IE

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (2.0.1.6680)

XML 2.0.1.6680 Last Modified 1/12/2015

Security

– Added MS16-001(Q3124903): Cumulative Security Update for Internet Explorer (3124903)

– Added MS16-003(Q3125540): Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3125540)

– Added MS16-004(Q3124585): Security Update for Microsoft Office to Address Remote Code Execution (3124585)

– Added MS16-005(Q3124584): Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584)

– Added MS16-006(Q3126036): Security Update for Silverlight to Address Remote Code Execution (3126036)

– Added MS16-007(Q3124901): Security Update for Microsoft Windows to Address Remote Code Execution (3124901)

– Added MS16-008(Q3124605): Security Update for Windows Kernel to Address Elevation of Privilege (3124605)

– Added MS16-010(Q3124557): Security Update in Microsoft Exchange Server to Address Spoofing (3124557)

– Added CSWU-018(Q3124904): Cumulative Update for Windows 10: January 12, 2016

– Added APSB16-02(QARDC1501020056): Security Updates Available for Adobe Acrobat and Reader

– Added OPERA-88(QOP340203647): Opera 34.0.2036.47

– Added SW12-23183(QSW1223183): Adobe Shockwave 12.2.3.183

Security Tools

– Added MS16-A01(Q3109853): Microsoft security advisory: Update to improve TLS session resumption interoperability: January 12, 2016

– Added MS16-A02(Q3123479): Microsoft security advisory: Deprecation of SHA-1 hashing algorithm for Microsoft root certificate program: January 12, 2016

** CSWU-018(Q3124904) will not be offered to machines with XenDesktop installed due to a compatibility issue stated in the MS16-007 bulletin notes.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (2.0.1.506)

All Protect customers, Patch 2 has been released for Protect v9.0 and v9.1. The updates include a fix for an upcoming syntax change to CVE-ID. Without this patch you will not be able to update content after the CVE syntax change occurs. For more details on how to download and apply the update for your version of Shavlik Protect please refer to this article: https://community.shavlik.com/docs/DOC-23639.

XML 2.0.1.506 Last Modified 1/20/2015

Security

– Added FILEZ-024(QFILEZ31002): FileZilla 3.10.0.2

Non-Security

– Added TOMCAT-031(QTOMCAT8017): Apache Tomcat 8.0.17

– Added XD710-010(QCTX141773): Hotfix ICAWS750WX64023 – For VDA Core Services 7.1/7.5 for Windows Desktop OS (64-bit)

– Added MSWU-1096(Q2878264): Update for Microsoft Outlook 2010

– Added MSWU-1094(Q3025945): Internet Explorer 9 stops working after you install update 3008923 in Windows

Product

– Added Citrix XenApp Hotfix Rollup Pack 5 (HR5)

Revision

– Modified APSB14-27: Updated detection logic

– Modified APSB15-01: Updated detection logic

– Modified MS12-027(Q2597112): Updated detection logic

– Modified MSWU-846(Q2597087): Updated detection logic

– Modified MSWU-1001(Q2878252): Updated detection logic

– Modified MSWU-1075(Q3006121): Updated detection logic

– Modified WinZip 8.1(SP1): Updated detection logic

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (2.0.1.130)

All Protect customers, Patch 2 has been released for Protect v9.0 and v9.1. The updates include a fix for an upcoming syntax change to CVE-ID. Without this patch you will not be able to update content after the CVE syntax change occurs. For more details on how to download and apply the update for your version of Shavlik Protect please refer to this article: https://community.shavlik.com/docs/DOC-23639.

