Microsoft has released a set of updates for its products, February 2015

    Microsoft has updated its products with three Critical and six Important updates. Windows, Internet Explorer, Office, and Server software products were fixed; 56 vulnerabilities were fixed for them, and 41 vulnerabilities were fixed in IE ( MS15-009 ). This is the maximum number of vulnerabilities that have been closed for this browser over the past few years. Most of these vulnerabilities are of the Remote Code Execution type and can be used by attackers to conduct drive-by download attacks. One of IE's closed vulnerabilities (CVE-2015-0071) is used by cybercriminals in targeted attacks to bypass the ASLR security mechanism .

    Update MS15-009fixes 41 vulnerabilities in IE 6-11. Most of the fixed vulnerabilities are of the Remote Code Execution (RCE) type and can be used by cybercriminals to install malware using a specially crafted web page. The following vulnerabilities are an exception.

    ASLR bypass vulnerabilities can only be used by attackers in conjunction with other RCE vulnerabilities in IE and make the exploit more reliable by providing information about addresses in memory. Critical. Exploitation detected .

    Update MS15-010 fixes six vulnerabilities of various types in kernel-mode drivers (Windows 2003 Server - 8.1 / RT 8.1).

    Vulnerability CVE-2015-0059 is very dangerous because it allows attackers to remotely execute code in kernel mode. For this purpose, a specially formed font file can be placed on a resource on the network. Exploitation of this vulnerability allows to execute shellcode from a font file directly in kernel mode ( user mode restrictions bypass ). Critical. Exploitation Less Likely .

    The MS15-011 update fixes one CVE-2015-0008 vulnerability of the Remoe Code Execution type in the Group Policy engine. Using this vulnerability, an attacker can remotely execute code on a vulnerable system by luring a user to a malicious website on a network that is under attacker's control. Critical. Exploitation More Likely.

    The MS15-012 update fixes three vulnerabilities in all supported versions of Office 2007-2010-2013. Vulnerabilities in Word & Excel allow attackers to remotely execute their code through a specially crafted Office document. To exploit the vulnerability, such a document could be sent to the victim in an email attachment. Important Exploitation More Likely .

    Update MS15-013fixes one vulnerability like Security Feature Bypass (SFB) CVE-2014-6362 (use-after-free) in all supported versions of Office. The vulnerability allows attackers to bypass ASLR (ASLR bypass) and develop more stable exploits for remote code execution through Office or IE. For the newest version of Office 2013, Otkloadr_msosec.dll (x64), Msosec.dll, Msvcr71.dll, Otkloadr.dll are subject to updating. Important Exploitation More Likely .

    The MS15-014 update fixes one CVB-2015-0009 SFB vulnerability in the Group Policy component (Windows 2003 Server - 8.1 / RT 8.1). Using the Man-in-the-Middle attack mechanism, an attacker can compromise a domain controller. Important Exploitation Less Likely .

    The MS15-015 update fixes one CVE-2015-0062 vulnerability like Elevation of Privilege in the Windows kernel (ntoskrnl.exe & hal.dll). An attacker can increase his privileges in the system due to a flaw in the function of creating processes (WIndows 7 - Windows 8.1 / RT 8.1). Important Exploitation Less Likely .

    The MS15-016 update fixes one vulnerability CVE-2015-0061 of the Information Disclosure type in the component for processing TIFF graphic files in Windows 2003 Server - 8.1 / RT 8.1. An attacker can gain unauthorized access to information of a user (client) when placing a specially crafted TIFF file on a web resource. Important Exploitation Less Likely .

    Update MS15-017fixes one vulnerability CVE-2015-0012 of type Elevation of Privilege in the Virtual Machine Manager (VMM) component for System Center Virtual Machine Manager. Using a vulnerability, an attacker can elevate his privileges in the system to the SYSTEM level. Important Exploitation Less Likely .

    0 - Exploitation Detected
    Vulnerability exploited in-the-wild. That is, it has been established that attackers used the exploit for this vulnerability to successfully attack users. Highest hazard index.

    1 - Exploitation More Likely The
    probability of exploiting the vulnerability is very high, attackers can use the exploit, for example, to remotely execute code.

    2 - Exploitation Less Likely
    The likelihood of exploitation is average, since attackers are unlikely to be able to achieve a sustainable exploitation situation, as well as due to the technical features of the vulnerability and the complexity of the exploit development.

    3 - Exploit code unlikely The
    probability of exploitation is minimal and attackers are unlikely to be able to develop successfully working code and use this vulnerability to conduct an attack.

    We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).

    be secure.

    Also popular now: