Microsoft will deliver an out-of-band security update today after the update was held back from last week’s Patch Tuesday cycle.
In its advance security notification for update MS14-068, the update will address a critical elevation of privilege vulnerability. The update will affect multiple versions of Windows Server and Windows.
Microsoft had its highest Patch Tuesday security patch count of the year this month with 14 updates. There were originally 16 updates scheduled for release, but the company pulled two at the last minute. This update is one of two held back during last week’s Patch Tuesday cycle.
The second pulled update, MS14-075, addresses vulnerabilities in Exchange Server. The update was pulled because of issues with Exchange Server 2013′s Installer package, which could corrupt Outlook Web App Files upon installation, the company said in a blog post. Microsoft has given no specific date on when admins can expect to see this update, although it set December for the update’s tentative release.
Patch MS14-066 also saw problems of its own: users are reporting TLS errors after patching.
What do you think of Microsoft’s pulled security updates? Did the pulled updates affect your organization? Let us know in the comments below or on Twitter @SearchWinServer.
Microsoft will release its largest batch of security fixes in over three years for November’s upcoming Patch Tuesday.
The company’s advance notification contains 16 bulletins, the most in a month since June 2011. This cycle will see five critical updates, four of which address Remote Code Execution (RCE) issues in Windows and Internet Explorer. Bulletins 1 and 3 will affect all versions of Windows, and Bulletin 2 will cover all versions of Internet Explorer from IE 6 and up. Windows Technical Preview and Windows Server Technical Preview are also affected by Bulletins 1, 2 and 4.
November will also have nine important updates affecting Office, Windows, .NET, Server Software and Exchange, as well as two moderate bulletins impacting Windows and Office.
The important updates mostly address mainly elevation of privilege issues, but also security feature bypass and information disclosure problems. The two moderate bulletins address an elevation of privilege vulnerability in Windows and Office, as well as a denial of service issue in Windows.
What do you think about this month’s Patch Tuesday updates? Let us know in the comments or on Twitter @SearchWinServer.
In this monthly feature, we round up the most popular content on SearchWindowsServer.com from the previous month and share it with you.
Readers kept up with the latest Windows Server news in October and read about developments coming up for Windows Server and Azure while recapping Patch Tuesday security updates.
What’s new in the latest Windows Server preview?
Although it doesn’t yet have an official name, admins have the chance to take a peek at the upcoming version of Windows Server. This version has an anticipated release date for late 2015 and has plans to boost some features while deprecating others.
Zero-day vulnerabilities receive fixes in October Patch Tuesday
The latest batch of Patch Tuesday security updates including critical fixes for three zero-day vulnerabilities and five important fixes. One of the important fixes addressed a vulnerability attributed to an alleged Russian cyber espionage campaign.
Microsoft tries cloud in the box with Azure and Dell
Azure continues to be in the spotlight as Microsoft continues to attempt to sweeten the deal for enterprises make the move to the cloud. This time, the company is including new additions to deliver Windows Server, Azure and System Center on Dell servers.
Microsoft pushing Windows, Linux closer together
Docker container apps will receive support from the upcoming version of Windows Server. The move has led some analysts to say that developers now have more influence than ever on the development priorities for companies such as Microsoft.
What comes after Windows Server 2003?
Windows Server 2003 will reach its end-of-life stage in July 2015, leaving the estimated 12 million organizations with a number of complications and complexities to be addressed.
What Windows Server content was most helpful to you last month? Was it something we didn’t include in our list? Let us know in the comments or on Twitter @SearchWinServer.
Mark your calendars, Windows Server admins — Ignite is coming.
In a blog post that went live today, Microsoft said the official name of its new conference is Microsoft Ignite. The conference is scheduled to take place May 4-8, 2015 in Chicago, Illinois, and CEO Satya Nadella will be the event’s keynote speaker.
Ignite, which Microsoft first discussed earlier this year, is a combination of the company’s previous Management Summit events as well as its Exchange, Lync, Project, SharePoint and TechEd conferences.
The move to consolidate the conferences into one large event ignited some debate among experts about how effective the new format will be for attendee learning experiences. As a potential response to some of that debate, the company said it is making it a priority to “give attendees direct access to hundreds of Microsoft engineers and executives” at Ignite.
The blog post also detailed other conferences scheduled for 2015, including Convergence, Build and the Worldwide Partner Conference.
What do you think of Microsoft’s move to create the Ignite conference? Let us know in the comments below or on Twitter @SearchWinServer.
Microsoft will release a number of security treats in this month’s Patch Tuesday updates to prevent systems from falling victim to security tricks.
In its advance notification bulletin, the company said there will be nine security updates released next Tuesday. Three bulletins are marked as critical, one bulletin is moderate and five bulletins are important.
The three critical updates address remote code execution vulnerabilities. Multiple versions of Internet Explorer and Windows will be affected.
The lone moderate update addresses an elevation of privilege bulletin in several versions of Windows and Microsoft Office.
The five important bulletins address remote code execution, elevation of privilege and security feature bypass vulnerabilities. Multiple versions of Windows, Office, Office Web Apps and Developer Tools will be affected.
The number of this month’s Patch Tuesday security updates is a significant increase from last month’s round of updates. There were four security updates to address 42 vulnerabilities with just one critical fix for IE.
What do you think of this month’s Patch Tuesday security updates? Let us know in the comments or on Twitter @SearchWinServer.
In our monthly feature, we round up the most popular content on the site from the previous month and share it with you.
For September, Windows Server admins were most interested in Windows Server 2012 security, the latest Patch Tuesday updates and new developments in Microsoft Certifications.
Obstacles to Windows Server 2012, 2012 R2 security
The newest versions of Windows Server are supposed to be the most secure versions ever released, but even these servers can be sitting ducks for attacks in your network — and the reason why is surprising.