XML 2.0.1.130 Last Modified 12/18/2014

Security

– Added OPERA-66(QOP250165660): Opera 26.0.1656.60

– Added TORT-017(QTORT1810): Tortoise 1.8.10

Non-Security

– Added MSWU-1088(Q2920738): December 11, 2014 update for Word

– Added MSWU-1089(Q3018232): December 2014 Cumulative Update 5.0.8308.857 for Lync Server 2013 core components

– Added MSWU-1090(Q2953590): Description of the cumulative update for Lync Server 2010, Core Components: April, 2014

– Added MSWU-1091(Q3018885): FIX: You cannot dismiss developer license notifications in Visual Studio 2013 Update 4

– Added MSWU-1092(Q3002339): Unexpected dialog box appears when you open projects in Visual Studio 2012 or Visual Studio 2010 SP1 after you install the .NET Framework 4.5.3

– Added MSWU-1093(Q3025390): Some web application modal dialog boxes don’t work correctly in Internet Explorer 11 after you install update 3008923

Revision

– Updated MS13-100(Q25532989): Updated detection logic

– Updated MSWU-912(Q2863912): Updated detection logic

– Updated MSWU-1022(Q2760319): Updated detection logic

Posted on by shavlikdatateam General, Patch and Bulletin Information, Shavlik Product Announcement, Uncategorized

New Patch Data Available (2.0.0.9458)

All Shavlik Protect 9.0 and 9.1 customers: There is a pending CVE-ID Syntax change coming, Protect updates are available to avoid issues. Read more details here: https://community.shavlik.com/docs/DOC-23639

XML 2.0.0.9458 Last Modified 11/11/2014

Security

– Added MS14-064: Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)

– Added MS14-065: Cumulative Security Update for Internet Explorer (3003057)

– Added MS14-066: Vulnerability in Schannel Could Allow Remote Code Execution (2992611)

– Added MS14-067: Vulnerability in XML Core Services Could Allow Remote Code Execution (2993958)

– Added MS14-069: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)

– Added MS14-070: Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)

– Added MS14-071: Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)

– Added MS14-072: Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)

– Added MS14-073: Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)

– Added MS14-074: Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)

– Added MS14-076: Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass (2982998)

– Added MS14-077: Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3003381)

– Added MS14-078: Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719)

– Added MS14-079: Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (3002885)

– Added APSB14-24(QAF1500223): Security updates available for Adobe Flash Player

– Added CHROME-116(QGC3802125122): Chrome 38.0.2125.122

– Added FF14-016(QFF33105423): Firefox 33.1

– Added MSAF-032(Q3004150): Microsoft Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: November 11, 2014

– Added SW12-14154(QSW1214154): Adobe Shockwave 12.1.4.154

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.8978)

XML 2.0.0.8978 Last Modified 10/14/2014

Product

– Added support for ASP.NET MVC2

– Added support for ASP.NET MVC3

– Added support for ASP.NET MVC4

– Added support for Citrix Virtual Desktop Agent 5.0

– Added support for Citrix Virtual Desktop Agent 5.6

Security

– Added MS14-056: Cumulative Security Update for Internet Explorer (2987107)

– Added MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414)

– Added MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (3000061)

– Added MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942)

– Added MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869)

– Added MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434)

– Added MS14-062: Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254)

– Added MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege (2998579)

– Added APSB14-22(QAF1500189): Security updates available for Adobe Flash Player

– Added CHROME-114(QGC3802125104): Chrome 38.0.2125.104

– Added FF14-012(Q33005397): Firefox 33.0

– Added MSAF-031(Q3001237): Microsoft Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: October 14, 2014

– Added JAVA7-72(QJAVA7U72): Java 7 Update 72

– Added TB14-3120(QTB143120): Thunderbird 31.2.0

Non-Security

– Added XD500MISAWX-001(QCTX130296): Hotfix XD500MISAWX86001 (Version 5.0.1) – For Citrix XenDesktop 5.0 Machine Identity Service Agent

– Added XD510DSTUDIOWX-002(QCTX134003): Hotfix XD510DStudioWX86002/XD510DStudioWX64002 (Version 5.1.2) For Citrix Desktop Studio 5.1

– Added XD560HF-010(QCTX141157): Hotfixes Update 10 – For Citrix XenDesktop 5.6 Controller

– Added XD560VDAWX-400(QCTX138550): Hotfix Rollup XD560VDAWX86400 (Version 5.6.400) – For Citrix XenDesktop Virtual Desktop Agent Core Services

