Jump to content
Free PC Help Forum
Logging In to Free PC Help Forum Has Changed

Microsoft Support & Discussions

Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also. 

84,882 topics in this forum

  1. Guest Simon Sage

    This Sims 4 coming to Mac next month

    by Guest Simon Sage
    • 0 replies
    • 44 views

    The classic life simulation game, The Sims, is bringing its latest iteration to Mac in February. The Sims 4 introduces a revamped graphics engine, new emotion-based gameplay, and a ton of interaction combinations. For those unfamiliar, players in The Sims guide their own custom-built people through the various trials of life, including professional, social, and romantic. Certain needs, like hygiene and fun, need to be addressed to keep your sims in a good mood. Over time, you build a home, career, and family. If you've already bought the PC version, you should still be able to play on Mac in February through Origin. Currently The Sims 4 goes for $59.99, or you can dr…

    Guest
    Last reply by Guest,
  2. Guest Microsoft Security

    MS14-077 - Important: Vulnerability in Active Directory Federation Services Could Allow...

    by Guest Microsoft Security
    • 0 replies
    • 48 views

    Severity Rating: Important Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Active Directory Federation Services (AD FS). The vulnerability could allow information disclosure if a user leaves their browser open after logging off from an application, and an attacker reopens the application in the browser immediately after the user has logged off. Continue reading...

    Guest
    Last reply by Guest,
  3. Guest Microsoft Security

    MS14-078 - Moderate: Vulnerability in IME (Japanese) Could Allow Elevation of Privilege...

    by Guest Microsoft Security
    • 0 replies
    • 56 views

    Severity Rating: Moderate Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Input Method Editor (IME) (Japanese). The vulnerability could allow sandbox escape based on the application sandbox policy on a system where an affected version of the Microsoft IME (Japanese) is installed. An attacker who successfully exploited this vulnerability could escape the sandbox of a vulnerable application and gain access to the affected system with logged-in user rights. If the affected system is logged in with administrative rights, an attacker could then install programs; view, change o…

    Guest
    Last reply by Guest,
  4. Guest Microsoft Security

    MS14-079 - Moderate: Vulnerability in Kernel-Mode Driver Could Allow Denial of Service...

    by Guest Microsoft Security
    • 0 replies
    • 48 views

    Severity Rating: Moderate Revision Note: V1.0 (November 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker places a specially crafted TrueType font on a network share and a user subsequently navigates there in Windows Explorer. In a web-based attack scenario, an attacker could host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnera…

    Guest
    Last reply by Guest,
  5. Guest Microsoft Security

    MS14-060 - Important: Vulnerability in Windows OLE Could Allow Remote Code Execution...

    by Guest Microsoft Security
    • 0 replies
    • 54 views

    Severity Rating: Important Revision Note: V1.1 (October 16, 2014): Corrected Updates Replaced entries in the Affected Software table for Windows 7 and Windows 2008 R2. This is an informational change only. Customers who have already successfully installed the update do not have to take any action. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is log…

    Guest
    Last reply by Guest,
  6. Guest Microsoft Security

    MS14-042 - Moderate: Vulnerability in Microsoft Service Bus Could Allow Denial of Service...

    by Guest Microsoft Security
    • 0 replies
    • 44 views

    Severity Rating: Moderate Revision Note: V2.0 (October 14, 2014): Bulletin rereleased to announce the offering of the security update via Microsoft Update, in addition to the Download-Center-only option that was provided when this bulletin was originally released. Summary: This security update resolves one publicly disclosed vulnerability in Microsoft Service Bus for Windows Server. The vulnerability could allow denial of service if a remote authenticated attacker creates and runs a program that sends a sequence of specially crafted Advanced Message Queuing Protocol (AMQP) messages to the target system. Microsoft Service Bus for Windows Server is not shipped with any Mi…

    Guest
    Last reply by Guest,
  7. Guest Dustin C. Childs

    Advance Notification Service for the September 2014 Security Bulletin Release

    by Guest Dustin C. Childs
    • 0 replies
    • 59 views

    Today, we provide advance notification for the release of four Security Bulletins. One of these updates is rated Critical and three are rated as Important in severity. These updates are for Microsoft Windows, Internet Explorer, .NET Framework and Lync. As a reminder, we are now using a new format for our Security Bulletin Webcast, scheduled on Wednesday, September 10, at 11 a.m. PDT. You are no longer required to register, download the Live Meeting client, or dial in to a separate number. A link to the Webcast will be included in our blog next Tuesday. As per our usual process, we’ve scheduled the Security Bulletin release for the second Tuesday of the month, Septem…

