Microsoft Security Bulletin Releases

["Microsoft" <securitynotifications () e-mail microsoft com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Bulletin Releases
Issued: March 16, 2015
********************************************************************

Summary
=======

The following bulletins have undergone a major revision increment. 

  * MS15-025 - Important
  * MS15-027 - Important


Bulletin Information:
=====================

MS15-025 - Important

 - Title: Vulnerabilities in Windows Kernel Could Allow Elevation of
   Privilege (3038680) 
 - https://technet.microsoft.com/library/security/ms15-025
 - Reason for Revision: V2.0 (March 16, 2015): To address a packaging
   issue for customers who are repeatedly reoffered security update 
   3033395 when installed on systems running supported editions of 
   Windows Server 2003, Microsoft released update 3033395-v2 for all 
   supported editions of Windows Server 2003. Customers who have not 
   already installed the 3033395 update should install update 
   3033395-v2 to be fully protected from this vulnerability. To 
   avoid the possibility of future detection logic problems, Microsoft
   recommends that customers running Windows Server 2003 who have 
   already successfully installed the 3033395 update also apply update 
   3033395-v2 even though they are already protected from this 
   vulnerability. Customers running other Microsoft operating systems
   are not affected by this rerelease and do not need to take any 
   action. See Microsoft Knowledge Base Article 3033395 for more 
   information. 
 - Originally posted: March 10, 2015
 - Updated: March 16, 2015
 - Bulletin Severity Rating: Important
 - Version: 2.0 
 
 MS15-027 - Important

 - Title: Vulnerability in NETLOGON Could Allow Spoofing (3002657) 
 - https://technet.microsoft.com/library/security/ms15-027
 - Reason for Revision: V2.0 (March 16, 2015): To address a 
   connectivity issue with update 3002657 when installed on 
   supported editions of Windows Server 2003, Microsoft released
   update 3002657-v2 for all supported editions of Windows Server
   2003. Customers who have not already installed the 3002657 update
   should install update 3002657-v2 to be fully protected from this 
   vulnerability. To avoid the possibility of future detection logic
   problems, Microsoft recommends that customers running Windows 
   Server 2003 who have already successfully installed the 3002657 
   update also apply update 3002657-v2 even though they are already 
   protected from this vulnerability. Customers running other 
   Microsoft operating systems are not affected by this rerelease 
   and do not need to take any action. See Microsoft Knowledge Base 
   Article 3002657 for more information. 
 - Originally posted: March 10, 2015
 - Updated: March 16, 2015
 - Bulletin Severity Rating: Important
 - Version: 2.0 

 
Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing 
a Microsoft security update, it is a hoax that may contain 
malware or pointers to malicious websites. Microsoft does 
not distribute security updates via email. 

The Microsoft Security Response Center (MSRC) uses PGP to digitally 
sign all security notifications. However, PGP is not required for 
reading security notifications, reading security bulletins, or 
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters you’ve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950)
Charset: utf-8

wsFVAwUBVQdjxb8Fv/Q6pUnlAQiyCg//ZdeB6ZP+LEoGOAOvhmpqPwSYn27Gzlv8
dvE6tCD/veTvVocLuEk9ycuQaMw+V3SCGt4beVBRG68TqxtmiX5izTTw4a3o5coq
g5/oRuAk8W2lxAuqweb0TRggpW3w9tcOA4PTrmkHxwgQn+CAqweH5Z4GKSEmWLRN
3N8+6AT1GtgSSdUYNtdOiI5Lf9BzcHwHIZhqT9Zd1G+VqYWdFAegkZMMLNF0FFb9
09FwYr4dPKdY2cn5+asLE6z1jQO9jz8iTgqqxeUuXPSJtgz76Ojl8IE16tkJOrVw
aNY7r8rehmpWqcqCGs24HUkESEjoeNR65gw6Mokz1gE9eLO3tWDKhriHQhIdgL17
EFxv8NwBpdQcuLBrgqnsZf0B9YXtvIDdtA2C7FW6+uswj5MppFjuReXW6z0udv/I
3KzkP0YB8LaJgbgwZ/aSkGjpdsS+FeaIWjZquJrsDtWwOKPY9b2raL2fr6gbcrrI
8hN0bStkEqtCoENoFVSN8aRj/YQKBxp7l6Yb07VJsJ7+NG//DVk37cYjFvxQtCAl
LemaXY3IJwDnE0ijfY7gyyA29ek+5Khzqf6a4RUizvPmpXQooeUD4jnWVFqbiKjQ
YhM/jW0U7wiCEtIlJGqK+6e5Z05JdkeJlUBA6D5Is6QO9dQ0C/b6JHuArF6QUE5E
E19tK/fRi7A=
=TdND
-----END PGP SIGNATURE-----