Patch Tuesday includes one critical, three important updates
There was only one critical fix in this round of Patch Tuesday security updates, but one of the important updates could be crucial for organizations that enable ASP.NET and IIS on a supported version of Windows.
Get to know five of Windows Server 2012 R2′s superpowered features
The latest iteration of Windows Server is supposed to help businesses create apps and manage domains with its features. This photo story breaks down some of these enterprise-ready features..
Use Operations Manager for Linux monitoring
In one of the sessions at this year’s IT/Dev Connections conference, a technology consultant went into detail about how including Linux monitoring in System Center could bridge some infrastructure gaps.
MCSA certification changes may make IT pros feel nostalgic
Windows Server admins may get a déjà vu feeling when they look at the requirements for two Microsoft certifications. As electives make a comeback, the MCSA curriculum continues to open up for IT pros.
What content was most helpful to you last month? Was it something we didn’t include in our list? Let us know in the comments or on Twitter @SearchWinServer.
Windows Server admins can expect September to be a light month of Patch Tuesday security updates.
In its advance security notification, Microsoft outlined four security bulletins to be released next week. There is only one critical bulletin, and the other three are important.
The month’s lone critical bulletin addresses a remote code execution vulnerability. Multiple versions of Windows and Internet Explorer will be affected.
The three important bulletins address denial of service and elevation of privilege vulnerabilities. Multiple versions of Windows Server and Microsoft Lync will be affected.
There are noticeably fewer security updates this month than compared to August. Microsoft released nine bulletins in the last Patch Tuesday cycle, including a critical patch for multiple versions of IE. Microsoft also gave all supported IE versions a whitelisting functionality.
What do you think about this month’s Patch Tuesday updates? Let us know in the comments or on Twitter @SearchWinServer.
For our monthly feature, we round up the most popular stories with our readers from the previous month and share it with you.
In August, Windows Server admins were most interest in the latest Patch Tuesday updates, what’s new with features in Windows Server and a look at the latest changes in Microsoft Azure.
A breakdown of August’s Patch Tuesday updates
The latest round of Patch Tuesday updates included nine security bulletins, one of which is a high priority patch for Internet Explorer. Updates addressed vulnerabilities for a number of programs, including the Media Center, SQL Server, kernel-mode drivers and SharePoint.
Why you should know Windows Azure Pack
As Microsoft continues its push for the cloud, new options continue to appear as the company attempts to nudge companies toward the cloud. One such option is Windows Azure Pack, which can give organizations a private cloud option with some of the benefits of a public cloud.
A closer look at Windows Server 2012 R2 Hyper-V
When Microsoft released Windows Server 2012 R2, Hyper-V included a number of changes that make it a solid contender in the hypervisor market. Admins should take a look at some of these changes to learn more about the advantages of running Windows Server 2012 R2 Hyper-V.
How Invocation IDs and USNs fit in to Active Directory
Syncing Active Directory can be a difficult task and involves a delicate balance involving domain controllers. Windows Server admins have some help when it comes to tracking their Active Directory state thanks to these two important elements.
What Azure File Service can offer organizations
If your organization wants SMB access in the cloud, you have options. It’s possible to do this with Microsoft Azure File Service, which can access SMB shares in the Azure service without first needing to take additional steps with Windows Server VMs or networking.
What was most helpful to you last month? Was it something we didn’t include in our list? Let us know in the comments below or on Twitter @SearchWinServer.
Admins will have their hands full applying updates in this month’s round of Patch Tuesday updates.
In its advance security notification, Microsoft released nine bulletins for this month’s security updates. Two of the updates are critical and seven are important.
Both critical bulletins address remote code execution vulnerabilities. Multiple versions of Internet Explorer and Windows will be affected.
The seven important bulletins address remote code execution, elevation of privilege and security bypass feature vulnerabilities. Software in Microsoft Office and SharePoint will be affected, as will multiple versions of SQL Server, Windows and .NET Framework.
This round of Patch Tuesday updates includes one of the highest bulletin counts Windows Server admins have seen this year. Including this month’s upcoming security updates, 2014 has included 51 bulletins, down from last year’s 66 bulletins at the same time.
What do you think of the latest Patch Tuesday updates? Let us know in the comments or on Twitter @SearchWinServer.
In our monthly recap, we round up the most popular content from the previous month and share it with you.
For July, our readers were interested in learning more about add-ons for IT management, analysis of Microsoft Azure and the latest Patch Tuesday security updates.
A look at two new SCCM add-ons
Although small shops are a good fit for System Center Configuration Manager, but larger enterprises with a more complex environment may have to spring for third-party add-ons to have their needs met.
Azure may help Microsoft cloud storage go skyward
Microsoft’s plans to debut a number of server-level and cloud products at its Worldwide Partners Conference left some IT pros questioning if the company was too aggressive in its Azure approach.
Disk optimization in Windows Server 2012 R2
Learning how to optimizing performance, such as being aware of workloads and using RAID properly, can help organizations ease how they optimize disks in Windows Server 2012 R2.
Latest Patch Tuesday updates include fixes for IE, Service Bus
In July’s batch of Patch Tuesday security updates, Microsoft released six fixes, including critical fixes for Internet Explorer and Windows Journal.
Making the most of PowerShell cmdlets in Microsoft Azure
As Windows Server admins begin to realize that PowerShell can be a valuable tool in Microsoft Azure, they can learn more about how PowerShell can closely integrate with Azure’s Automation Service and how to remotely manage an Azure VM’s OS resources.
What content was most helpful for you last month? Was it something we didn’t include in the list? Let us know in the comments or on Twitter @SearchWinServer.