Microsoft fixed Windows kernel vulnerabilities
Microsoft has released updates for its products, fixing 33 unique vulnerabilities. Internet Explorer and Edge web browsers, as well as components of all versions of Windows and Office, have been updated. The MS15-111 update fixes five vulnerabilities in various components of the Windows kernel (including in Ntdll.dll, Ntoskrnl.exe, Smss.exe, Csrsrv.dll). One of the vulnerabilities of CVE-2015-2552 ( Trusted Boot Security Feature Bypass Vulnerability ) was present in the Secure Boot (Trusted Boot) security mechanism and allowed an attacker to disable checks of the legitimacy of the loaded kernel-mode code, which in turn made it possible to jailbreak for Windows RT.
The company also re-released the update KB3084905 ( TPM lockout occurs unexpectedly in Windows 8.1 or Windows RT 8.1 ), which we wrote about earlier here . The update fixed a bug in the Windows system files and EFI firmware, which made it possible for the kernel code to work incorrectly with the TPM cryptographic unit. A new update refers to the fix file bootmgfw.efi.
The MS15-106 update fixes 14 vulnerabilities in all versions of Internet Explorer. Most fixed vulnerabilities are of the Remote Code Execution type and allow attackers to remotely execute code through a specially crafted web page. Critical.
')
Update MS15-107 fixes two vulnerabilities CVE-2015-6057 and CVE-2015-6058 in the Edge web browser. Both vulnerabilities are of type Information Disclosure. With the help of them, an attacker can reveal inappropriate data in the memory of a web browser. Important.
The MS15-108 update fixes 4 vulnerabilities in VBScript and JScript web engines on Windows Vista. One of the vulnerabilities CVE-2015-6052 ( VBScript and JScript ASLR Bypass ) allows attackers to bypass the ASLR security mechanism in the context of a running web browser process and create more stable exploits. Two other vulnerabilities allow attackers to remotely execute code in a user's web browser using specially crafted contents of Visual Basic Script or JScript scripts. Critical.
The MS15-109 update addresses the Windows Shell and Microsoft Tablet Input Band components for all supported OSs. Both fixable vulnerabilities allow attackers to remotely execute code on the user's system using specially crafted files. Critical.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
technet.microsoft.com/library/security/ms15-oct
be secure.
The company also re-released the update KB3084905 ( TPM lockout occurs unexpectedly in Windows 8.1 or Windows RT 8.1 ), which we wrote about earlier here . The update fixed a bug in the Windows system files and EFI firmware, which made it possible for the kernel code to work incorrectly with the TPM cryptographic unit. A new update refers to the fix file bootmgfw.efi.
The MS15-106 update fixes 14 vulnerabilities in all versions of Internet Explorer. Most fixed vulnerabilities are of the Remote Code Execution type and allow attackers to remotely execute code through a specially crafted web page. Critical.
')
Update MS15-107 fixes two vulnerabilities CVE-2015-6057 and CVE-2015-6058 in the Edge web browser. Both vulnerabilities are of type Information Disclosure. With the help of them, an attacker can reveal inappropriate data in the memory of a web browser. Important.
The MS15-108 update fixes 4 vulnerabilities in VBScript and JScript web engines on Windows Vista. One of the vulnerabilities CVE-2015-6052 ( VBScript and JScript ASLR Bypass ) allows attackers to bypass the ASLR security mechanism in the context of a running web browser process and create more stable exploits. Two other vulnerabilities allow attackers to remotely execute code in a user's web browser using specially crafted contents of Visual Basic Script or JScript scripts. Critical.
The MS15-109 update addresses the Windows Shell and Microsoft Tablet Input Band components for all supported OSs. Both fixable vulnerabilities allow attackers to remotely execute code on the user's system using specially crafted files. Critical.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
technet.microsoft.com/library/security/ms15-oct
be secure.
Source: https://habr.com/ru/post/268829/
All Articles