Shavlik Protect 9.2 beta is coming soon! Check out the latest on upcoming features on http://Blog.shavlik.com. To join the beta contact us at Beta@Shavlik.com.
XML 2.0.1.3558 Last Modified 6/25/2015
Security
– Added MSAF-043(Q3074219): Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: June 23, 2015
– Added OPERA-78(QOP300183588): Opera 30.0.1835.88
Revision
– Added MSWU-1251(Q3043812): Updated detection logic
Shavlik has released updates for Protect 9.1 and 9.0 customers. Patch 3 is mandatory for all customers. This update resolves an issue which will prevent the console certificate from automatically renewing after it reaches its two year term date, at which time several issues would occur including communication failures, agent check-in failures, and console errors. To download the latest installers go to http://www.shavlik.com/downloads/protect.
XML 2.0.0.2812 Last Modified 5/13/2014
Security
– Added WIRES-045(QWIRES1125): Wireshark 1.12.5
– Added WIRES-046(QWIRES11014): Wireshark 1.10.14
Security Tools
– Added MS15-A06(Q3042058): Microsoft security advisory: Update to default cipher suite priority order: May 12, 2015
Revision
– Updated MS15-041(Q3037580): Rereleased by Microsoft for .NET Framework 4.5/4.5.1/4.5.2 on affected editions of Microsoft Windows
Shavlik has released updates for Protect 9.1 and 9.0 customers. Patch 3 is mandatory for all customers. This update resolves an issue which will prevent the console certificate from automatically renewing after it reaches its two year term date, at which time several issues would occur including communication failures, agent check-in failures, and console errors. To download the latest installers go to http://www.shavlik.com/downloads/protect.
XML 2.0.1.2160 Last Modified 4/14/2015
Security
– Added MS15-032: Cumulative Security Update for Internet Explorer (3038314)
– Added MS15-033: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3048019)
– Added MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)
– Added MS15-035: Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (3046306)
– Added MS15-036: Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege (3052044)
– Added MS15-037: Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (3046269)
– Added MS15-038: Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege (3049576)
– Added MS15-039: Vulnerability in XML Core Services Could Allow Security Feature Bypass (3046482)
– Added MS15-040: Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3045711)
– Added MS15-041: Vulnerability in .NET Framework Could Allow Information Disclosure (3048010)
– Added MS15-042: Vulnerability in Windows Hyper-V Could Allow Denial of Service (3047234)
– Added APSB15-06(QAF1700169): Security updates available for Adobe Flash Player
– Added CHROME-131(QGC420231190): Chrome 42.0.2311.90
– Added JAVA7-79(QJAVA7U79): Java 7 Update 79 Critical Patch Update (CPU)
– Added JAVA8-45(QJAVA8U45): Java 8 Update 45
Security Tool
– Added MS15-A05(Q3045755): Microsoft security advisory: Update to Improve PKU2U Authentication
XML 2.0.1.1738 Last Modified 3/26/2015
Security Tool
– Added MS15-A04(Q3050995): Microsoft security advisory: Improperly issued digital certificates could allow spoofing
Non-Security
– Added MSWU-1203(Q3048778): Update 3033889 causes Windows Explorer to stop responding on systems that use the Japanese or Korean IME
– Added XD710-012(QCTX142056): Hotfix ICATS750WX64028 – For VDA Core Services 7.1/7.5 for Windows
XML 2.0.1.1666 Last Modified 3/20/2015
Product
– Added support for Google Drive
Security
– Added CHROME-129(QGC4102272101): Chrome 41.0.2272.101
Security Tool
– Added MS15-A03(Q3046310): Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing
Non-Security
– Added GDRIVE-001(QGD12086723137): Google Drive: 1.20.8672.3137
All Protect customers, Patch 2 has been released for Protect v9.0 and v9.1. The updates include a fix for an upcoming syntax change to CVE-ID. Without this patch you will not be able to update content after the CVE syntax change occurs. For more details on how to download and apply the update for your version of Shavlik Protect please refer to this article: https://community.shavlik.com/docs/DOC-23639.