Revision

– Modified FFE14-2481(QFFE2481): Updated download URL

– Modified FFE14-3111(QFFE3111): Updated language ID logic

Posted on by shavlikdatateam General, Patch and Bulletin Information, Shavlik Product Announcement

New Patch Data Available (2.0.0.8270)

XML Version 2.0.0.8270 Last Modified 8/12/2014

Security

– Added MS14-043: Vulnerability in Windows Media Center Could Allow Remote Code Execution (2978742)

– Added MS14-044: Vulnerabilities in SQL Server Could Allow Elevation of Privilege (2984340)

– Added MS14-045: Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2984615)

– Added MS14-046: Vulnerability in .NET Framework Could Allow Security Feature Bypass (2984625)

– Added MS14-047: Vulnerability in LRPC Could Allow Security Feature Bypass (2978668)

– Added MS14-048: Vulnerability in OneNote Could Allow Remote Code Execution (2977201)

– Added MS14-049: Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (2962490)

– Added MS14-050: Vulnerability in Microsoft SharePoint Server Could Allow Elevation of Privilege (2977202)

– Added MS14-051: Cumulative Security Update for Internet Explorer (2976627)

– Added APSB14-18: Security updates available for Adobe Flash Player

– Added APSB14-19: Security updates available for Adobe Reader and Acrobat

– Added CHROME-107: Chrome 36.0.1985.143

– Added MSAF-028: Microsoft Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: August 12, 2014

– Added OPERA-55: Opera 23.0.1522.75

– Added PICASA-018: Google Picasa 3.9.138.150

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.7284)

Shavlik is pleased to announce the General Availability release of Shavlik Protect 9.1.  This release includes a localized version of Protect, improved resolution for IPv6 and FQDN, improved deployment workflow with more machine and patch level statuses, and reports views for 3rd party reporting integration and custom reporting.  Go to: http://www.shavlik.com/downloads/protect to get Protect 9.1 today.  You can also sign up for our Protect 9.1 launch webinars next week at http://www.shavlik.com/products/protect/#/demos-webinars/.

End-of-Life Notice:

VMware vCenter Protect 8.0, 8.0.1, and 8.0.2 will reach end of service on 5/15/2014. The May Patch Tuesday content update will be the final update for the VMware branded editions of Protect. All customers running on these versions should upgrade to Shavlik Protect 9.1 at the first possible convenience to prevent a service outage.

Shavlik has released updated patch XML files for Shavlik Protect.

XML Version 2.0.0.7284 Last Modified 5/1/2014

Security

– Added MS14-021(Q2964358): Security Update for Internet Explorer (2965111)

– Added LIBRE-034(QLIBO416): LibreOffice 4.1.6

Software Distribution

– Added AR11-006(QAR1106N): Adobe Reader 11.0.6

Revision

– Modified HSMH-12(QHP732): Updated download URL.

– Modified MS12-021(Q2645410): Fixed an issue where patch did not show as missing on some systems.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.5494)

XML Version 2.0.0.5494 Last Modified 10/7/2013

Security

– Added AI13-006(QAI111111): Apple iTunes 11.1.1

– Added CHROME-89(Q300159969): Google Chrome and Chrome Frame 30.0.1599.69

– Added MSAF-015(Q2889543): Text is corrupted when it’s typed into a webpage that uses Adobe Flash Player after you install security update 2880289

– Added SKYPE-42(QSKY690106): Skype 6.9.0.106

Non-Security

– Added LIBRE-025(QLIBO412): LibreOffice 4.1.2

– Added MSWU-813(Q2825632): Description of the Outlook 2013 update: September 26, 2013

Revision

– Modified GACU-008(Q2851234): Added support for 2851234.

– Modified GACU-011(Q2862073): Added support for 2862073.

– Modified GACU-013(Q2877211): Added support for 2877211.

