Tuesday, August 11, 2015

Microsoft Security Bulletin Release for August, 2015


Microsoft released fourteen (14) bulletins.  Four (4) bulletins are identified as Critical and the remaining ten (10) are rated Important in severity.

The updates address vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, Microsoft Silverlight Microsoft Server Software, Microsoft Edge and Internet Explorer.  Details about the CVEs can be found in the below-referenced TechNet Security Bulletin.

Critical:
  • MS15-079 -- Cumulative Security Update for Internet Explorer (3082442)
  • MS15-080 -- Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662)
  • MS15-081  -- Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790)
  • MS15-091  -- Cumulative Security Update for Microsoft Edge (3084525)
Important:
  • MS15-082 -- Vulnerabilities in RDP Could Allow Remote Code Execution (3080348)
  • MS15-083 --  Vulnerability in Server Message Block Could Allow Remote Code Execution (3073921)
  • MS15-084 -- Vulnerabilities in XML Core Services Could Allow Information Disclosure (3080129)
  • MS15-085 -- Vulnerability in Mount Manager Could Allow Elevation of Privilege (3082487)
  • MS15-086 -- Vulnerability in System Center Operations Manager Could Allow Elevation of Privilege (3075158)
  • MS15-087  -- Vulnerability in UDDI Services Could Allow Elevation of Privilege (3082459)
  • MS15-088  -- Unsafe Command Line Parameter Passing Could Allow Information Disclosure (3082458)
  • MS15-089 -- Vulnerability in WebDAV Could Allow Information Disclosure (3076949)
  • MS15-090 -- Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege (3060716)
  • MS15-092 -- Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251)

Additional Update Notes

  • MSRT -- Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. The updated version includes Win32/Vawtrak, Win32/Critroni and Win32/Kasidet.  Details are available in the MMPC Blog Post.
  • Internet Explorer -- For additional information about the blocking of out-of-date ActiveX controls see the TechNet article, Out-of-date ActiveX control blocking.  Additional changes introduced this month include the blocking of outdated Silverlight.  Additional information is available in the IE Blog.
  • Windows 8.x and Windows 10 -- Non-security new features and improvements for Windows 8.1 and Windows 10 are included with the updates.


References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...


    No comments: