July 2014 Security Bulletin Webcast Q&A
Hosts: Jonathan Ness, Security Development Manager Dustin Childs, Group Manager, Response Communications
Website: TechNet/Security Chat Topic: July 2014 Security Bulletin Release Date: Wednesday, July 9, 2014
Q2: In June we had KB2969262, which makes an IE privacy tab, was this fixed?A2: Yes, this has been addressed.
Q3: When will the update to "Microsoft update" be released to me and how do I install it?A3: The update to "Microsoft update" will be available via the standard windows update mechanisms. Please see http://update.microsoft.com/ for further guidance.
Q4: Can someone touch on KB2938066 and what this fixes for WSUS? Does this help/fix the detection of Windows Server 2012?A4: This update enhances the security of WSUS and is similar to the updates done for WU which are documented in KB2887535. We are currently unaware of an issue with the detection of Windows Server 2012.
Q5: What does KB2938066 do on a non-2012 system with WSUS?A5: This update performs the same security updates on non-Windows Server 2012 under WSUS.
Q6: I applied the six updates to a test 2008 R2 DC last night and after the reboot the date was off by three months. Is there any known issues like this?A6: We have seen no reports of this issue since the release. It is hard to say if the condition was waiting to appear on the first reboot, or caused by installing updates. To troubleshoot this issue, please open a support case with Microsoft using resources available at http://support.microsoft.com.
Q7: Can you talk about the Win7 SHA512 patch and what it does?A7: This is a non-security update that addresses the symptom, "Transport Layer Security (TLS) hash algorithm SHA512 is disabled in the TLS 1.2 protocol on a computer that is running Windows 7 or Windows Server 2008 R2. Therefore, you cannot use SHA512 certificates for authentication or encryption on the computer." Therefore the "fix" would be to eliminate the symptom, or in other words, to "enable" the SHA512 hash algorithm so that it can be used.
Q8: Will all future IE cumulative patches cause a "Your browser has been upgraded" tab?A8: There are no plans for Internet Explorer updates to include this behavior in the future.
Q9: The June update had a change in privacy GDR patch for IE9/10 - ergo what caused it?A9: Last month's update caused users of IE9 to see a "Your browser has been updated tab". This was because of a non-security update and there are no plans to continue this in the future.
Q10: do I have to have auto updating turned to get the update to Microsoft update or can I do it manually?A10: If you do not have Automatic Updating enabled in Windows, you can still get Microsoft updates manually. Go to the Windows Control Panel, select "System and Security" and then select Windows Update - Check for Updates."