    Guest
    Last reply by Guest,
  8. Guest MSRC Team

    Security Bulletin MS14-045 rereleased

    by Guest MSRC Team
    • 0 replies
    • 49 views

    Every month for many years, we’ve released a number of updates focused on the continuous improvement of customers’ experiences with our technology. Historically, these updates happened at different times during the month, with the security-specific ones occurring on the second Tuesday of each month. Recently, to further streamline, we decided to include more of our non-security updates together with our security updates and begin the global release to customers on the second Tuesday of each month. This month we had our first roll out with additional non-security updates. A small number of customers experienced problems with a few of the updates. As soon as we became aw…

    Guest
    Last reply by Guest,
  9. Guest Dustin C. Childs

    August 2014 Security Bulletin Webcast and Q&A

    by Guest Dustin C. Childs
    • 0 replies
    • 54 views

    Today, we published the August 2014 Security Bulletin webcast questions and answers page along with the webcast replay. We answered ten questions on air, with the majority focusing on the update for Internet Explorer. Here is the video replay: We are aware of some issues related to the recent updates and are working on a fix. For more information please read KB 2982791. We invite you to join us for the next scheduled webcast on Wednesday, September 10, 2014, at 11 a.m. PDT (UTC -7), when we will go into detail about the September 2014 bulletin release and answer your bulletin deployment questions live on air. There’s no longer a need to register before this eve…

    Guest
    Last reply by Guest,
  10. Guest Dustin C. Childs

    August 2014 Security Updates

    by Guest Dustin C. Childs
    • 0 replies
    • 48 views

    Today, as part of Update Tuesday, we released nine security updates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures (CVEs) in SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize their deployment planning, we recommend focusing on the Critical updates first. Here’s an overview slide and video of the security updates released today: Click to enlarge Microsoft also revised Security Advisory 2755801: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer. For more information about …

    Guest
    Last reply by Guest,
  11. Guest Dustin C. Childs

    Advance Notification Service for the August 2014 Security Bulletin Release

    by Guest Dustin C. Childs
    • 0 replies
    • 56 views

    Today, we provide advance notification for the release of nine Security Bulletins. Two of these are rated Critical, and the remaining seven are rated Important in severity. These Updates are for SQL Server, SharePoint, OneNote, .NET, Microsoft Windows, and Internet Explorer. As per our usual process, we’ve scheduled the Security Bulletin release for the second Tuesday of the month, August 12, 2014, at approximately 10 a.m. PDT. Revisit this blog then for analysis of the relative impact, as well as deployment guidance, together with a brief video overview of the month’s Updates. We will also plan to have our Security Bulletin Webcast, scheduled on Wednesday, August 1…

    Guest
    Last reply by Guest,
  12. Guest Microsoft Security

    MS14-062 - Important: Vulnerability in Message Queuing Service Could Allow Elevation of...

    by Guest Microsoft Security
    • 0 replies
    • 53 views

    Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted input/output control (IOCTL) request to the Message Queuing service. Successful exploitation of this vulnerability could lead to full access of the affected system. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually enable the Message Queuing component are l…

    Guest
    Last reply by Guest,
  13. Guest Microsoft Security

    MS14-063 - Important: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of...

    by Guest Microsoft Security
    • 0 replies
    • 57 views

    Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32 disk partitions. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges. Continue reading...

    Guest
    Last reply by Guest,
  14. Guest Microsoft Security

    MS14-061 - Important: Vulnerability in Microsoft Word and Office Web Apps Could Allow...

    by Guest Microsoft Security
    • 0 replies
    • 62 views

    Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on…

    Guest
    Last reply by Guest,
  15. Guest Microsoft Security

    MS14-056 - Critical: Cumulative Security Update for Internet Explorer (2987107) - Version: 1.0

    by Guest Microsoft Security
    • 0 replies
    • 60 views

    Severity Rating: Critical Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Continue reading...

    Guest
    Last reply by Guest,
  16. Guest Microsoft Security

    MS14-058 - Critical: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code...

    by Guest Microsoft Security
    • 0 replies
    • 53 views

    Severity Rating: Critical Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: Continue reading...

    Guest
    Last reply by Guest,
  17. Guest Microsoft Security

    MS14-059 - Important: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass...

    by Guest Microsoft Security
    • 0 replies
    • 51 views

    Severity Rating: Important Revision Note: V1.0 (October 14, 2014): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in ASP.NET MVC. The vulnerability could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to visit a webpage that contains specially crafted content designed to exploit the vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through a web browser, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that a…

    Guest
    Last reply by Guest,
  18. Guest Microsoft Security

    MS14-030 - Important: Vulnerability in Remote Desktop Could Allow Tampering (2969259) -...

    by Guest Microsoft Security
    • 0 replies
    • 54 views

    Severity Rating: Important Revision Note: V1.3 (October 2, 2014): Bulletin revised to clarify the conditions under which Windows 7 editions are affected. See the Update FAQ for more information. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow tampering if an attacker gains access to the same network segment as the targeted system during an active RDP session, and then sends specially crafted RDP packets to the targeted system. Continue reading...

