Microsoft: 14 security bulletins; four critical
Two of the four critical vulnerabilities are for Windows operating systems, one affects the Office. The most severely addressed vulnerability in the Office bulletin could allow Remote Code Execution if a user opens a specially crafted Microsoft office file.
“An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user,” Microsoft wrote. “Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.”
The final critical update is for the Edge web browser in Windows 10, The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Two citical updates for Windows released
MS15-056 updated Internet Explorer and fixed 24 vulnerabilities by “preventing browser histories from being accessed by a malicious site,” as well as “adding additional permission validations to Internet Explorer [and] modifying how Internet Explorer handles objects in memory,” the release said, noting that “customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-057 plugged a hole in Windows with which attackers could seize control remotely of a system if Windows Media Player “opens specially crafted media content that is hosted on a malicious website.”
These patches should be installed on all systems and are available from Windows Update. Inaddition to these Microsoft has released six non-critical updates.
Windows 10 releasing on July 29
Microsoft revealed this morning that Windows 10 will be released to customers on July 29, 2015 as part of a free upgrade offer and with new PCs. This date is when the free upgrade promotion for one year begins.
Microsoft has also started deploying a software-based reservation system so that current Windows users can automatically register to receive the free update on their existing PCs.
Starting today users of eligible systems will start seeing an Icon in the taskbar of Windows 7 and * workstations.
We DO NOT recommend anyone who uses their PC for business applications sign up for this program. It is imperative that your business critical applications be tested prior to migrating to Windows 10. If you do reserve your copy now your system will automatically download a 3GB setup at some point prior to July 29.
Microsoft Surface Pro 3: Firmware update available
Surface Pen Settings driver update (v18.104.22.168) enables new functionality and features for the Surface app found in the Windows Store. You can install this update from Windows updates on your Surface.
Office 365: Microsoft extending deleted item retention time
Microsoft has announced that they are extending the period in which it retains deleted emails in Office 365. Currently if you moved an email to the Deleted folder, it will permanently after 30 days. This has now been extended to indefinitely by default and can be set by the Office 365 Administrator. Office 365 Administrators can also create custom retention policies for email if they want the information to truly delete.
Surface Pro 3 $100 off at the Microsoft Store
Until the end of the Month you can save $100 on the Surface pro 3 from Microsoft. This is a very popular device that makes even most Ultrabooks feel like a chore to carry around all day.
Source: Microsoft Store
Upgrade to OneNote 2013 on your PC
Many companies and users are still on Office 2010 with no immediate plans to go to Office 2013. This means they are missing out on the improvements made to OneNote 2013. Until recently the free download version of OneNote 2013 was missing several key features. This has been resolved and we are not suggesting users of Office 2010 migrate to OneNote 2013 which can be donwloaded below. Some of the unlocked features include:
- Password protected sections—Add a password to protect sensitive information.
- Page history—Easily see or go back to prior versions of a page.
- Audio and video recording—Take notes while recording, and easily jump to the relevant section later.
- Audio search—Search for a word in a voice or video recording.
- Embedded files—Insert Office documents or other files directly in your notebook.
Source: OneNote Download
Phishing email circulating claiming to be from Microsoft Volume Licensing
A post on the Cisco Managed Threat Defense blog reports Emails that purport to come from the Microsoft Volume Licensing Service Center are circulating
This email will have a custom subject line and will look very similar to a real email from Microsoft. Clients should be very careful when receiving any VLSC emails while this is circulating.
You can now install a “clean” version of windows on a machine purchased through a retailer
If you have purchased a Laptop or Desktop with Windows installed in the last ten years you have probably received this machine with not only Microsoft Windows preinstalled but with a host of other software as well. Usually McAfee, Symantec or other Antivirus trials and any number of obscure or well known type software you probably never use.
New PC users either spent the first two hours with their new machine uninstalling this unwanted software or they simply leave it there in many cases using resources that are better utilized by software they are using.
The reason for this preinstalled software of course is financial. The margins of PCs has been moving steadily down and PC makers (Dell, HP, Acer etc) install this software not as a favor to these software providers but as a source of alternative revenue.
Microsoft has now released the software so that users of retail PCs can download “clean” installation media to allow you to wipe away the original installation and install your retail version of Microsoft Windows. There are some caveats of course. You must have the retail Key and it is not supported for Enterprise licenses. The links to the pages for supported operating systems are below: