Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing 12 bulletins covering a total of 52 vulnerabilities. Twenty of this month's issues are rated 'Critical'.
-
MS15-094 Cumulative Security Update for Internet Explorer (3089548)
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2485) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2486) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2487) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2493) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2490) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2491) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2492) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2498) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2499) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2500) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2501) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2541) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2015-2542) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Elevation of Privilege Vulnerability (CVE-2015-2489) MS Rating: Important
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing a script to be run with elevated privileges.
Internet Explorer Information Disclosure Vulnerability (CVE-2015-2483) MS Rating: Important
An information disclosure vulnerability exists when Internet Explorer improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer. The update addresses the vulnerability by changing the way certain functions handle objects in memory.
Internet Explorer Tampering Vulnerability (CVE-2015-2484) MS Rating: Important
A tampering vulnerability exists when Internet Explorer accesses a file with an improper flag that in turn permits a file operation. This could allow a low privilege process to delete arbitrary files on the local system. This update addresses the vulnerability by properly masking this flag off.
Memory Corruption Vulnerability (CVE-2015-2494) MS Rating: Critical
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2015-2542) MS Rating: Critical
A remote code execution vulnerability exists in the way that the VBScript and JScript engines, when rendered in Internet Explorer, handle objects in memory. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
-
MS15-095 Cumulative Security Update for Microsoft Edge (3089665)
Memory Corruption Vulnerability (CVE-2015-2485) MS Rating: Critical
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Memory Corruption Vulnerability (CVE-2015-2486) MS Rating: Critical
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Memory Corruption Vulnerability (CVE-2015-2494) MS Rating: Critical
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Memory Corruption Vulnerability (CVE-2015-2542) MS Rating: Critical
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
-
MS15-096 Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)
Active Directory Denial of Service Vulnerability (CVE-2015-2535) MS Rating: Important
A denial of service vulnerability exists in Active Directory when an authenticated attacker creates multiple machine accounts. An attacker who successfully exploited this vulnerability could cause the Active Directory service to become non-responsive.
-
MS15-097 Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656)
OpenType Font Parsing Vulnerability (CVE-2015-2506) MS Rating: Important
A denial of service vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. An attacker who successfully exploited the vulnerability could crash the affected system.
Font Driver Elevation of Privilege Vulnerability (CVE-2015-2507) MS Rating: Important
An elevation of privilege vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code and take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Font Driver Elevation of Privilege Vulnerability (CVE-2015-2508) MS Rating: Important
An elevation of privilege vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code and take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Font Driver Elevation of Privilege Vulnerability (CVE-2015-2512) MS Rating: Important
An elevation of privilege vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code and take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Font Parsing Remote Code Execution Vulnerability (CVE-2015-2510) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when components of Windows, Office, and Lync improperly handle specially crafted OpenType fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Win32k Memory Corruption Elevation of Privilege Vulnerability (CVE-2015-2511) MS Rating: Important
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Win32k Memory Corruption Elevation of Privilege Vulnerability (CVE-2015-2517) MS Rating: Important
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Win32k Memory Corruption Elevation of Privilege Vulnerability (CVE-2015-2518) MS Rating: Important
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Win32k Memory Corruption Elevation of Privilege Vulnerability (CVE-2015-2546) MS Rating: Important
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Win32k Elevation of Privilege Vulnerability (CVE-2015-2527) MS Rating: Important
An elevation of privilege vulnerability exists when the Windows kernel mode driver (Win32k.sys) fails to properly validate and enforce integrity levels during certain process initialization scenarios. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Kernel ASLR Bypass Vulnerability (CVE-2015-2529) MS Rating: Important
A security feature bypass vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. This issue affects all supported Windows operating systems and is considered to be an Important-class Security Feature Bypass (SFB).
-
MS15-098 Vulnerabilities in Windows Journal Could Allow Remote Code Execution (3089669)
Windows Journal RCE Vulnerability (CVE-2015-2513) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Windows Journal RCE Vulnerability (CVE-2015-2514) MS Rating: Moderate
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Windows Journal Integer Overflow RCE Vulnerability (CVE-2015-2519) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Windows Journal RCE Vulnerability (CVE-2015-2530) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Windows Journal DoS Vulnerability (CVE-2015-2516) MS Rating: Low
A denial-of-service vulnerability exists in Windows Journal when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause data loss on the target system. The denial-of -service would not allow an attacker to execute code or to elevate their user rights.
-
MS15-099 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Important (3089664)
Microsoft Office Memory Corruption Vulnerability (CVE-2015-2520) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory.
Microsoft Office Memory Corruption Vulnerability (CVE-2015-2521) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory.
Microsoft Office Memory Corruption Vulnerability (CVE-2015-2523) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory.
