8 Security Bulletins were released – 1 Critical, 7 Important, and 0 Moderate
This Month In Brief
We have not uncovered any widespread problems with any of these patches and are releasing all of them.
MS15-002 is rated Critical. After your next patch cycle completes you should follow up and make sure it is installed.
No out-of-band updates were released during the last month.
Update on past patches: MS14-080/KB3008923 “Cumulative Security Update for Internet Explorer”
KB3008923 caused problems with IE11 and IE 9 – see below. The fix for IE11 was released as KB3025390 and can be deployed through WSUS and Kaseya patch management. It has been approved in our patch policies. The fix for IE9 (KB3025945) can be manually downloaded at the Microsoft Update Catalog (http://catalog.update.microsoft.com/v7/site/Home.aspx) by searching for KB3025945.
ClubMSP has a script to deploy KB3025945 available as a free download here:
Windows 7 Service Pack 1 (SP1)/Windows Server 2008 R2 (SP1) – http://clubmsp.com/msp/script/ie9-kb3025945-silent-install-win72008-r2/
Windows Server 2008 Service Pack 2 (SP2) – http://clubmsp.com/msp/script/ie9-kb3025945-silent-install-win-2008/
“Some web application modal dialog boxes don’t work correctly in Internet Explorer 11 after you install update 3008923” – http://support2.microsoft.com/default.aspx?scid=kb;en-us;3025390
“Internet Explorer 9 stops working after you install update 3008923 in Windows” – http://support2.microsoft.com/kb/3025945/en-us?sd=rss
Notable news: Windows 7 mainstream support ends
Windows 7 went out of mainstream support on January 13, 2015. Windows 7 will still receive security updates until January 14, 2020
Windows lifecycle fact sheet
- Publically disclosed: None
- Being exploited: None
- Rated CRITICAL: MS15-002
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)
New Security Bulletins
|MS15-002 Vulnerability in Windows Telnet Service Could Allow Remote Code Execution (3020393)||(Microsoft Windows) The vulnerability could allow remote code execution if an attacker sends specially crafted packets to an affected Windows server.
|MS15-001 Vulnerability in Windows Application Compatibility Cache Could Allow Elevation of Privilege (3023266)||(Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.
|MS15-003 Vulnerability in Windows User Profile Service Could Allow Elevation of Privilege (3021674)||(Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.
|MS15-004 Vulnerability in Windows Components Could Allow Elevation of Privilege (3025421)||(Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker convinces a user to run a specially crafted application.
|MS15-005 Vulnerability in Network Location Awareness Service Could Allow Security Feature Bypass (3022777)||(Microsoft Windows) The vulnerability could allow security feature bypass by unintentionally relaxing the firewall policy and/or configuration of certain services when an attacker on the same network as the victim spoofs responses to DNS and LDAP traffic initiated by the victim.
|MS15-006 Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)||(Windows Error Reporting ) The vulnerability could allow security feature bypass if successfully exploited by an attacker. An attacker who successfully exploited this vulnerability could gain access to the memory of a running process.
|MS15-007 Vulnerability in Network Policy Server RADIUS Implementation Could Cause Denial of Service (3014029)||(Microsoft Windows) The vulnerability could allow denial of service on an Internet Authentication Service (IAS) or Network Policy Server (NPS) if an attacker sends specially crafted username strings to the IAS or NPS.
|MS15-008 Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3019215)||(Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application on an affected system. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability.