Microsoft and Adobe released a set of updates for their products, April 2015
Microsoft has released a set of updates for its products, fixing 26 unique vulnerabilities in Windows, Office, Internet Explorer, .NET Framework products (4 updates are Critical and 7 Important). The MS15-032 update fixes ten vulnerabilities in Internet Explorer (6-11). Vulnerabilities relate to the Remote Code Execution (RCE) type and allow an attacker to remotely execute code in a browser using a specially crafted web page. A reboot is required to apply the update.
Another critical update MS15-034 fixes the RCE vulnerability CVE-2015-1635 in the http.sys driver. Criminals can remotely execute code in the system by sending an HTTP request with a special header. The vulnerability is present on Windows 7+ and is very dangerous because it allows you to remotely execute code with maximum privileges in the system (SYSTEM).
The MS15-033 update fixes five vulnerabilities in all supported versions of Office 2007-2013. Vulnerabilities allow remote code execution using a specially crafted Office file. Critical. Exploitation More Likely .
')
The MS15-035 update fixes the CVE-2015-1645 vulnerability in the Windows Server 2003 component Seven (Gdi32.dll), which is responsible for drawing graphics and processing Enhanced Metafile files (EMF). Using a specially crafted EMF file, attackers can remotely execute code, and this file can be placed on a web page or located in a local directory. Critical. Exploitation Less Likely .
The MS15-036 update fixes two Elevation of Privilege vulnerabilities in the SharePoint Server product. Vulnerabilities allow an attacker to elevate system privileges by sending a specially crafted request to a server with vulnerable software. Vulnerability does not allow you to remotely execute the code, so the attacker himself must already be authenticated in the system to raise his privileges. Important. Exploitation Less Likely .
Update MS15-037 fixes the CVE-2015-0098 Elevation of Privilege type vulnerability in Windows Task Manager & Windows 2008 Task Scheduler. An attacker can force the task scheduler to execute a malicious application with maximum SYSTEM privileges on the system. Important. Exploitation More Likely .
Update MS15-038 two vulnerabilities CVE-2015-1643 and CVE-2015-1644 of type Elevation of Privilege in all supported versions of Windows, including Windows 8.1 / RT 8.1. Both vulnerabilities are related to improper operation of Windows with an impersonation -level security checks . The first vulnerability is present in the implementation of the NtCreateTransactionManager system API, and the second in the system code that works with MS-DOS device names. The update is addressed to the Clfs.sys driver and the Clfsw32.dll library, as well as to the following system files and kernel: Ntdll.dll, Ntoskrnl.exe, Diskperf.exe, Logman.exe. Important. Exploitation Less Likely .
Update MS15-039 fixes the CVE-2015-1646 ( Same Origin Policy SFB Vulnerability ) vulnerability in MS XML Core Services 3.0 (MSXML) on Windows Server 2003 - Seven. Using this vulnerability, an attacker can bypass the security function of the same-origin policy and remotely gain access to the user's confidential information, including logins and passwords from different sites. Important. Exploitation Less Likely .
Update MS14-040 fixes information disclosure type vulnerability in Active Directory (Active Directory Federation Services). Using a vulnerability, an attacker can reveal information about the user. Important. Exploitation Unlikely .
Update MS15-041 fixes an Information Disclosure type CVE-2015-1648 vulnerability in all versions of the .NET Framework. The vulnerability allows an attacker to disclose inappropriate information for him on a remote server using a specially crafted request for ASP.NET software that uses the .NET Framework for its work. Important. Exploitation Less Likely .
Update MS15-042 fixes one CVE-2015-1647 vulnerability of the Denial of Service type in Windows 8.1 Hyper-V. An attacker can launch a special application in the context of a virtual machine process, which will cause the entire system (host) to freeze. The fix is addressed to the Virtual Machine Management Service (Vmms.exe) and the Rdvgpuinfo.dll library. Important. Exploitation Less Likely .
1 - Exploitation More Likely
The probability of exploiting the vulnerability is very high, attackers can use an exploit, for example, for remote code execution.
2 - Exploitation Less Likely
The exploitation probability is average, since attackers are unlikely to be able to achieve a situation of sustainable exploitation, as well as due to the technical peculiarities of vulnerability and the complexity of developing an exploit.
3 - Exploit code unlikely
The exploitation probability is minimal and attackers are unlikely to be able to develop successfully working code and take advantage of this vulnerability to conduct an attack.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
Adobe has also updated its Flash Player ( APSB15-06 ), ColdFusion ( APSB15-07 ), and Flex ( APSB15-08 ) products .
As part of APSB15-06, the company fixed 22 vulnerabilities in Flash Player. One of the RCE vulnerabilities CVE-2015-3043 is exploited by in-the-wild intruders. The remaining closed vulnerabilities are also of the Remote Code Execution type (memory-corruption / buffer-overflow) and can be used by attackers to remotely execute code through a vulnerable version of the player. CVE-2015-0357 and CVE-2015-3040 two vulnerabilities can be used to bypass ASLR and develop a more stable exploit to execute code in the browser.