– Modified MSWU-793(Q2862073): Fixed an issue where patch did not show as missing on some systems.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.5048)

XML Version 2.0.0.5048 Last Modified 8/13/2013

Security

– Added MS13-059: Cumulative Security Update for Internet Explorer (2862772)

– Added MS13-060: Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850869)

– Added MS13-061: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063)

– Added MS13-062: Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege (2849470)

– Added MS13-063: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2859537)

– Added MS13-064: Vulnerability in Windows NAT Driver Could Allow Denial of Service (2849568)

– Added MS13-065: Vulnerability in ICMPv6 could allow Denial of Service (2868623)

– Added MS13-066: Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (2873872)

Revision

– Modified MS13-052(KB2861561): Bulletin revised to rerelease the 2840628, 2840632, 2840642, 2844285, 2844286, 2844287, and 2844289 updates.

– Modified MS13-057(KB2803821): Bulletin revised to rerelease the 2803821 update for Windows 7 and Windows 2008 R2.

– Modified MSRC-001(Q931125): Update for Root Certificates for Windows XP [August 2013]

– Modified MSWU-769(Q2834140): Bulletin revised to rerelease the 2834140 update.

– Modified MSWU-780(Q2836945): Bulletin revised to rerelease the 2836945 update.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.4550)

XML Version 2.0.0.4550  Last Modified 6/18/2013

Non-Security

– Added IMGB-003(QIMGB258): ImgBurn v2.5.8.0

– Added MSWU-769(Q2834140): “0x00000050” Stop error after you install update 2670838 on a computer that is running Windows 7 SP1 or Windows Server 2008 R2 SP1

– Added MSWU-771(Q2810017): Microsoft Office 2013 Updates for June 2013

– Added MSWU-773(Q2767865): Description of the SkyDrive Pro update: June 2013

– Added MSWU-774(Q2817327): Description of the Outlook 2007 Junk Email Filter update: June 11, 2013

– Added MSWU-775(Q2817473): Description of the Outlook 2003 Junk Email Filter update: June 11, 2013

– Added MSWU-776(Q2859903): Update for Internet Explorer 10 for Windows 7 and Windows Server 2008 R2

Revision

– Modified MS13-040(Q2804579): Fixed an issue where patch did not show as missing on some systems.

– Modified MS13-047(Q2838727): Fixed an issue where patch incorrectly shows as missing on some systems.

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available(2.0.0.3712)

XML Version 2.0.0.3712 Last modified 2/28/2013

Product

– Added support for Access 2007 Database Engine

Security

– Added MSAF-008(Q2819372): Microsoft Security Advisory: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10

Non-Security

– Added MSWU-716(Q2670838): A platform update is available for Windows 7 SP1 and Windows Server 2008 R2 SP1

– Added MSWU-717(Q2794599): Fonts in console programs are too small to read in multilingual versions of Windows RT, Windows 8, and Windows Server 2012

Software Distribution

– Added MSIE-010(QIE1061): Internet Explorer 10 for Windows 7 and Server 2008 R2

Revision

– Modified MS13-002(Q2687499): Added Access 2007 Database Engine as an affected product

– Modified MS12-070(Q2716434): Fixed an issue where patch did not show as missing on some systems

– Modified MS11-A04(Q2533623): Fixed an issue where patch incorrectly shows as missing on some systems

– Modified MSWU-696(Q2726535): Fixed an issue where patch incorrectly shows as missing on some systems

– Modified MSWU-653(Q2731771): Fixed an issue where patch incorrectly shows as missing on some systems

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available(2.0.0.3442)

XML Data Version 2.0.0.3442 Last Modified 1/14/2013

Security

– Added CHROME-64(Q240131252): Google Chrome 24.0.1312.52

– Added JAVA7-11(QJAVA7U11): Java 7 Update 11

– Added MS13-008(Q2799329): Security Update for Internet Explorer

– Added SKYPE-35(QSKY610129): Skype 6.1.0.129

Non-Security
– Added MOZYH-011(QMOZYH2182244): MozyHome 2.18.2.244

– Added MSWU-694(Q2763674): You cannot run an application that is signed with a SHA-256 certificate on a computer that is running Windows Vista SP2 or Windows Server 2008 SP2

