Virtual Administrator’s June 2015 Patch Recommendations

8 Security Bulletins were released – 2 Critical, 6 Important, and 0 Moderate

This Month In Brief

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

MS15-056 and MS15-057 are rated Critical. MS15-059 is rated Important but many feel it should have been rated Critical. This is a Microsoft Office vulnerability. After your next patch cycle completes you should follow up and make sure these are installed.

No out-of-band security updates were released during the last month.

Heads Up! on KB3050265 – Windows Update Client for Windows 7: June 2015
SaaS partners be sure to approve this patch. A problem with poor performance and failed patch scan results was traced to an issue with Windows Update Agent. Microsoft just released KB3050265 for this. It is listed in patch policy under “Update (Optional – Software)”. However because the patch scanning is affected we can’t be sure Kaseya (which leverages WUA) will properly deploy the patch on all end points. Therefore we created an agent procedure to deploy it. On-premise partners will find this in the VA Scripts> Patch Deployment Folder. SaaS partners can download this from our ClubMSP site.

Windows Update Client for Windows 7: June 2015
https://support.microsoft.com/en-us/kb/3050265

If you find problematic machines down the road use the script.
Patch scans results do not update to the UI. Error: hr=8007000E
https://helpdesk.kaseya.com/entries/94029877-Patch-scans-results-do-not-update-to-the-UI-Error-hr-8007000E

Mystery – You may notice there is no MS15-058 this month. Everyone’s best guess is Microsoft intended to release this but pulled back at the last minute. If this is the case we will likely get an out-of-band patch soon.

Exploitability

• Publically disclosed: None
• Being exploited: None
• Rated CRITICAL: MS15-056, MS15-057
• (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)

Requires Restart

• Servers:True
• Workstations:True

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

	MS15-056 Cumulative Security Update for Internet Explorer (3058515)	(Internet Explorer) The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. Details KB in Kaseya: KB3058515 Affected Software: Internet Explorer 6-11 Known Issues per MS:
	MS15-057 Vulnerability in Windows Media Player Could Allow Remote Code Execution (3033890)	(Microsoft Windows) The vulnerability could allow remote code execution if Windows Media Player opens specially crafted media content that is hosted on a malicious website. Details KB in Kaseya: KB3033890 Affected Software: Vista, Windows 7, Server 2003/2008/2008R2 Known Issues per MS:

IMPORTANT

	MS15-059 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3064949)	(Microsoft Office) The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. Details KB in Kaseya: KB2863812, KB2863817, KB3039749, KB3039782 Affected Software: Office 2007/2010/2013 Known Issues per MS: https://support.microsoft.com/en-us/kb/3064949
	MS15-060 Vulnerability in Microsoft Common Controls Could Allow Remote Code Execution (3059317)	(Microsoft Windows) The vulnerability could allow remote code execution if a user clicks a specially crafted link, or a link to specially crafted content, and then invokes F12 Developer Tools in Internet Explorer. Details KB in Kaseya: KB3059317 Affected Software: Vista, Windows 7/8/8.1, Server 2008/2008R2/2012/2012R2, Windows RT Known Issues per MS:
	MS15-061 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057839)	(Microsoft Windows) The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. Details KB in Kaseya: KB3057839 Affected Software: Vista, Windows 7/8/8.1, Server 2003/2008/2008R2/2012/2012R2, Windows RT Known Issues per MS:
	MS15-062 Vulnerability in Active Directory Federation Services Could Allow Elevation of Privilege (3062577)	(Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker submits a specially crafted URL to a target site. Details KB in Kaseya: KB3062577 Affected Software: Server 2008/2008R2/2012 Known Issues per MS:
	MS15-063 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (3063858)	(Microsoft Windows) The vulnerability could allow elevation of privilege if an attacker places a malicious .dll file in a local directory on the machine or on a network share. Details KB in Kaseya: KB3063858 Affected Software: Vista, Windows 7/8, Server 2008/2008R2/2012, Windows RT Known Issues per MS:
	MS15-064 Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3062157)	(Microsoft Exchange) The most severe of the vulnerabilities could allow elevation of privilege if an authenticated user clicks a link to a specially crafted webpage. Details KB in Kaseya: KB3062157 Affected Software: Exchange 2013 Known Issues per MS: