14 Security Bulletins were released – 4 Critical, 10 Important, and 0 Moderate
This Month In Brief
14 Security Bulletins were released – 4 Critical, 10 Important
We have not uncovered any widespread problems with any of these patches and are releasing all of them.
MS15-065, MS15-066, MS15-067 and MS15-068 are rated Critical. After your next patch cycle completes you should follow up and make sure these are installed. MS15-065, MS15-070 and MS15-077 are being actively exploited.
Last month’s mysteriously missing security bulletin MS15-058 was released this month and addresses vulnerabilities in SQL Server that could allow remote code execution. it is rated Important and does have a number of Known Issues. However those issues are for the most part cosmetic. (see:https://support.microsoft.com/en-us/kb/3065718#/en-us/kb/3065718)
No out-of-band security updates were released during the last month.
Notable news: Microsoft officially ended support for Windows Server 2003 on July 14, 2015
http://www.microsoft.com/en-us/server-cloud/products/windows-server-2003/
“Protect Your End-of-Life Windows Server 2003 Operating System”
http://www.symantec.com/content/en/us/enterprise/white_papers/b-protect-your-eol-windows-server-wp-21345142-en-us.pdf
“Tripwire Announces SecureCheq for Windows Server 2003”
http://www.bloomberg.com/article/2015-07-09/a_BvZaDeclIY.html
Exploitability
- Publically disclosed: None
- Being exploited: MS15-065, MS15-070, MS15-077
- Rated CRITICAL: MS15-065, MS15-066, MS15-067, MS15-068
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)
Requires Restart
- Servers:True
- Workstations:True
New Security Bulletins
(MS#/Affected Software/Type)
CRITICAL
 |
MS15-065 Security Update for Internet Explorer (3076321) | (Internet Explorer) The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. |
|
MS15-066 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604) | (Microsoft Windows) The vulnerability could allow remote code execution if a user visits a specially crafted website. |
|
MS15-067 Vulnerability in RDP Could Allow Remote Code Execution (3073094) | (Microsoft Windows) The vulnerability could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system with Remote Desktop Protocol (RDP) enabled. |
|
MS15-068 Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000) | (Microsoft Windows) The vulnerabilities could allow remote code execution in a host context if a specially crafted application is run by an authenticated and privileged user on a guest virtual machine hosted by Hyper-V. |
IMPORTANT
 |
MS15-058 Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718) | (Microsoft SQL Server) The most severe vulnerabilities could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address, leading to a function call to uninitialized memory. |
|
MS15-069 Vulnerabilities in Windows Could Allow Remote Code Execution (3072631) | (Microsoft Windows) The vulnerabilities could allow Remote Code Execution if an attacker first places a specially crafted dynamic link library (DLL) file in the target user’s current working directory and then convinces the user to open an RTF file or to launch a program that is designed to load a trusted DLL file but instead loads the attacker’s specially crafted DLL file. |
|
MS15-070 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3072620) | (Microsoft Office) The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. |
|
MS15-071 Vulnerability in Netlogon Could Allow Elevation of Privilege (3068457) | (Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker with access to a primary domain controller (PDC) on a target network runs a specially crafted application to establish a secure channel to the PDC as a backup domain controller (BDC). |
|
MS15-072 Vulnerability in Windows Graphics Component Could Allow Elevation of Privilege (3069392) | (Microsoft Windows) The vulnerability could allow elevation of privilege if Windows Graphics component fails to properly process bitmap conversions. |
|
MS15-073 Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102) | (Microsoft Windows) The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. |
|
MS15-074 Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (3072630) | (Microsoft Windows) The vulnerability could allow elevation of privilege if the Windows Installer service improperly runs custom action scripts. |
|
MS15-075 Vulnerabilities in OLE Could Allow Elevation of Privilege (3072633) | (Microsoft Windows) The vulnerabilities could allow elevation of privilege if used in conjunction with another vulnerability that allows arbitrary code to be run. |
|
MS15-076 Vulnerability in Windows Remote Procedure Call Could Allow Elevation of Privilege (3067505) | (Microsoft Windows) The vulnerability, which exists in Windows Remote Procedure Call (RPC) authentication, could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. |
|
MS15-077 Vulnerability in ATM Font Driver Could Allow Elevation of Privilege (3077657) | (Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker logs on to a target system and runs a specially crafted application. |
