ky331
6 Indium

Updates 3/8/16 - "Trifecta Tuesday"

DISCLAIMER:  This thread is currently "under construction", and will be edited for the remainder of today.   Please excuse any blank spaces or crossed-out "placeholders" for items expected to be announced.

Today is Microsoft Tuesday --- the SECOND Tuesday of the month --- on which Microsoft is expected to release its monthly cycle of Windows critical/security updates.   Based on previous history, they should become available at 1 P.M. [USA - Eastern Standard Time]

Please use Windows/Automatic Updates to determine which updates are applicable to your particular system.

------------------------------

Adobe has announced an "out-of-cycle" security update for Reader;

and Mozilla should be releasing the latest Firefox

... making today "Trifecta" Tuesday

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
6 Replies
ky331
6 Indium

RE: Updates 3/8/16 - "Trifecta Tuesday"

Adobe has released "out-of-cycle" security updates for Adobe Acrobat and Reader, for Windows.  

These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system:

 

 

Adobe Reader XI, sequential update (starting from Windows 11.0.14 version) to 11.0.15

https://www.adobe.com/support/downloads/detail.jsp?ftpID=6042 

=========================

Remark:   For people using Reader DC (Document Cloud), or other Reader versions for Windows, you can locate your appropriate update here:  https://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows

 

For people using Acrobat  for Windows, you can locate your appropriate update here:  http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows

============

Documentation has been released as https://helpx.adobe.com/security/products/acrobat/apsb16-09.html

and https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotes/11/11.0.15.html

=============

Reminder:   Adobe Acrobat X [10] and Adobe Reader X [10] are no longer supported; end-of-life was 11/15/15.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
6 Indium

RE: Updates 3/8/16 - "Trifecta Tuesday"

Firefox 45.0 ( https://www.mozilla.org/en-US/firefox/45.0/releasenotes/ )

New

  • Instant browser tab sharing through Hello

  • Tabs synced via Firefox Accounts from other devices are now shown in dropdown area of Awesome Bar when searching

  • Synced Tabs button in button bar

  • Introduce a new preference (network.dns.blockDotOnion) to allow blocking .onion at the DNS level

  • Guarani [gn] locale added

Fixed

  • URLs containing a Unicode-format Internationalized Domain Name (IDN) are now properly redirected

  • Various security fixes

Changed

HTML5

unresolved

  • On-screen keyboard support was temporarily turned off for Windows 8 and Windows 8.1

===================

Now available via the program's internal updater:    Help / About Firefox

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
6 Indium

RE: Updates 3/8/16 - "Trifecta Tuesday"

WARNING:  The link for this separate download of the MSRT is now pre-checking a box to also download "MSN default homepage & Bing default search engine".    Be sure to uncheck this, unless you really want it!

 

Malicious Software Removal Tool (MSRT, MRT) for March, version 5.34

http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx 

Reminder:   Users who are paranoid about the remote possibility of a FP can opt to run this tool from a Command Prompt, appending a   /N   parameter [for "detect only" mode].

=========================================================

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
6 Indium

RE: Updates 3/8/16 - "Trifecta Tuesday"

Fixed in Firefox 45  ( https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox...

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
6 Indium

RE: Updates 3/8/16 - "Trifecta Tuesday"

from https://technet.microsoft.com/library/security/ms16-mar

The following 5 updates are rated CRITICAL:

MS16-023 Cumulative Security Update for Internet Explorer (3142015)

MS16-024   Cumulative Security Update for Microsoft Edge (3142019)

           

MS16-026 Security Update for Graphic Fonts to Address Remote Code Execution (3143148)                  

MS16-027 Security Update for Windows Media to Address Remote Code Execution (3143146)                  

MS16-028 Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3143081)                  

=================================

The following 8 updates are rated IMPORTANT:

MS16-025 Security Update for Windows Library Loading to Address Remote Code Execution (3140709)       

MS16-029 Security Update for Microsoft Office to Address Remote Code Execution (3141806)                  

MS16-030 Security Update for Windows OLE to Address Remote Code Execution (3143136)                  

MS16-031 Security Update for Microsoft Windows to Address Elevation of Privilege (3140410)                  

MS16-032 Security Update for Secondary Logon to Address Elevation of Privilege (3143141)                  

MS16-033 Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege (3143142)

MS16-034 Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145)

MS16-035 Security Update for .NET Framework to Address Security Feature Bypass (3141780)                  

 

 

 

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
6 Indium

RE: Updates 3/8/16 - "Trifecta Tuesday"

This month's MSRT (cited above) added detection/removal of

Win32/Fynloski [aka DarkComet] - a remote access tool (RAT) that allows attackers to take control of your PC to perform various specific functions, such as record your information or download other malware.

and 

Win32/VonteeraAn adware program [that] displays ads as you browse the web.

EDIT:   For additional information, see https://blogs.technet.microsoft.com/mmpc/2016/03/09/msrt-march-2016-vonteera/

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos