Skip to content

Virtual Administrator’s July 2015 Patch Recommendations

14 Security Bulletins were released – 4 Critical, 10 Important, and 0 Moderate

This Month In Brief

14 Security Bulletins were released – 4 Critical, 10 Important

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

MS15-065, MS15-066, MS15-067 and MS15-068 are rated Critical. After your next patch cycle completes you should follow up and make sure these are installed. MS15-065, MS15-070 and MS15-077 are being actively exploited.

Last month’s mysteriously missing security bulletin MS15-058 was released this month and addresses vulnerabilities in SQL Server that could allow remote code execution. it is rated Important and does have a number of Known Issues. However those issues are for the most part cosmetic. (see:https://support.microsoft.com/en-us/kb/3065718#/en-us/kb/3065718)

No out-of-band security updates were released during the last month.

Notable news: Microsoft officially ended support for Windows Server 2003 on July 14, 2015
http://www.microsoft.com/en-us/server-cloud/products/windows-server-2003/

“Protect Your End-of-Life Windows Server 2003 Operating System”
http://www.symantec.com/content/en/us/enterprise/white_papers/b-protect-your-eol-windows-server-wp-21345142-en-us.pdf

“Tripwire Announces SecureCheq for Windows Server 2003”
http://www.bloomberg.com/article/2015-07-09/a_BvZaDeclIY.html

Exploitability

Requires Restart

  • Servers:True
  • Workstations:True

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS15-065 Security Update for Internet Explorer (3076321) (Internet Explorer) The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Details
KB in Kaseya: KB3065822
Affected Software: Internet Explorer 6-11
Known Issues per MS:
MS15-066 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604) (Microsoft Windows) The vulnerability could allow remote code execution if a user visits a specially crafted website.
Details
KB in Kaseya: KB3068404, KB3068364, KB3068368
Affected Software: Vista, Server 2003/2008
Known Issues per MS:
MS15-067 Vulnerability in RDP Could Allow Remote Code Execution (3073094) (Microsoft Windows) The vulnerability could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system with Remote Desktop Protocol (RDP) enabled.
Details
KB in Kaseya: KB3067904, KB3069762
Affected Software: Windows 7, Server 2008/2012
Known Issues per MS:
MS15-068 Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000) (Microsoft Windows) The vulnerabilities could allow remote code execution in a host context if a specially crafted application is run by an authenticated and privileged user on a guest virtual machine hosted by Hyper-V.
Details
KB in Kaseya: KB3046339
Affected Software: Windows 8/8.1, Server 2008/2008R2/2012/2012R2
Known Issues per MS:

IMPORTANT

MS15-058 Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718) (Microsoft SQL Server) The most severe vulnerabilities could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address, leading to a function call to uninitialized memory.
Details
KB in Kaseya: KB3045305, KB3045311, KB3045313, KB3045316, KB3045318, KB3045321, KB3045324
Affected Software: SQL Server 2008/2008R2,2012,2014
Known Issues per MS: https://support.microsoft.com/en-us/kb/3065718#/en-us/kb/3065718
MS15-069 Vulnerabilities in Windows Could Allow Remote Code Execution (3072631) (Microsoft Windows) The vulnerabilities could allow Remote Code Execution if an attacker first places a specially crafted dynamic link library (DLL) file in the target user’s current working directory and then convinces the user to open an RTF file or to launch a program that is designed to load a trusted DLL file but instead loads the attacker’s specially crafted DLL file.
Details
KB in Kaseya: KB3061512, KB3067903, KB3070738
Affected Software: Vista, Windows 7/8.1, Server 2003/2008/2008R2/2012R2, Windows RT
Known Issues per MS:
MS15-070 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3072620) (Microsoft Office) The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.
Details
KB in Kaseya: KB2837612, KB2965208, KB2965209, KB2965281, KB2965283, KB3054861, KB3054949, KB3054958, KB3054963, KB3054968, KB3054973, KB3054981, KB3054990, KB3054996, KB3054999, KB3073865
Affected Software: Office 2000/2007/2010/2013/2013RT, SharePoint Server 2007/2010/2013, Office 2011 for MAC
Known Issues per MS:
MS15-071 Vulnerability in Netlogon Could Allow Elevation of Privilege (3068457) (Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker with access to a primary domain controller (PDC) on a target network runs a specially crafted application to establish a secure channel to the PDC as a backup domain controller (BDC).
Details
KB in Kaseya: KB3068457
Affected Software: Server 2003/2008/2008R2/2012/2012R2
Known Issues per MS:
MS15-072 Vulnerability in Windows Graphics Component Could Allow Elevation of Privilege (3069392) (Microsoft Windows) The vulnerability could allow elevation of privilege if Windows Graphics component fails to properly process bitmap conversions.
Details
KB in Kaseya: KB3069392
Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT
Known Issues per MS:
MS15-073 Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102) (Microsoft Windows) The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
Details
KB in Kaseya: KB3070102
Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT
Known Issues per MS:
MS15-074 Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (3072630) (Microsoft Windows) The vulnerability could allow elevation of privilege if the Windows Installer service improperly runs custom action scripts.
Details
KB in Kaseya: KB3072630
Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT
Known Issues per MS:
MS15-075 Vulnerabilities in OLE Could Allow Elevation of Privilege (3072633) (Microsoft Windows) The vulnerabilities could allow elevation of privilege if used in conjunction with another vulnerability that allows arbitrary code to be run.
Details
KB in Kaseya: KB3072633
Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT
Known Issues per MS:
MS15-076 Vulnerability in Windows Remote Procedure Call Could Allow Elevation of Privilege (3067505) (Microsoft Windows) The vulnerability, which exists in Windows Remote Procedure Call (RPC) authentication, could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
Details
KB in Kaseya: KB3067505
Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT
Known Issues per MS:
MS15-077 Vulnerability in ATM Font Driver Could Allow Elevation of Privilege (3077657) (Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker logs on to a target system and runs a specially crafted application.
Details
KB in Kaseya: KB3077657
Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT
Known Issues per MS:
Scroll To Top