NOTICE: This forum is mostly an archive, though new posts are allowed. Registration may require manual admin activation. After registering visit https://bitsum.com/contact/ to request account activation.
Started by BenYeeHua, August 14, 2013, 04:35:32 AM
QuoteSummaryA critical vulnerability (CVE-2015-0311) exists in Adobe Flash Player 184.108.40.2067 and earlier versions for Windows and Macintosh. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below. UPDATE (January 24): Users who have enabled auto-update for the Flash Player desktop runtime will be receiving version 220.127.116.116 beginning on January 24. This version includes a fix for CVE-2015-0311. Adobe expects to have an update available for manual download during the week of January 26, and we are working with our distribution partners to make the update available in Google Chrome and Internet Explorer 10 and 11. For more information on updating Flash Player please refer to this post.
QuoteImproves the integration of OneDrive and other Office 2013 applications so that conflict issues are handled better.
Quoteâ€¢Improves the integration of OneDrive and the other Office 2013 applications so that conflict issues are handled better.â€¢Fixes the issue in which the MSOSync.exe process may stop responding during initialization process because the sync progress fails.
Quoteâ€¢Improves reliability when you work with an Access database where the file size exceeds the 2GB limit in Access 2013.â€¢Improves the integration of OneDrive and other Office 2013 applications so that conflict issues are handled better.â€¢Improves reliability of Microsoft Office 2013 Upload Center.
QuoteImproves the user experience by letting you select partial text instead of a whole line or paragraph of text in a RichEdit field.Note Currently, when you try to select some text in a RichEdit field, such as the Lync IM conversation window, it is easy to accidentally have a whole line or paragraph of text selected. After you install this hotfix, you can disable this behavior.
QuoteFixes the issue in which an existing Power View report becomes blank when you interact with the report in Excel 2013 on a computer that has a decimal separator set to a comma (",").
QuoteThis update package contains Group Policy Administrative Template resource files (inetres.adml) for Internet Explorer.
QuoteApplications or services that use the Secure Channel (SChannel) security support provider, such as Internet Explorer, may incorrectly negotiate to non-Microsoft website hosts by using the Transport Layer Security (TLS) protocol. Therefore, the affected application may not establish a connection or may be instructed to negotiate the use of a less-secure protocol such as Secure Sockets Layer protocol version 3.0 (SSL 3.0).This issue occurs because some third-party implementations of the TLS protocol do not correctly negotiate when empty TLS extensions are present at the end of the extension list.
QuoteThis security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker, by way of a man-in-the-middle attack, causes the Group Policy Security Configuration Engine policy file on a targeted system to become corrupted or otherwise unreadable. This results in the Group Policy settings on the system to revert to their default, and potentially less secure, state.
QuoteAn elevation of privilege vulnerability exists in Microsoft Windows when it fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security checks and gain elevated privileges on a targeted system. This vulnerability can be exploited only in the specific scenario where the process uses SeAssignPrimaryTokenPrivilege, which is not available for normal processes.
QuoteThis issue occurs because the Task Scheduler does not correctly trigger events including the rescheduling of events when the computer is started after an overdue task. Therefore, the Software Protection Platform service (sppsvc.exe) does not start.
Quote from: BenYeeHua on February 27, 2015, 05:38:41 PMI guess I should looking on the computer but not going to brush my teeth, as it was causing me to miss some update. It is just for changing the currency symbol of Lithuania from the Lithuanian litas (Lt) to the euro (â,¬), and yup, it should be important for Lithuanian people. PS:You need to restart the computer to complete the update.http://support.microsoft.com/kb/3006137 (http://support.microsoft.com/kb/3006137)
QuoteNote After you install this update, you can improve the performance by compressing the CMYK JPEG images by using the Compress Pictures feature on the Picture Tools Format contextual tab.
QuoteThis is caused when Internet Explorer 11 sometimes queries for a domain name that begins with the "dummy" word.
QuoteThis update also includes a deprecation of the DisableGenericReports registry entry under the following registry subkey:Code Select ExpandHKEY_LOCAL_MACHINE\Software\Microsoft\Windows Defender\ReportingThis deprecation should not affect existing telemetry options. You may want to review Windows Defender settings to make sure that they reflect your desired options.
QuoteCause 1This problem occurs because the NDIS driver does not handle power state transition requests correctly when power management is disabled on a Teredo tunnel adapter or an IPHTTPS tunnel adapter.Cause 2This problem occurs because the power state transition fails on the Wi-Fi network adapter, which triggers a time-out in the monitoring thread.
Quoteâ€¢Skypeâ€¢Netflixâ€¢Cut The Ropeâ€¢HP ALL-in-One Printer Remoteâ€¢Canon Inkjet Print Utilityâ€¢Microsoft Solitaire Collectionâ€¢Adobe Reader Touchâ€¢Asphalt 8: Airborneâ€¢Microsoft Mahjongâ€¢Amazon
Quote from: BenYeeHua on March 12, 2015, 05:27:50 PMSo, Adobe Flash Player version 18.104.22.168 for Firefox(NPAPI) and Chromium(PPAPI) has been released, along with Adobe Air 22.214.171.124.I guess there are some slowdown for the Adobe webpage, because they want to make sure all CDN has their newest released version first, to save bandwidth.