– Added MSWU-695(Q2773072): Update changes the game rating systems in Windows 7

– Added MSWU-696(Q2726535): An update is available that adds South Sudan to the list of countries in Windows Server 2008, Windows 7, and Windows Server 2008 R2

– Added MSWU-697(Q2786400): An update is available that changes the default settings of the shaping behavior for Arabic text rendering in Windows 7 and Windows Server 2008 R2

– Added MSWU-698(Q2786081): Internet Explorer 10 does not save credentials for a website after you log off or restart a computer that is running Windows 7 SP1 or Windows Server 2008 R2 SP1

– Added MSWU-699(Q2750149): An update is available for the .NET Framework 4.5 in Windows 8, Windows RT and Windows Server 2012

– Added MSWU-700(Q2750147): An update is available for the .NET Framework 4.5 in Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2008 SP2, and Windows Vista SP2

Revision

– Modified MSWU-431(Q982726): Updated Definition Update for Microsoft Office 2010: January 8, 2013

– Modified MSWU-596(Q2600217): Fixed an issue where patch did not show as missing on some systems.

Note:  MS13-008 is not a cumulative update for Internet Explorer.  The latest cumulative update MS12-077 must also be applied to the system.  If the latest cumulative update is not present after applying MS13-008, Internet Explorer may experience compatibility issues.  See the Microsoft Security Bulletin MS13-008 for more information

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.3196)

XML Data Version 2.0.0.3196 Last Modified 12/11/2012

Security

– Added APSB12-27(QAF10318348): Adobe Flash Player 10.3.183.48, Adobe Flash Player 11.5.502.135. Adobe Air 3.5.0.880

– Added MS12-077(Q2761465): Cumulative Security Update for Internet Explorer

– Added MS12-078(Q2753842): Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

– Added MS12-079(Q2760410): Vulnerability in Microsoft Word Could Allow Remote Code Execution

– Added MS12-080(Q2746157): Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution

– Added MS12-081(Q2758857): Vulnerability in Windows File Handling Component Could Allow Remote Code Execution

– Added MS12-082(Q2770660): Vulnerability in DirectPlay Could Allow Remote Code Execution

– Added MS12-083(Q2765809): Vulnerability in IP-HTTPS Component Could Allow Security Feature Bypass

– Added MSAF-004(Q2785605): Microsoft Security Advisory: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10

Non-Security

– Added MSWU-673(Q2687404): Description of the Outlook 2007 update: November 13, 2012

Revision

– Modified MS12-043: Added KB2687627 and KB2687497 patches to resolve known issue as described in KB article for XML Core Services 5.0

– Modified MS12-059: Added KB2687508 patch to resolve known issue as described in KB article for Microsoft Visio 2010

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.2982)

XML Data Version 2.0.0.2982 Last Modified 11/13/2012

Security

– Added MS12-071: Cumulative Security Update for Internet Explorer (2761451)

– Added MS12-072: Vulnerabilities in Windows Shell Could Allow Remote Code Execution (2727528)

– Added MS12-073: Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Information Disclosure (2733829)

– Added MS12-074: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2745030)

– Added MS12-075: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2761226)

– Added MS12-076: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2720184)

– Added AQ12-002(QAQ773): Apple Quicktime 7.7.3

Posted on by shavlikdatateam General, Patch and Bulletin Information, Uncategorized

New Patch Data Available (2.0.0.2954)

XML Data Version 2.0.0.2954  Last Modified 11/8/2012

Security

– Added CHROME-60(Q230127164): Google Chrome 23.0.1271.64

– Added MSAF-003(Q2770041): Microsoft Security Advisory: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10

– Added OPERA-22(QOP1210): Opera 12.10

Non-Security

– Added BBDM-004(QBB71030): BlackBerry Desktop Software v7.1

– Added MSWU-657(Q2737155): Cumulative update package for Lync 2010: October 2012

Revision

– Modified MSWU-639(Q2729094): Microsoft released due to re-packaging to address a certificate issue.