    Guest
    Last reply by Guest,
  19. Guest Microsoft Security

    MS14-009 - Important: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege...

    by Guest Microsoft Security
    • 0 replies
    • 54 views

    Severity Rating: Important Revision Note: V1.3 (September 24, 2014): Bulletin revised to correct a missing Server Core installation entry in the Affected Software table for Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (2898855). This is an informational change only. Customers running this affected software on Server Core installations who have already applied the 2898855 update do not need to take any action. Customers running this affected software on Server Core installations who have not already installed the update should do so to be protected from the vulnerabilities addressed in this bulletin. Summary: Th…

    Guest
    Last reply by Guest,
  20. Guest Microsoft Security

    MS14-049 - Important: Vulnerability in Windows Installer Service Could Allow Elevation of...

    by Guest Microsoft Security
    • 0 replies
    • 56 views

    Severity Rating: Important Revision Note: V1.2 (September 24, 2014): Bulletin revised to change Known issues entry in the Knowledge Base Article section from None to Yes. Summary: This security update resolves a privately disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application that attempts to repair a previously-installed application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Continue reading...

    Guest
    Last reply by Guest,
  21. Guest Microsoft Security

    MS14-055 - Important: Vulnerabilities in Microsoft Lync Server Could Allow Denial of...

    by Guest Microsoft Security
    • 0 replies
    • 47 views

    Severity Rating: Important Revision Note: V3.0 (September 23, 2014): Bulletin rereleased to announce the reoffering of the 2982385 security update file (server.msp) for Microsoft Lync Server 2010. See the Update FAQ for details. Summary: This security update resolves three privately reported vulnerabilities in Microsoft Lync Server. The most severe of these vulnerabilities could allow information disclosure if user clicks on a specially crafted URL. In all cases, however, an attacker would have to convince users to click on the specially crafted URL, typically by getting them to click the URL in an email message or in an Instant Messenger request. Continue reading...

    Guest
    Last reply by Guest,
  22. Guest Chris Betz

    General Availability for Enhanced Mitigation Experience Toolkit (EMET) 5.0

    by Guest Chris Betz
    • 0 replies
    • 59 views

    Today, we are excited to announce the general availability of Enhanced Mitigation Experience Toolkit (EMET) 5.0. EMET is a free tool, designed to help customers with their defense in depth strategies against cyberattacks, by helping block and terminate the most common techniques adversaries might use in comprising systems. EMET 5.0 further helps to protect with two new mitigations, and with new capabilities giving customers additional flexibility on their deployments. EMET helps to protect systems, even before new and undiscovered threats are formally addressed by security updates and antimalware software. This is what some customers have said about EMET: "EMET i…

    Guest
    Last reply by Guest,
  23. Guest Dustin C. Childs

    July 2014 Security Bulletin Webcast and Q&A

    by Guest Dustin C. Childs
    • 0 replies
    • 55 views

    Today we published the July 2014 Security Bulletin webcast questions and answers page along with the webcast replay. We answered eight questions on air, with the majority focusing on the update for Internet Explorer. The transcript also includes a question we did not have time to answer on the air. Here is the video replay: We invite you to join us for the next scheduled webcast on Wednesday, August 13, 2014, at 11 a.m. PDT (UTC -7), when we will go into detail about the August bulletin release and answer your bulletin deployment questions live on the air. There’s no longer a need to register before this event to attend. You can find details on how to view the web…

    Guest
    Last reply by Guest,
  24. Guest Dustin C. Childs

    Security Advisory 2982792 released, Certificate Trust List updated

    by Guest Dustin C. Childs
    • 0 replies
    • 52 views

    Today, we are updating the Certificate Trust List (CTL) for all supported releases of Microsoft Windows to remove the trust of mis-issued third-party digital certificates. These certificates could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties. With this update, most customers will be automatically protected against this issue and will not need to take any action. If you do not have automatic updates enabled, or if you are on Windows Server 2003, please see the Security Advisory 2982792 for recommended actions. Additionally, the Enhanced Mitigation Experience Toolkit (EMET) 4.1, and newer versions, help to mitigate man…

    Guest
    Last reply by Guest,
  25. Guest Dustin C. Childs

    July 2014 Security Bulletin Release

    by Guest Dustin C. Childs
    • 0 replies
    • 47 views

    Many around the globe have been following the 2014 FIFA World Cup Brazil™ closely. Regardless of which country you are supporting, many folks have been impressed by the defensive display put on by keeper Tim Howard in a loss against Belgium. It was a great performance highlighting a strong defense – always a good thing to have, be it on the pitch or on your system. This month’s release includes six new security bulletins, addressing 29 Common Vulnerability and Exposures (CVEs) in Microsoft Windows and Internet Explorer. Two of these security bulletins are rated Critical, three are rated Important, and one rated Moderate in severity. As always, we encourage you to apply…

    Guest
    Last reply by Guest,
×
×
  • Create New...