Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing 13 bulletins covering a total of 46 vulnerabilities. Twenty-one of this month's issues are rated ’Critical’.
-
MS15-043 Cumulative Security Update for Internet Explorer (3049563)
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1658) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1689) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1691) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1694) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1705) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1706) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1708) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1709) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1710) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1711) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1712) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1714) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1717) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-1718) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
VBScript ASLR Bypass (CVE-2015-1684) MS Rating: Important
A security feature bypass exists when the VBScript engine, when rendered in Internet Explorer, does not use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. An attacker can use the ASLR bypass in conjunction with another vulnerability to run arbitrary code.
VBScript and JScript ASLR Bypass (CVE-2015-1686) MS Rating: Important
A security feature bypass exists when the JScript and VBScript engines, when rendered in Internet Explorer, do not use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. An attacker can use the ASLR bypass in conjunction with another vulnerability to run arbitrary code.
Internet Explorer ASLR Bypass Vulnerability (CVE-2015-1685) MS Rating: Important
A security feature bypass vulnerability exists when Internet Explorer does not use the Address Space Layout Randomization (ASLR) security feature. An attacker can exploit this issue to bypass the Address Space Layout Randomization (ASLR) security feature by predicting the memory offsets of specific instructions in a given call stack. An attacker can use the ASLR bypass in conjunction with another vulnerability to run arbitrary code.
Elevation of Privilege Vulnerability in Internet Explorer (CVE-2015-1688 ) MS Rating: Important
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
Elevation of Privilege Vulnerability in Internet Explorer (CVE-2015-1703 ) MS Rating: Important
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
Elevation of Privilege Vulnerability in Internet Explorer (CVE-2015-1704 ) MS Rating: Moderate
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
Elevation of Privilege Vulnerability in Internet Explorer (CVE-2015-1713 ) MS Rating: Important
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
Internet Explorer Clipboard Information Disclosure Vulnerability (CVE-2015-1692 ) MS Rating: Important
An information disclosure vulnerability exists when Internet Explorer does not properly restrict access to the clipboard of a user who visits a website. The vulnerability could allow data stored on the Windows clipboard to be accessed by a malicious site.
-
MS15-044 Vulnerabilities in GDI+ Could Allow Remote Code Execution (3057110)
OpenType Font Parsing Vulnerability (CVE-2015-1670) MS Rating: Important
An information disclosure vulnerability exists in Microsoft Windows when the Windows DirectWrite library improperly handles OpenType fonts. An attacker who successfully exploited this vulnerability could potentially read data which was not intended to be disclosed.
TrueType Font Parsing Vulnerability (CVE-2015-1671) MS Rating: Critical
A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts. An attacker who successfully exploited this vulnerability could take complete control of the affected system.
-
MS15-045 Vulnerability in Windows Journal Could Allow Remote Code Execution (3046002)
Windows Journal Remote Code Execution Vulnerability (CVE-2015-1675) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.
Windows Journal Remote Code Execution Vulnerability (CVE-2015-1695) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.
Windows Journal Remote Code Execution Vulnerability (CVE-2015-1696) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.
Windows Journal Remote Code Execution Vulnerability (CVE-2015-1697) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.
Windows Journal Remote Code Execution Vulnerability (CVE-2015-1698) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.
Windows Journal Remote Code Execution Vulnerability (CVE-2015-1699) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.
-
MS15-046 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)
Microsoft Office Memory Corruption Vulnerability (CVE-2015-1682) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. Specifically, this issue occurs when a user opens a specially crafted file with an affected version of Microsoft Office software.
Microsoft Office Memory Corruption Vulnerability (CVE-2015-1683) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. Specifically, this issue occurs when a user opens a specially crafted file with an affected version of Microsoft Office software.
-
MS15-047 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (3058083)
Microsoft SharePoint Page Content Vulnerabilities (CVE-2015-1700) MS Rating: Important
Multiple remote code execution vulnerabilities exist when SharePoint Server improperly sanitizes specially crafted page content. An authenticated attacker could attempt to exploit these vulnerabilities by sending specially crafted page content to a SharePoint server. The attacker who successfully exploited these vulnerabilities could run arbitrary code in the security context of the W3WP service account on the target SharePoint site.
-
MS15-048 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3057134)
.NET XML Decryption Denial of Service Vulnerability (CVE-2015-1672) MS Rating: Important
A denial of service vulnerability exists in Microsoft .NET Framework that could allow an unauthenticated attacker to degrade the performance of a .NET-enabled website and disrupt the availability of applications that use Microsoft .NET Framework. The vulnerability exists when Microsoft .NET Framework attempts to decrypt certain specially crafted XML data. An attacker can exploit this issue by sending a specially crafted XML data to a .NET application with the intention of causing processing recursion that leads to the denial-of-service condition.