Microsoft SharePoint XSS Spoofing Vulnerability (CVE-2015-2522) MS Rating: Important
A cross-site scripting (XSS) vulnerability, which could result in spoofing, exists when SharePoint fails to properly sanitize user-supplied web requests. An attacker who successfully exploited this vulnerability could perform persistent cross-site scripting attacks and run script (in the security context of the logged-on user) with malicious content that appears authentic. This could allow the attacker to steal sensitive information, including authentication cookies and recently submitted data.
Microsoft Office Malformed EPS File Vulnerability (CVE-2015-2545) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Such a file could also be included in an email attachment. An attacker could exploit the vulnerability by constructing a specially crafted EPS file that could allow a remote code execution. An attacker who successfully exploited this vulnerability could take control of the affected system.
-
MS15-100 Vulnerability in Windows Media Center Could Allow Remote Code Execution (3087918)
Windows Media Center RCE Vulnerability (CVE-2015-2509) MS Rating: Critical
A vulnerability exisits in Windows Media Center that could allow a remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
-
MS15-101 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662)
.NET Elevation of Privilege Vulnerability (CVE-2015-2504) MS Rating: Important
An elevation of privilege vulnerability exists in the way that the .NET Framework validates the number of objects in memory before copying those objects into an array. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MVC Denial of Service Vulnerability (CVE-2015-2526) MS Rating: Important
A denial of service vulnerability exists that is caused when .NET fails to properly handle certain specially crafted requests. An attacker who successfully exploited this vulnerability could send a small number of specially crafted requests to an ASP.NET server, causing performance to degrade significantly enough to cause a denial of service condition.
-
MS15-102 Vulnerability in Windows Task Management Could Allow Elevation of Privilege (3089657)
Windows Task Management Elevation of Privilege Vulnerability (CVE-2015-2524) MS Rating: Important
An elevation of privilege vulnerability exists when Microsoft Windows fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security checks and gain elevated privileges on a targeted system.
Windows Task File Deletion Elevation of Privilege Vulnerability (CVE-2015-2525) MS Rating: Important
An elevation of privilege vulnerability exists in Windows Task Scheduler when it improperly verifies certain file system interactions. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Windows Task Management Elevation of Privilege Vulnerability (CVE-2015-2528) MS Rating: Important
An elevation of privilege vulnerability exists when Microsoft Windows fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security checks and gain elevated privileges on a targeted system.
-
MS15-103 Vulnerability in Microsoft Exchange Server Could Allow Information Disclosure (3089250)
Exchange Information Disclosure Vulnerability (CVE-2015-2505) MS Rating: Important
An information disclosure vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web server requests. An attacker who successfully exploited the vulnerability could discover stacktrace details.
Exchange Spoofing Vulnerability (CVE-2015-2543) MS Rating: Important
A spoofing vulnerability exists in Microsoft Exchange Server when OWA does not properly sanitize specially crafted email. An authenticated attacker could exploit the vulnerability by sending a specially crafted email to a user. An attacker could then perform HTML injection attacks on affected systems, and attempt to trick the user into disclosing sensitive information.
Exchange Spoofing Vulnerability (CVE-2015-2544) MS Rating: Important
A spoofing vulnerability exists in Microsoft Exchange Server when OWA does not properly sanitize specially crafted email. An authenticated attacker could exploit the vulnerability by sending a specially crafted email to a user. An attacker could then perform HTML injection attacks on affected systems, and attempt to trick the user into disclosing sensitive information.
-
MS15-104 Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege (3089952)
Skype for Business and Lync Server XSS Information Disclosure Vulnerability (CVE-2015-2531) MS Rating: Important
A cross-site scripting (XSS) vulnerability, which could result in information disclosure, exists when the jQuery engine in Skype for Business or in Lync Server fails to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user's browser to obtain information from web sessions.
Lync Server XSS Information Disclosure Vulnerability (CVE-2015-2532) MS Rating: Important
A cross-site scripting (XSS) vulnerability, which could result in information disclosure, exists when Lync Server fail to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user's browser to obtain information from web sessions.
Skype for Business and Lync Server XSS Elevation of Privilege Vulnerability (CVE-2015-2536) MS Rating: Important
A cross-site scripting (XSS) vulnerability, which could result in elevation of privileges, exists when Skype for Business or Lync Server fails to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
-
MS15-105 Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287)
Hyper-V Security Feature Bypass Vulnerability (CVE-2015-2534) MS Rating: Important
A security feature bypass vulnerability exists in Windows Hyper-V when access control list (ACL) configuration settings are not applied correctly. To exploit the vulnerability, an attacker could run a specially crafted application that could cause Hyper-V to allow unintended network traffic. Customers who have not enabled the Hyper-V role are not affected. The security update addresses the vulnerability by correcting how Hyper-V applies ACL configuration settings.
More information on the vulnerabilities being addressed this month is available at Symantec's free SecurityFocus portal and to our customers through the DeepSight Threat Management System.