Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing eight bulletins covering a total of 45 vulnerabilities. Twenty of this month's issues are rated ’Critical’.
-
MS15-056 Cumulative Security Update for Internet Explorer (3058515)
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1687) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1730) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1731) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1732) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1735) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1736) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1737) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1740) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1741) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1742) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1744) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1745) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1747) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1750) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1751) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1752) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1753) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1754) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1755) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1766) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Elevation of Privilege Vulnerability in Internet Explorer (CVE-2015-1739) MS Rating: Important
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
Elevation of Privilege Vulnerability in Internet Explorer (CVE-2015-1743) MS Rating: Important
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
Elevation of Privilege Vulnerability in Internet Explorer (CVE-2015-1748) MS Rating: Moderate
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
Internet Explorer Information Disclosure Vulnerability (CVE-2015-1765) MS Rating: Important
An information disclosure vulnerability exists in Internet Explorer that could allow an attacker who successfully exploited this vulnerability to gain access to a user's browser history.
-
MS15-057 Vulnerability in Windows Media Player Could Allow Remote Code Execution (3033890)
Windows Media Player RCE via DataObject Vulnerability (CVE-2015-1728) MS Rating: Important
A remote code execution vulnerability exists in the way that the Windows Media Player handles specially crafted DataObjects. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely.
-
MS15-059 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3064949)
Microsoft Office Uninitialized Memory Use Vulnerability (CVE-2015-1770) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could use a specially crafted file to perform actions in the security context of the current user.
Microsoft Office Memory Corruption Vulnerability (CVE-2015-1759) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.
Microsoft Office Memory Corruption Vulnerability (CVE-2015-1760) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.
-
MS15-060 Vulnerability in Microsoft Common Controls Could Allow Remote Code Execution (3059317)
Microsoft Common Control use after free vulnerability (CVE-2015-1756) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Common Controls when it accesses an object in memory that has not been correctly initialized or has been deleted. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
-
MS15-061 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3057839)
Microsoft Windows Kernel Information Disclosure Vulnerability (CVE-2015-1719) MS Rating: Important
An information disclosure vulnerability exists when the Windows kernel-mode driver improperly handles buffer elements under certain conditions, allowing an attacker to request the contents of specific memory addresses. An attacker who successfully exploited this vulnerability could potentially read data not intended to be disclosed. This vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information in an attempt to further compromise the affected system.
Microsoft Windows Kernel Use After Free Vulnerability (CVE-2015-1720) MS Rating: Important
An elevation of privilege vulnerability exists when the Windows kernel-mode driver improperly frees an object in memory that an attacker can use to execute arbitrary code with elevated permissions. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Null Pointer Dereference Vulnerability (CVE-2015-1721) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows kernel-mode driver due to insufficient validation of certain data passed from user mode. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Microsoft Windows Kernel Bitmap Handling Use After Free Vulnerability (CVE-2015-1722) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows kernel-mode driver when it accesses an object in memory that has either not been correctly initialized or deleted. The vulnerability may corrupt memory in such a way that an attacker could gain elevated privileges on a targeted system. An attacker would first have to log on to the system to exploit this vulnerability.
Microsoft Windows Station Use After Free Vulnerability (CVE-2015-1723) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows kernel-mode driver when it accesses an object in memory that has either not been correctly initialized or deleted. The vulnerability may corrupt memory in such a way that an attacker could gain elevated privileges on a targeted system. An attacker would first have to log on to the system to exploit this vulnerability.
Microsoft Windows Kernel Object Use After Free Vulnerability (CVE-2015-1724) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows kernel-mode driver when it accesses an object in memory that has either not been correctly initialized or deleted. The vulnerability may corrupt memory in such a way that an attacker could gain elevated privileges on a targeted system. An attacker would first have to log on to the system to exploit this vulnerability.
Win32k Buffer Overflow Vulnerability (CVE-2015-1725) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows kernel-mode driver when it improperly validates user input. An attacker who successfully exploited this vulnerability could gain elevated privileges on a targeted system. An attacker would first have to log on to the system to exploit this vulnerability.
Microsoft Windows Kernel Brush Object Use After Free Vulnerability (CVE-2015-1726) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows kernel-mode driver when it accesses an object in memory that has either not been correctly initialized or deleted. The vulnerability may corrupt memory in such a way that an attacker could gain elevated privileges on a targeted system. An attacker would first have to log on to the system to exploit this vulnerability.
Win32k Pool Buffer Overflow Vulnerability (CVE-2015-1727) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows kernel-mode driver when it improperly validates user input. An attacker who successfully exploited this vulnerability could gain elevated privileges on a targeted system. An attacker would first have to log on to the system to exploit this vulnerability.
Win32k Memory Corruption Elevation of Privilege Vulnerability (CVE-2015-1768) MS Rating: Important
An elevation of privilege vulnerability exists when the Windows kernel-mode driver, Win32k.sys, fails to properly free memory. An attacker who successfully exploited this vulnerability could execute arbitrary code within the context of another user. An attacker would first have to log on to the system to exploit this vulnerability.
Win32k Elevation of Privilege Vulnerability (CVE-2015-2360) MS Rating: Important
An elevation of privilege vulnerability exists when the Windows kernel-mode driver, Win32k.sys, fails to properly free memory. An attacker who successfully exploited this vulnerability could execute arbitrary code within the context of another user. An attacker would first have to log on to the system to exploit this vulnerability.
-
MS15-062 Vulnerability in Active Directory Federation Services Could Allow Elevation of Privilege (3062577)
ADFS XSS Elevation of Privilege Vulnerability (CVE-2015-1757) MS Rating: Important
An elevation of privilege vulnerability exists in the way that URL's are sanitized in Active Directory Federation Services (AD FS). An attacker who successfully exploited this vulnerability could perform cross-site scripting attacks and run script in the security context of the logged-on user.
-
MS15-063 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (3063858)
Windows LoadLibrary EoP Vulnerability (CVE-2015-1758) MS Rating: Important
An elevation of privilege vulnerability exists in Microsoft Windows LoadLibrary when it fails to properly validate user input. An authenticated attacker who successfully exploited this vulnerability could elevate privileges on a targeted system.
-
MS15-064 Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3062157)
Exchange Server-Side Request Forgery Vulnerability (CVE-2015-1764) MS Rating: Important
An information disclosure vulnerability exists in Microsoft Exchange web applications when Exchange does not properly manage the same-origin policy. An attacker could exploit this Server-Side Request Forgery (SSRF) vulnerability by using a specially crafted web application request. An attacker who successfully exploited this vulnerability could then perform certain unauthorized actions.
Exchange Cross-Site Request Forgery Vulnerability (CVE-2015-1771) MS Rating: Important
An elevation of privilege vulnerability exists in Microsoft Exchange web applications when Exchange does not properly manage user sessions. For this Cross-site Request Forgery(CSRF/XSRF) vulnerability to be exploited, the victim must be authenticated (logged on) to the target site.
Exchange HTML Injection Vulnerability (CVE-2015-2359) MS Rating: Important
An information disclosure vulnerability exists in Microsoft Exchange web applications when Exchange does not properly sanitize HTML strings. To exploit this HTML Injection vulnerability an attacker must have the ability to submit a specially crafted script to a target site that uses HTML sanitization.
More information on the vulnerabilities being addressed this month is available at Symantec's free SecurityFocus portal and to our customers through the DeepSight Threat Management System.