XML 2.0.1.608 Last Modified 1/27/2015
Security
– Added APSB15-03(QAF1600296): Security Advisory for Adobe Flash Player
– Added CHROME-122(QGC400221493): Google Chrome 40.0.2214.93
– Added FF15-002(QFF35015500): Firefox 35.0.1
– Added MSAF-037(Q3035034): Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: January 27, 2015
– Added OPERA-67(QOP270168954): Opera 27.0.1689.54
Non-Security
– Added MSSL-012(Q3011970): December 2014 update for Microsoft Silverlight 5
Revision
– Modified MS12-020(Q2621440): Updated detection logic
– Modified MS12-027(Q2598039): Updated detection logic
– Modified MS14-030(Q2965788): Updated detection logic
– Modified MS14-A07(Q2973351): Updated detection logic
All Protect customers, Patch 2 has been released for Protect v9.0 and v9.1. The updates include a fix for an upcoming syntax change to CVE-ID. Without this patch you will not be able to update content after the CVE syntax change occurs. For more details on how to download and apply the update for your version of Shavlik Protect please refer to this article: https://community.shavlik.com/docs/DOC-23639.
XML 2.0.1.406 Last Modified 1/13/2015
Security
– Added MS15-001(Q3023266): Vulnerability in Windows Application Compatibility Cache Could Allow Elevation of Privilege (3023266)
– Added MS15-002(Q3020393): Vulnerability in Windows Telnet Service Could Allow Remote Code Execution (3020393)
– Added MS15-003(Q3021674): Vulnerability in Windows User Profile Service Could Allow Elevation of Privilege (3021674)
– Added MS15-004(Q3023299): Vulnerability in Windows Components Could Allow Elevation of Privilege (3025421)
– Added MS15-005(Q3022777): Vulnerability in Network Location Awareness Service Could Allow Security Feature Bypass (3022777)
– Added MS15-006(Q3004365): Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)
– Added MS15-007(Q3014029): Vulnerability in Network Policy Server RADIUS Implementation Could Cause Denial of Service (3014029)
– Added MS15-008(Q3019215): Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3019215)
– Added APSB15-01(QAF1600257): Security updates available for Adobe Flash Player
– Added CHROME-120(QGC390217199): Chrome 39.0.2171.99
– Added FF15-001(QFF35005486): Firefox 35.0
– Added MSAF-035(Q3024663): Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: January 13, 2015
– Added SW12-16156(QSW1216156): Adobe Shockwave 12.1.6.156
– Added TB15-3140(QTB153140): Thunderbird 31.4.0
Revision
– Updated MS14-080(Q3029449): Added KB3029449 for Windows 8 and Windows Server 2012
All Shavlik Protect 9.0 and 9.1 customers: There is a pending CVE-ID Syntax change coming, Protect updates are available to avoid issues. Read more details here: https://community.shavlik.com/docs/DOC-23639
XML 2.0.0.9672 Last Modified 11/25/2014
Security
– Added APSB14-26(QAF1500239): Security updates available for Adobe Flash Player
– Added MSAF-033(Q3018943): Microsoft Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: November 25, 2014
– Added PIDGIN-012(QPID21011): Pidgin 2.10.11
Revision
– Modified MS14-022(Q2596810): Updated detection logic
– Modified MS14-066(Q2992611): Updated detection logic
– Modified MS14-072(Q2978114): Updated deployment logic
XML version 2.0.0.9040 Last Modified 10/16/2014
Security
– Added FFE14-3120(QFFE3120): Firefox ESR 31.2.0
– Added OPERA-60(QOP250161450): Opera 25.0.1614.50
Security Tool
– Added MS14-A10(Q2977292): Microsoft security advisory: Update for Microsoft EAP implementation that enables the use of TLS: October 14, 2014
– Added MS14-A11(Q2871997): Update to Improve Credentials Protection and Management
– Added MS14-A12(Q2949927): Microsoft Security Advisory: Availability of SHA-2 hashing algorithm for Windows 7 and Windows Server 2008 R2: October 14, 2014
Non-Security
– Added GACU-026(Q2995387): October 2014 update roll up for Windows RT, Windows 8, and Windows Server 2012
– Added GAUR81-012(Q2995388): October 2014 update roll up for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
– Added MSWU-1045(Q3000988): “The profile for the user is a temporary profile” error when you install a MSI package in Windows
– Added MSWU-1046(Q2998174): Active camera is switched unexpectedly when you review photos in Camera app in Windows 8.1 or Windows Server 2012 R2
– Added MSWU-1047(Q2989542): Windows Store apps are not updated automatically in Windows 8.1
– Added MSWU-1048(Q2994023): RPD 8.1 client for Windows 7 or Windows Server 2008 R2 disconnects when it is connected through a RD gateway
– Added MSWU-1049(Q2899475): October 14, 2014 update for Outlook 2007 Junk Email Filter (KB2899475)
– Added MSWU-1050(Q2889930): October 14, 2014 update for SharePoint Server 2013 (KB2889930)
Revision
– Modified SharePoint Designer 2007: Updated detection logic.
