Virtual Administrator’s July 2015 Patch ...

Virtual Administrator’s July 2015 Patch Recommendations

14 Security Bulletins were released – 4 Critical, 10 Important, and 0 Moderate

This Month In Brief

14 Security Bulletins were released – 4 Critical, 10 Important

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

MS15-065, MS15-066, MS15-067 and MS15-068 are rated Critical. After your next patch cycle completes you should follow up and make sure these are installed. MS15-065, MS15-070 and MS15-077 are being actively exploited.

Last month’s mysteriously missing security bulletin MS15-058 was released this month and addresses vulnerabilities in SQL Server that could allow remote code execution. it is rated Important and does have a number of Known Issues. However those issues are for the most part cosmetic. (see:https://support.microsoft.com/en-us/kb/3065718#/en-us/kb/3065718)

No out-of-band security updates were released during the last month.

Notable news: Microsoft officially ended support for Windows Server 2003 on July 14, 2015
http://www.microsoft.com/en-us/server-cloud/products/windows-server-2003/

“Protect Your End-of-Life Windows Server 2003 Operating System”
http://www.symantec.com/content/en/us/enterprise/white_papers/b-protect-your-eol-windows-server-wp-21345142-en-us.pdf

“Tripwire Announces SecureCheq for Windows Server 2003”
http://www.bloomberg.com/article/2015-07-09/a_BvZaDeclIY.html

Exploitability

Requires Restart

  • Servers:True
  • Workstations:True

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS15-065 Security Update for Internet Explorer (3076321) (Internet Explorer) The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Details
MS15-066 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604) (Microsoft Windows) The vulnerability could allow remote code execution if a user visits a specially crafted website.
Details
MS15-067 Vulnerability in RDP Could Allow Remote Code Execution (3073094) (Microsoft Windows) The vulnerability could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system with Remote Desktop Protocol (RDP) enabled.
Details
MS15-068 Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000) (Microsoft Windows) The vulnerabilities could allow remote code execution in a host context if a specially crafted application is run by an authenticated and privileged user on a guest virtual machine hosted by Hyper-V.
Details

IMPORTANT

MS15-058 Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718) (Microsoft SQL Server) The most severe vulnerabilities could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address, leading to a function call to uninitialized memory.
Details
MS15-069 Vulnerabilities in Windows Could Allow Remote Code Execution (3072631) (Microsoft Windows) The vulnerabilities could allow Remote Code Execution if an attacker first places a specially crafted dynamic link library (DLL) file in the target user’s current working directory and then convinces the user to open an RTF file or to launch a program that is designed to load a trusted DLL file but instead loads the attacker’s specially crafted DLL file.
Details
MS15-070 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3072620) (Microsoft Office) The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.
Details
MS15-071 Vulnerability in Netlogon Could Allow Elevation of Privilege (3068457) (Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker with access to a primary domain controller (PDC) on a target network runs a specially crafted application to establish a secure channel to the PDC as a backup domain controller (BDC).
Details
MS15-072 Vulnerability in Windows Graphics Component Could Allow Elevation of Privilege (3069392) (Microsoft Windows) The vulnerability could allow elevation of privilege if Windows Graphics component fails to properly process bitmap conversions.
Details
MS15-073 Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102) (Microsoft Windows) The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
Details
MS15-074 Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (3072630) (Microsoft Windows) The vulnerability could allow elevation of privilege if the Windows Installer service improperly runs custom action scripts.
Details
MS15-075 Vulnerabilities in OLE Could Allow Elevation of Privilege (3072633) (Microsoft Windows) The vulnerabilities could allow elevation of privilege if used in conjunction with another vulnerability that allows arbitrary code to be run.
Details
MS15-076 Vulnerability in Windows Remote Procedure Call Could Allow Elevation of Privilege (3067505) (Microsoft Windows) The vulnerability, which exists in Windows Remote Procedure Call (RPC) authentication, could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
Details
MS15-077 Vulnerability in ATM Font Driver Could Allow Elevation of Privilege (3077657) (Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker logs on to a target system and runs a specially crafted application.
Details

Leave a reply

Copyright © 2007-2017 Network Depot LLC DBA Virtual Administrator. All Rights Reserved.