.

Have run sfc /scannow but it found no problems.

My laptop booted as normal, it was not successful in installing the update :)

[donkey-girl]

I uinstalled all updates from 18.11 and all Works now Again, will wait a while with that big update a week ore two. :)

[212eta]

:wtf: is M$ doing with its Updates?

Almost 1GB every now and then?

[Amigaspace]

A 700MB optional update? This must be a first (about 450MB on 32-bit Windows). It failed on me too but sfc /scannow helped, so you better do it beforehand, although it wouldn't suprise me if a failed installation is required. :P

[Pete 12]

All this "security" is slowing down my machine........

The less the better ,the faster, lost seconds in starting up with this crap, not talking about the diskspace etc.........

I really do hope win10 goes much better in the updating-stuff!

[donkey-girl]

Guess most of these problems comes from Avast, just uinstalled from a friends computer running win 8.1.1 x64 wich have the same sympton and hardly wont load. Now Avast complete uinstalled and all the 18.11 updates installed and system runs smothly and free of problem..

[anakin206]

I had no problems with the updates. Installed on 1 PC and 2 laptops. the three running Eset AV v8.

[donkey-girl]

I had no problems with the updates. Installed on 1 PC and 2 laptops. the three running Eset AV v8.

And I Wrote all problems comes from Avast and seems when uinstalliong Avast you can easely install that big updates, but if installed Avast Again you will get the same problem that several hardly will load..