– Modified JAVA7-72(QJAVA7U72): Updated patch type.
– Updated MSFT-DN10(Q2901907): Updated affected product.
– Updated MSWU-953(Q2952664): Microsoft re-released patch to v5.
End-of-Life Notice:
VMware vCenter Protect 8.0, 8.0.1, and 8.0.2 reached end of service on 5/15/2014. To upgrade go to http://www.shavlik.com/downloads/protect to download Shavlik Protect 9.1 or 9.0. Check the release notes for changes to the Console Pre-Requisites as they have changed.
XML Version 2.0.0.7922 Last Modified 7/7/2014
Security
– Added MS14-037: Cumulative Security Update for Internet Explorer (2975687)
– Added MS14-038: Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689)
– Added MS14-039: Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685)
– Added MS14-040: Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege (2975684)
– Added MS14-041: Vulnerability in DirectShow Could Allow Elevation of Privilege (2975681)
– Added MS14-042: Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621)
– Added MSAF-027(Q2974008): Microsoft Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: July 8, 2014
– Added APSB14-17(QAF1400145): Security updates available for Adobe Flash Player
Shavlik is pleased to announce the General Availability release of Shavlik Protect 9.1. This release includes a localized version of Protect, improved resolution for IPv6 and FQDN, improved deployment workflow with more machine and patch level statuses, and reports views for 3rd party reporting integration and custom reporting. Go to: http://www.shavlik.com/downloads/protect to get Protect 9.1 today. You can also sign up for our Protect 9.1 launch webinars next week at http://www.shavlik.com/products/protect/#/demos-webinars/.
End-of-Life Notice:
VMware vCenter Protect 8.0, 8.0.1, and 8.0.2 reached end of service on 5/15/2014. The May Patch Tuesday content update was the final update for the VMware branded editions of Protect. All customers running on these versions should upgrade to Shavlik Protect 9.1 at their earliest convenience as updates are no longer being deployed to 8.x versions of Protect.
XML Version 2.0.0.7422 Last Modified 5/16/2014
Security
– Added AI14-003(QAI141120): iTunes 11.2 for Windows
– Added MS14-023(Q2878284): Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2961037)
Security Tools
– Added MS14-A06(Q2962824): Microsoft Security Advisory 2962824: Update Rollup of Revoked Non-Compliant UEFI Modules
Non-Security
– Added MSWU-942(Q2954879): Description of the update for .NET Native in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
XML Version 2.0.0.5812 Last Modified 11/7/2013
Security
– Added SKYPE-43(QSKY6100104): Skype 6.10.0.104
Non-Security
– Added MSWU-838(Q2902892): Skype Windows Store app crashes in Windows 8.1 and in Windows Server 2012 R2
– Added MSWU-839(Q2895614): Update that improves the panorama capture experience in Windows 8.1
Security Tool
– Added MS13-A09(Q2896666): Microsoft Security Advisory (2896666) Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution
Revision
– Modified APSB-1002(QAR0820): Fixed an issue where patch incorrectly shows as missing on some systems.
– Modified MS11-004(Q2489256): Fixed an issue where patch incorrectly shows as missing on some systems.
