Additionally, Microsoft has released three new Security Advisories and updated two others. First is the update for vulnerabilities in Adobe Flash Player for IE 10. This is Security Advisory 2755801. For a vulnerability in Direct Access that could allow a security feature bypass, check out Security Advisory 2862152. This advisory will require specific configuration however and Microsoft has supplied instructions within. Security Advisory 2868725 has also been released to disable RC4 on Windows 7, Server 2008 R2, Windows 8 and Windows Server 2012. (Protection is already built in for Win 8.1 and Server 2012 R2.) Migration is obviously your best long-term path here.
This November Patch Tuesday will be a busy one for IT, especially for the many organizations that use IE. Eight bulletins, three rated critical, were released by Microsoft. This slideshow features a rundown of the November updates, provided by Paul Henry, security and forensic expert at Lumension.