QuoteTo make it simple and fast for Skype users to upgrade to the latest version of Skype for Windows, we have integrated Skype into Windows Update. If you have Skype installed on your PC already, either directly from www.skype.com (http://www.skype.com) or through a preinstalled version on your PC, you will receive the latest version of Skype through Windows Update.
QuoteThe issue was caused by MCS Holdings, a subordinate CA, improperly issuing domain certificates to entities other than their owners. The MCS Holdings authority is subordinated to the China Internet Network Information Center (CNNIC), which is a CA present in the Trusted Root Certification Authorities Store.
QuoteMicrosoft is announcing the availability of a defense-in-depth update that improves the authentication that is used by the Public Key Cryptography User-to-User (PKU2U) security support provider (SSP) in Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. The improvement is part of ongoing efforts to strengthen the effectiveness of security controls in Windows.
QuoteThis issue occurs because the CHT platform has the following hardware limitations:â€¢Touch the CMD and DAT inhibit bits during the tuning procedure causes the tuning to fail.â€¢The Preset Value Enable bit does not work with some Wi-Fi modules.
QuoteThis issue occurs because the initialization of the status in the Udfs.sys file is incorrect.
QuoteThis issue occurs because Microsoft Surface does not support the speed of SDR104 (104 MBps). Surface only supports up to SDR50 or DDR50.
QuoteThis issue occurs on a system together with multiple monitors that use high DPI (dots per inch) setting. The display mode set to Extend, and the primary monitor has a higher resolution than the secondary monitor. In this situation, when you select an item from the desktop shortcut menu, the shortcut menu may not work as expected or close.
QuoteBefore you install the update, Local Security Authority (LSA) crash issues may occur.
QuoteBehavior after you install the updateStorage devices that are connected to the Microchip hub works correctly after safe removal.Embedded scanner under xHCI controller works correctly.Eliminate the AV_USBXHCI!Bulk_Transfer_CompleteCancelable crash.
QuoteChanges in this security updateAfter you apply this security update in Windows, you cannot uninstall a standard (unelevated) out-of-browser application by starting it, right-clicking it, and then selecting Remove this application. The command is no longer displayed. You have to uninstall the out-of-browser application from the Programs and Features item in Control Panel.
QuoteWhen you format text direction to right-to-left in a document in Word 2013, garbled text is displayed in table cells that contain hidden paragraph marks.
QuoteCauseThis issue occurs because Register_ControllerStop only waits for four milliseconds (ms) instead of 16 ms when eXtensible Host Controller Interface (xHCI) tries to stop the controller.
QuoteAssume that many batched file operations occur on items that are visible in the navigation pane of File Explorer. When this issue occurs, those items do not appear in the navigation pane.Note The issue does not occur immediately when you log on to the computer. It occurs during the regular usage.
QuoteThis issue occurs because the character glyph has a Unicode representation that is greater than 65,535. Therefore, it requires two UTF-16 strings or one UTF-32 string to represent the glyph correctly.
QuoteVarious Samsung TV models, planned for release in 2015, are preconfigured to support Miracast as both a wireless display device and a source of display content. To support this, its display type is set as a "dual-role" device. However, Windows 8.1 does not recognize the "dual-role" setting and fails to discover the device as a Miracast wireless display device.
QuoteThis update provides an updated Network Driver Interface Specification (NDIS) miniport driver in the %SystemRoot%\System32\Drivers folder. After you install this update, you have to update the RNDIS device driver to make the new driver take effect.
QuoteThe explorer.exe process reads thousands of Windows Push Notification Platform (WPN) and Windows Notification Facility (WNF) values from the following registry subkey during the user logon:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Notifications
QuoteThe third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.
Quote from: edkiefer on June 16, 2015, 07:36:30 PMnot much info on what that micro code does or what Intel CPU it supports .
Quote from: BenYeeHua on June 17, 2015, 09:36:12 AMYup, Intel will never talk about that, but I think it might for disabling the TSX of Haswell
Quote from: Jeremy Collake on June 24, 2015, 08:53:15 PMThat's what you call Microsoft executives exerting their political persuasion to other executives of big companies. That is what Bitsum faces as well, these larger entities often have high-level corporate agreements made that even senior engineers can't object to.e.g. CTO of company X says: I have the perfect solution for you! It will save you bandwidth, improve video quality, and more!CTO of company Y says: Wow! That'd be great! Let's sign an agreement right now!Senior engineer of company Y says: WTF?!? Why didn't you consult me?CTO of company Y says: This agreement was made above your head. Just get it done.That said, Silverlight does play video just fine .
Quote from: BenYeeHua on July 02, 2015, 01:56:32 PMPoor Microsoft Silverlight 5.1.40620.0 has been released, and no changelog so far.You can download it by clicking it on "DOWNLOAD NOW" on this webpage. https://www.microsoft.com/silverlight/ (https://www.microsoft.com/silverlight/)PS:Be aware that it is a/contain adwares, so remember to untick them before you continue the installation.
QuoteThis update allows a future version of Windows Server Update Services (WSUS) to deliver System Hardware Updates and System Firmware Updates to corporate devices through WSUS networks.