– Modified MS13-054(Q2687309): Removed Microsoft Expression Web SP1 as an affected product
– Added MSWU-796(Q2863058): Fixed an issue where patch incorrectly shows as missing on some systems.
XML Version 2.0.0.5302 Last Modified 9/17/2013
Security
– Added AFP11-88174(QAF118800174): Adobe Flash Player 11.8.800.174
– Added FFE13-1709(QFFE17090): Mozilla Firefox 17.0.9 ESR
– Added HSMH-10(QHP722): Hp System Management 7.2.2.9
– Added TB13-2400(QTB2400): Mozilla Thunderbird 24.0
– Added TBE13-1709(QTBE1709): Mozilla Thunderbird 17.0.9 ESR
Security Tool
– Added MS13-A08(Q2887505): Microsoft Security Advisory (2887505) Vulnerability in Internet Explorer Could Allow Remote Code Execution
Non-Security
– Added CDBXP-016(QCDXP4524291): CDBurnerXP 4.5.2.4291
– Added MSWU-809(Q2825640): Description of the Office 2010 update: August 27, 2013
XML Version 2.0.0.5252 Last Modified 9/10/2013
Security
– Added MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)
– Added MS13-068: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2756473)
– Added MS13-069: Cumulative Security Update for Internet Explorer (2870699)
– Added MS13-070: Vulnerability in OLE Could Allow Remote Code Execution (2876217)
– Added MS13-071: Vulnerability in Windows Theme File Could Allow Remote Code Execution (2864063)
– Added MS13-072: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)
– Added MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300)
– Added MS13-074: Vulnerabilities in Microsoft Access Could Allow Remote Code Execution (2848637)
– Added MS13-075: Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2878687)
– Added MS13-076: Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2876315)
– Added MS13-077: Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege (2872339)
– Added MS13-078: Vulnerability in FrontPage Could Allow Information Disclosure (2825621)
– Added MS13-079: Vulnerability in Active Directory Could Allow Denial of Service (2853587)
– Added APSB13-21(QAF118800168): Security updates available for Adobe Flash Player
– Added APSB13-22(QAR1104): Security updates available for Adobe Reader and Acrobat
– Added APSB13-23(QSW1204144): Security update available for Adobe Shockwave Player 12.0.4.144
– Added MSAF-014(Q2880289): Microsoft Security Advisory (2755801) Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
XML Version 2.0.0.5066 Last Modified 8/15/2013
Non-Security
– Added GACU-012(Q2862768): Windows RT, Windows 8, and Windows Server 2012 update rollup: August 2013
– Added MSWU-794(Q2856373): Anti-malware platform update for Windows Defender is available in Windows 8 and in Windows RT
– Added MSWU-795(Q2817642): Description of the Outlook 2007 Junk Email Filter update: August 13, 2013
– Added MSWU-796(Q2863058): August 2013 cumulative time zone update for Windows operating systems
– Added MSWU-799(Q2817666): Description of the Outlook 2003 Junk Email Filter update: August 13, 2013
Security Tool
– Added MS13-A05(Q2862966): An update is available that improves management of weak certificate cryptographic algorithms in Windows
– Added MS13-A06(Q2862973): Microsoft Security Advisory: Update for deprecation of MD5 hashing algorithm for Microsoft root certificate program: August 13, 2013
– Added MS13-A07(Q2861855): Microsoft Security Advisory: Updates to improve Remote Desktop Protocol network-level authentication: August 13, 2013
Revision
– Modified MS13-061(Q2874216): Revised bulletin to remove the 2874216 updates for Microsoft Exchange Server 2013 Cumulative Update 1 and Microsoft Exchange Server 2013 Cumulative Update 2.
– Modified MS13-066(Q2843639): Revised bulletin to remove AD FS V2.0 updates as Microsoft works to address an issue with the updates.
– Modified MSWU-632(Q2493736): Updates for Lync Server 2010: July 2013.
– Modified MSWU-712(Q2760587): Outlook 2013 Junk Email Filter update: August 13, 2013.
Ivanti Patch for Windows 