We also recommend updating your Flash Player. Browsers such as Internet Explorer 10 & 11 on Windows 8 / 8.1 and Google Chrome update their Flash Player versions automatically. For IE, see the updated Security Advisory 2755801 . Check your version of Flash Player for relevance here , the table below shows these versions for various browsers.
be secure.
Another critical update MS15-034 fixes the RCE vulnerability CVE-2015-1635 in the http.sys driver. Criminals can remotely execute code in the system by sending an HTTP request with a special header. The vulnerability is present on Windows 7+ and is very dangerous because it allows you to remotely execute code with maximum privileges in the system (SYSTEM).
The MS15-033 update fixes five vulnerabilities in all supported versions of Office 2007-2013. Vulnerabilities allow remote code execution using a specially crafted Office file. Critical. Exploitation More Likely .
')
The MS15-035 update fixes the CVE-2015-1645 vulnerability in the Windows Server 2003 component Seven (Gdi32.dll), which is responsible for drawing graphics and processing Enhanced Metafile files (EMF). Using a specially crafted EMF file, attackers can remotely execute code, and this file can be placed on a web page or located in a local directory. Critical. Exploitation Less Likely .
The MS15-036 update fixes two Elevation of Privilege vulnerabilities in the SharePoint Server product. Vulnerabilities allow an attacker to elevate system privileges by sending a specially crafted request to a server with vulnerable software. Vulnerability does not allow you to remotely execute the code, so the attacker himself must already be authenticated in the system to raise his privileges. Important. Exploitation Less Likely .
Update MS15-037 fixes the CVE-2015-0098 Elevation of Privilege type vulnerability in Windows Task Manager & Windows 2008 Task Scheduler. An attacker can force the task scheduler to execute a malicious application with maximum SYSTEM privileges on the system. Important. Exploitation More Likely .
Update MS15-038 two vulnerabilities CVE-2015-1643 and CVE-2015-1644 of type Elevation of Privilege in all supported versions of Windows, including Windows 8.1 / RT 8.1. Both vulnerabilities are related to improper operation of Windows with an impersonation -level security checks . The first vulnerability is present in the implementation of the NtCreateTransactionManager system API, and the second in the system code that works with MS-DOS device names. The update is addressed to the Clfs.sys driver and the Clfsw32.dll library, as well as to the following system files and kernel: Ntdll.dll, Ntoskrnl.exe, Diskperf.exe, Logman.exe. Important. Exploitation Less Likely .
Update MS15-039 fixes the CVE-2015-1646 ( Same Origin Policy SFB Vulnerability ) vulnerability in MS XML Core Services 3.0 (MSXML) on Windows Server 2003 - Seven. Using this vulnerability, an attacker can bypass the security function of the same-origin policy and remotely gain access to the user's confidential information, including logins and passwords from different sites. Important. Exploitation Less Likely .
Update MS14-040 fixes information disclosure type vulnerability in Active Directory (Active Directory Federation Services). Using a vulnerability, an attacker can reveal information about the user. Important. Exploitation Unlikely .
Update MS15-041 fixes an Information Disclosure type CVE-2015-1648 vulnerability in all versions of the .NET Framework. The vulnerability allows an attacker to disclose inappropriate information for him on a remote server using a specially crafted request for ASP.NET software that uses the .NET Framework for its work. Important. Exploitation Less Likely .
Update MS15-042 fixes one CVE-2015-1647 vulnerability of the Denial of Service type in Windows 8.1 Hyper-V. An attacker can launch a special application in the context of a virtual machine process, which will cause the entire system (host) to freeze. The fix is addressed to the Virtual Machine Management Service (Vmms.exe) and the Rdvgpuinfo.dll library. Important. Exploitation Less Likely .
1 - Exploitation More Likely
The probability of exploiting the vulnerability is very high, attackers can use an exploit, for example, for remote code execution.
2 - Exploitation Less Likely
The exploitation probability is average, since attackers are unlikely to be able to achieve a situation of sustainable exploitation, as well as due to the technical peculiarities of vulnerability and the complexity of developing an exploit.
3 - Exploit code unlikely
The exploitation probability is minimal and attackers are unlikely to be able to develop successfully working code and take advantage of this vulnerability to conduct an attack.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
Adobe has also updated its Flash Player ( APSB15-06 ), ColdFusion ( APSB15-07 ), and Flex ( APSB15-08 ) products .
As part of APSB15-06, the company fixed 22 vulnerabilities in Flash Player. One of the RCE vulnerabilities CVE-2015-3043 is exploited by in-the-wild intruders. The remaining closed vulnerabilities are also of the Remote Code Execution type (memory-corruption / buffer-overflow) and can be used by attackers to remotely execute code through a vulnerable version of the player. CVE-2015-0357 and CVE-2015-3040 two vulnerabilities can be used to bypass ASLR and develop a more stable exploit to execute code in the browser.
We also recommend updating your Flash Player. Browsers such as Internet Explorer 10 & 11 on Windows 8 / 8.1 and Google Chrome update their Flash Player versions automatically. For IE, see the updated Security Advisory 2755801 . Check your version of Flash Player for relevance here , the table below shows these versions for various browsers.
be secure.
Source: https://habr.com/ru/post/255779/
All Articles