Microsoft Security Bulletin Minor Revisions

["Microsoft" <securitynotifications () e-mail microsoft com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Bulletin & Bulletin Summary 
Minor Revisions
Issued: December 19, 2014
********************************************************************

Summary
=======
The following bulletins and bulletin summary have undergone a minor
revision increment. 

Please see the appropriate bulletin or bulletin summary for more
details.

  * MS14-051 - Critical
  * MS14-052 - Critical
  * MS14-076 - Important
  * MS14-AUG
  * MS14-NOV
 

Bulletin Information:
=====================

MS14-051 - Critical 

 - Title: Cumulative Security Update for Internet Explorer
 - https://technet.microsoft.com/library/security/ms14-051
 - Reason for Revision: V1.2 (December 19, 2014): Corrected the 
   severity table and vulnerability information to add CVE-2014-6354
   as a vulnerability addressed by this update. This is an 
   informational change only. Customers who have already 
   successfully installed the update do not have to take any action.
 - Originally posted: August 12, 2014
 - Updated: December 19, 2014
 - Bulletin Severity Rating: Critical
 - Version: 1.2

MS14-052 - Critical

 - Title: Cumulative Security Update for Internet Explorer
 - https://technet.microsoft.com/library/security/ms14-052
 - Reason for Revision: V1.1 (December 19, 2014): Revised bulletin 
   to change Known Issues entry in the Knowledge Base Article section
   from "None" to "Yes". Corrected mitigations and workarounds for
   the Internet Explorer Resource Information Disclosure
   Vulnerability (CVE-2013-7331).
 - Originally posted: September 9, 2014
 - Updated: December 19, 2014
 - Bulletin Severity Rating: Critical
 - Version: 1.1

MS14-076 - Important

 - Title: Vulnerability in Internet Information Services (IIS) Could
   Allow Security Feature Bypass
 - https://technet.microsoft.com/library/security/ms14-076
 - Reason for Revision: V1.1 (December 19, 2014): Bulletin revised
   to include Windows 2012 Server Core installation and Windows 2012
   R2 Server Core installation as affected software.
 - Originally posted: November 11, 2014
 - Updated: December 19, 2014
 - Bulletin Severity Rating: Important
 - Version: 1.1


Bulletin Summary Information:
=============================

MS14-AUG

 - Title: Microsoft Security Bulletin Summary for August 2014
 - https://technet.microsoft.com/en-us/library/security/ms14-aug
 - Reason for Revision: V2.2 (December 19, 2014): For MS14-051, 
   added an Exploitability Assessment in the Exploitability Index for 
   CVE-2014-6354. This is an informational change only.
 - Originally posted: August 12, 2014
 - Updated: December 19, 2014
 - Version: 2.2

MS14-NOV

 - Title: Microsoft Security Bulletin Summary for November 2014
 - https://technet.microsoft.com/library/security/ms14-nov
 - Reason for Revision: V2.1 (December 19, 2014): Bulletin Summary
   revised to include Windows 2012 Server Core installation and 
   Windows 2012 R2 Server Core installation in the Affected 
   Software table for MS14-076.
 - Originally posted: November 11, 2014
 - Updated: December 19, 2014
 - Version: 2.1
 
Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters you’ve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950)
Charset: utf-8

wsFVAwUBVJSYI78Fv/Q6pUnlAQhoNQ//XUkpM4CPjizV3FRvbutQtAfBDfIhY7g+
axJmudsP34rgmxx+k7r5C8BfdRO+THQ2hTel1WU9zqYDcQDFVTM4/0fQKCbJVDO7
HrrNRcx9SlnbxvvzGOg6dR06afq+CmEx0O1QDA9BkAFNKr4jYuiU+Iv38Pr5b27d
UnDaN3sLnAsZPLNczhKetKEBitjz/JtuLwQNGcugj7mf6Jec81dCm7ARvfFv7JO3
luZJnoK2nAS8rlP1sTaqXgkXysyKLrHeGtk2epnQSOZD5sGuXK+4U960Qoo/ttn5
tSxuAQZD+UfCE694ilEAP/MtDcWFv6d0wvr1V2/WQGLHN+tcTmKxoWU8LFSjXpmr
1apTMSofd/zBtFQupRDJq8l+JUkLKyH0AMqF3W9ptvNSJUPaY8qht2IN4+3EFs/h
FujhfsXZ5ElKidVXbRbsRuwKH9PaBV1swfvFbBGSZPM7C1Y6frVZY+Ju68tmbYsG
wDcWop+xVcdjOWqApDHwZ+wavzTaZIZZT1IlcND9O6qnn56nMkkNGnhlxh712mgA
hXxOSFAFvIeK80O0ChSKwPFhZRG7mt3p8yZDJvDCrEo1Gc2YUpf/jfpJLUCGDWRW
N3PKS20/tQkwJBBqWTt1q6su75WaU/A7WtCT3z8r4U83BRhFvEDjgn0iod877tbx
5bzQDUpGqNk=
=k8QC
-----END PGP SIGNATURE-----