Windows Forms Elevation of Privilege Vulnerability (CVE-2015-1673) MS Rating: Important
An elevation of privilege vulnerability exists in Microsoft .NET Framework that is caused when .NET's Windows Forms (WinForms) libraries improperly handle objects in memory. An attacker who successfully exploited the vulnerability could take complete control of an affected system.
-
MS15-049 Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985)
Microsoft Silverlight Out of Browser Application Vulnerability (CVE-2015-1715) MS Rating: Important
An elevation of privilege vulnerability exists in Microsoft Silverlight that is caused when Silverlight improperly allows applications that are intended to run at a low integrity level (very limited permissions) to be executed at a medium integrity level (permissions of the current user) or higher. To exploit this vulnerability an attacker would first have to log on to the system or convince a logged on user to execute a specially crafted Silverlight application.
-
MS15-050 Vulnerability in Service Control Manager Could Allow Elevation of Privilege (3055642)
Service Control Manager Elevation of Privilege Vulnerability (CVE-2015-1702) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows Service Control Manager (SCM) when the SCM improperly verifies impersonation levels. An attacker who successfully exploited this vulnerability could gain elevated privileges and make calls to SCM for which they lack sufficient privilege.
-
MS15-051 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057191)
Microsoft Windows Kernel Memory Disclosure Vulnerability (CVE-2015-1676) MS Rating: Important
An information disclosure vulnerability exists when the Windows kernel-mode driver leaks private address information during a function call, which could allow the disclosure of kernel memory contents, revealing information about the system to an attacker.
Microsoft Windows Kernel Memory Disclosure Vulnerability (CVE-2015-1677) MS Rating: Important
An information disclosure vulnerability exists when the Windows kernel-mode driver leaks private address information during a function call, which could allow the disclosure of kernel memory contents, revealing information about the system to an attacker.
Microsoft Windows Kernel Memory Disclosure Vulnerability (CVE-2015-1678) MS Rating: Important
An information disclosure vulnerability exists when the Windows kernel-mode driver leaks private address information during a function call, which could allow the disclosure of kernel memory contents, revealing information about the system to an attacker.
Microsoft Windows Kernel Memory Disclosure Vulnerability (CVE-2015-1679) MS Rating: Important
An information disclosure vulnerability exists when the Windows kernel-mode driver leaks private address information during a function call, which could allow the disclosure of kernel memory contents, revealing information about the system to an attacker.
Microsoft Windows Kernel Memory Disclosure Vulnerability (CVE-2015-1680) MS Rating: Important
An information disclosure vulnerability exists when the Windows kernel-mode driver leaks private address information during a function call, which could allow the disclosure of kernel memory contents, revealing information about the system to an attacker.
Win32k Elevation of Privilege Vulnerability (CVE-2015-1701) MS Rating: Important
An elevation of privilege vulnerability exists when Windows kernel-mode drivers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
-
MS15-052 Vulnerability in Windows Kernel Could Allow Security Feature Bypass (3050514)
Windows Kernel Security Feature Bypass Vulnerability (CVE-2015-1674) MS Rating: Important
A security feature bypass vulnerability exists when the Windows kernel fails to properly validate which mode the request comes from, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could then retrieve the base address of cng.sys from a compromised process.
-
MS15-053 Vulnerability in VBScript Scripting Engine Could Allow Security Feature Bypass (3057263)
VBScript ASLR Bypass (CVE-2015-1684) MS Rating: Important
A security feature bypass exists when the VBScript engine, when rendered in Internet Explorer, does not use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. An attacker can use the ASLR bypass in conjunction with another vulnerability to run arbitrary code.
VBScript and JScript ASLR Bypass (CVE-2015-1686) MS Rating: Important
A security feature bypass exists when the JScript and VBScript engines, when rendered in Internet Explorer, do not use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. An attacker can use the ASLR bypass in conjunction with another vulnerability to run arbitrary code.
-
MS15-054 Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service (3051768)
Microsoft Management Console File Format Denial of Service Vulnerability (CVE-2015-1681) MS Rating: Important
A denial of service vulnerability exists when Windows attempts to access a specially crafted .msc file to retrieve the icon information and then fails to properly validate a destination buffer.
-
MS15-055 Vulnerability in Schannel Could Allow Information Disclosure (3061518)
Schannel Information Disclosure Vulnerability (CVE-2015-1716) MS Rating: Important
An information disclosure vulnerability exists in Secure Channel (Schannel) when it allows the use of a weak Diffie-Hellman ephemeral (DFE) key length of 512 bits in an encrypted TLS session. Allowing 512-bit DHE keys makes DHE key exchanges weak and vulnerable to various attacks.
More information on the vulnerabilities being addressed this month is available at Symantec's free SecurityFocus portal and to our customers through the DeepSight Threat Management System.