Microsoft Security Bulletin Release for November, 2015

[Petrovic]

Microsoft released twelve (12) bulletins. Four (4) bulletins are identified as Critical and the remaining eight (8 ) are rated Important in severity.

The updates address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Office Services and Web Apps, Microsoft, Skype for Business, Microsoft .NET Framework, Microsoft Edge and Internet Explorer.

Details about the CVEs can be found in the below-referenced TechNet Security Bulletin. Watch for the November 2015 "monthly patch review" by Dustin Childs picking up where MSRC has left us hanging. The review can be found on the HP Security Research blog.

Critical:

• MS15-112 -- Cumulative Security Update for Internet Explorer (3104517)
• MS15-113 -- Cumulative Security Update for Microsoft Edge (3104519)
• MS15-114 -- Security Update for Windows Journal to Address Remote Code Execution (3100213)
• MS15-115 -- Security Update for Microsoft Windows to Address Remote Code Execution (3105864)

Important:

• MS15-116 -- Security Update for Microsoft Office to Address Remote Code Execution (3104540)
• MS15-117 -- Security Update for NDIS to Address Elevation of Privilege (3101722)
• MS15-118 -- Security Update for .NET Framework to Address Elevation of Privilege (3104507)
• MS15-119 -- Security Update for Winsock to Address Elevation of Privilege (3104521)
• MS15-120 -- Security Update for IPSec to Address Denial of Service (3102939)
• MS15-121 -- Security Update for Schannel to Address Spoofing (3081320)
• MS15-122 -- Security Update for Kerberos to Address Security Feature Bypass (3105256)
• MS15-123 -- Security Update for Skype for Business and Microsoft Lync to Address Information Disclosure (3105872)

Additional Update Notes

• MSRT -- Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. The updated version includes detection for the the following ransomware families: Crowti, Critroni, Teerac and Tescrypt . Details are available in the MMPC Blog Post.
• Windows 8.x and Windows 10 -- Non-security new features and improvements for Windows 8.1 and Windows 10 are included with the updates.

Source

[Skunk1966]

in Windows 7 & 8/8.1 do not install KB3107998

it's believed to be another data collection update

"Remove Lenovo USB Blocker version 1.0.0.37 to avoid a system crash

This article describes a problem that occurs after you install October 2015 security update for Windows Kernel (3088195) on a Windows-based computer.

...Lenovo has confirmed that this is a problem in the Lenovo USB Blocker application version 1.0.0.37. Please contact Lenovo to fix this problem...

This problem occurs because Lenovo USB Blocker version 1.0.0.37 has a bug that's exposed by Security Update 3088195..."
https://support.microsoft.com/en-us/kb/3107998

KB3088195 (Microsoft Claims it's a security update but also has a key logger on the Kernel Level)

I don't have a Lenovo, but if I did, I might be a bit upset to find that the USB security software installed was removed without my knowledge by Microsoft KB3107998.

If it is a corporate computer that would be a security violation that would show up in a standard daily/nightly/weekly Security scan, which could then trigger a reinstall of the Lenovo USB blocker software, which would set me up for a future crash!

Not cool Microsoft!

USB - Port Locker (How to / What is it used for)
https://forums.lenovo.com/t5/Lenovo...Locker-How-to-What-is-it-used-for/ta-p/473137

If you have a good isolated support environment for corporate PC's, KB3107998 won't make it through the vetting done before the patch reaches desktops, but it will open up USB ports - remove security - on personal Lenovo laptops not under the corporate Windows image control.

Updates to hide to prevent Windows 10 Upgrade / Disable Telemetry