Advisory Date: 14 de lipca de 2015

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its batch of patches for July 2015:

  • (MS15-058) Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718)
    Risk Rating: Important

    This security update resolves vulnerabilities in several versions of Microsoft SQL Server. These vulnerabilities, when exploited, may allow remote code execution.


  • (MS15-065) Security Update for Internet Explorer (3076321)
    Risk Rating: Critical

    This security update resolves several vulnerabilities in several versions of Internet Explorer installed on various Windows operating systems. The vulnerabilities could allow remote code execution if exploited successfully by an attacker.


  • (MS15-066) Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604)
    Risk Rating: Critical

    This security update resolves a vulnerability in the Windows VB Scripting Engine. Users with administrator rights that are currently logged on in a vulnerable system are most affected by attacks leveraging this vulnerability.


  • (MS15-067) Vulnerability in RDP Could Allow Remote Code Execution (3073094)
    Risk Rating: Critical

    This security update resolves several vulnerabilities in Windows operating systems that have Remote Desktop Protocol (RDP) enabled. The vulnerability, when exploited successfully, could allow remote attackers to execute code on the vulnerable system.


  • (MS15-068) Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution on the vulnerable system. An attacker must have valid logon credentials on a guest Hyper-V machine in the vulnerable system in order to successfully exploit this vulnerability.


  • (MS15-069) Vulnerabilities in Windows Could Allow Remote Code Execution (3072631)
    Risk Rating: Important

    This security bulletin issues updates on several vulnerabilities in Windows. The vulnerabilities could allow remote code execution on the vulnerable system. An attacker issues a specially crafted .DLL file to exploit these vulnerabilities.


  • (MS15-070) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3072620)
    Risk Rating: Important

    This security update resolves several vulnerabilities in Microsoft Office, most severe of which could cause remote code execution. Users with administrator rights currently logged in on the vulnerable system are more susceptible to the risks of these vulnerabilities.


  • (MS15-071) Vulnerability in Netlogon Could Allow Elevation of Privilege (3068457)
    Risk Rating: Important

    This security update resolves an elevation of privilege vulnerability in Microsoft Windows. An attacker must have access to a primary domain controller (PDC) in order to successfully exploit this vulnerability.


  • (MS15-072) Vulnerability in Windows Graphics Component Could Allow Elevation of Privilege (3069392)
    Risk Rating: Important

    This security update resolves an elevation of privilege vulnerability in Microsoft Windows. It resolves the way the Windows Graphics Component handles bitmap conversions.


  • (MS15-073) Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102)
    Risk Rating: Important

    This security update resolves an elevation of privilege vulnerability in Microsoft Windows. An attacker exploits this vulnerability by running a specially crafted application on the vulnerable system.


  • (MS15-074) Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (3072630)
    Risk Rating: Important

    This security update resolves an elevation of privilege vulnerability in Microsoft Windows Installer service. The vulnerability lies in the way the Installer service improperly handles custom action scripts.


  • (MS15-075) Vulnerabilities in OLE Could Allow Elevation of Privilege (3072633)
    Risk Rating: Important

    This security update resolves several vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if exploited one after the other.


  • (MS15-076) Vulnerability in Windows Remote Procedure Call Could Allow Elevation of Privilege (3067505)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows Remote Call Procedure (RPC) authentication. When exploited successfully, an attacker may elevate his privileges on the vulnerable system.


  • (MS15-077) Vulnerability in ATM Font Driver Could Allow Elevation of Privilege (3077657)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. When exploited successfully, an attacker may elevate his privileges on the vulnerable system.


  INFORMATION EXPOSURE

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

MS Bulletin ID Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection and IDF Compatibility
MS15-058 CVE-2015-1762 1006840 Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2015-1762) 14-July-15 NO
MS15-058 CVE-2015-2379 1006876 Microsoft Office Memory Corruption Vulnerability (CVE-2015-2379) 14-July-15 NO
MS15-065 CVE-2015-2390 1006848 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2390) 14-July-15 YES
MS15-065 CVE-2015-2383 1006845 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383) - 1 14-July-15 YES
MS15-065 CVE-2015-2411 1006837 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2411) 14-July-15 YES
MS15-065 CVE-2015-2421 1006839 Microsoft Internet Explorer ASLR Bypass Vulnerability (CVE-2015-2421) 14-July-15 YES
MS15-065 CVE-2015-2401 1006832 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401) 14-July-15 YES
MS15-065 CVE-2015-1767 1006850 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1742) 14-July-15 YES
MS15-065 CVE-2015-2419 1006868 Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419) 14-July-15 YES
MS15-065 CVE-2015-2391 1006849 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2391) 14-July-15 YES
MS15-065 CVE-2015-2397 1006831 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2397) 14-July-15 YES
MS15-065 CVE-2015-1733 1006750 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1733) 14-July-15 YES
MS15-065 CVE-2015-1738 1006754 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1738) 14-July-15 YES
MS15-065, MS15-066 CVE-2015-2372 1006841 Microsoft Windows VBScript Memory Corruption Vulnerability (CVE-2015-2372) 14-July-15 YES
MS15-065 CVE-2015-2422 1006853 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2422) 14-July-15 YES
MS15-065 CVE-2015-2425 1006869 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425) 14-July-15 YES
MS15-065 CVE-2015-2403 1006851 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2403) 14-July-15 YES
MS15-065 CVE-2015-1729 1006842 Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-1729) 14-July-15 YES
MS15-065 CVE-2015-2413 1006867 Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2413) 14-July-15 YES
MS15-065 CVE-2015-2404 1006852 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2404) 14-July-15 YES
MS15-065 CVE-2015-2388 1006846 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2388) 14-July-15 YES
MS15-065 CVE-2015-2406 1006833 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2406) 14-July-15 YES
MS15-065 CVE-2015-2389 1006847 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2389) 14-July-15 YES
MS15-065 CVE-2015-2408 1006835 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2408) 14-July-15 YES
MS15-065 CVE-2015-2483 1006843 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383) 14-July-15 YES
MS15-069 CVE-2015-2369 1006872 Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369) 14-July-15 YES
MS15-070 CVE-2015-2375 1006873 Microsoft Excel ASLR Bypass Vulnerability (CVE-2015-2375) 14-July-15 YES
MS15-070 CVE-2015-2377 1006875 Microsoft Office Memory Corruption Vulnerability (CVE-2015-2377) 14-July-15 YES
MS15-070 CVE-2015-2376 1006874 Microsoft Office Memory Corruption Vulnerability (CVE-2015-2376) 14-July-15 YES
MS15-070 CVE-2015-2380 1006877 Microsoft Office Memory Corruption Vulnerability (CVE-2015-2380) 14-July-15 YES
MS15-070 CVE-2015-2415 1006878 Microsoft Office Memory Corruption Vulnerability (CVE-2015-2415) 14-July-15 YES
MS15-072 CVE-2015-2364 1006879 Microsoft Windows Graphics Component EOP Vulnerability (CVE-2015-2364) 14-July-15 YES
MS15-075 CVE-2015-2417 1006881 Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2417) 14-July-15 YES
MS15-075 CVE-2015-2416 1006880 Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2416) 14-July-15 YES

  SOLUTION