Qualys Vulnerability R&D Lab has released new vulnerability checks in the Qualys Cloud Platform to protect organizations against 52 vulnerabilities that were fixed in 12 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Microsoft has released 12 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
A denial of service vulnerability exists in Active Directory when an authenticated attacker creates multiple machine accounts.
This security update is rated Important.
Affected Versions:
Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-096 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-096 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-096 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-096 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-096 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-096 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-096 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-096 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-096 Windows Server 2012
MS15-096 Windows Server 2012
MS15-096 Windows Server 2012 R2
MS15-096 Windows Server 2012 R2
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-095 Windows 10 for 32-bit Systems
MS15-095 Windows 10 for x64-based Systems
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
This security update is rated Critical for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-094 Windows 10 for 32-bit Systems
MS15-094 Windows 10 for x64-based Systems
MS15-094 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 10)
MS15-094 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 11)
MS15-094 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 8)
MS15-094 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 9)
MS15-094 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 10)
MS15-094 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 11)
MS15-094 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 8)
MS15-094 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 9)
MS15-094 Windows 8 for 32-bit Systems(Internet Explorer 10)
MS15-094 Windows 8 for x64-based Systems(Internet Explorer 10)
MS15-094 Windows 8.1 for 32-bit Systems(Internet Explorer 11)
MS15-094 Windows 8.1 for x64-based Systems(Internet Explorer 11)
MS15-094 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Internet Explorer 8)
MS15-094 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 10)
MS15-094 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 11)
MS15-094 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 8)
MS15-094 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 9)
MS15-094 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 7)
MS15-094 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 8)
MS15-094 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 9)
MS15-094 Windows Server 2008 for Itanium-based Systems Service Pack 2(Internet Explorer 7)
MS15-094 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 7)
MS15-094 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 8)
MS15-094 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 9)
MS15-094 Windows Server 2012(Internet Explorer 10)
MS15-094 Windows Server 2012 R2(Internet Explorer 11)
MS15-094 Windows Vista Service Pack 2(Internet Explorer 7)
MS15-094 Windows Vista Service Pack 2(Internet Explorer 8)
MS15-094 Windows Vista Service Pack 2(Internet Explorer 9)
MS15-094 Windows Vista x64 Edition Service Pack 2(Internet Explorer 7)
MS15-094 Windows Vista x64 Edition Service Pack 2(Internet Explorer 8)
MS15-094 Windows Vista x64 Edition Service Pack 2(Internet Explorer 9)
A denial of service vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. An attacker who successfully exploited the vulnerability could crash the affected system.
Elevation of privilege vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library fails to properly handle objects in memory
A remote code execution vulnerability exists in Microsoft Windows when components of Windows, Office, and Lync improperly handle specially crafted OpenType fonts.
Multiple elevation of privilege vulnerabilities exist in Windows when the Windows kernel-mode driver fails to properly handle objects in memory.
An elevation of privilege vulnerability exists when the Windows kernel mode driver (Win32k.sys) fails to properly validate and enforce integrity levels during certain process initialization scenarios.
A security feature bypass vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.
Microsoft has released a security update that addresses the vulnerabilities by correcting how:
- The Windows Adobe Type Manager Library handles OpenType fonts
- The Windows kernel-mode driver handles objects in memory
- Windows validates integrity levels to prevent inappropriate process initialization
- The Windows kernel handles memory addresses
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-097 Microsoft Live Meeting 2007 Console
MS15-097 Microsoft Lync 2010
MS15-097 Microsoft Lync 2010
MS15-097 Microsoft Lync 2010 Attendee
MS15-097 Microsoft Lync 2010 Attendee
MS15-097 Microsoft Lync 2013 Service Pack 1
MS15-097 Microsoft Lync 2013 Service Pack 1
MS15-097 Microsoft Lync Basic 2013 Service Pack 1
MS15-097 Microsoft Lync Basic 2013 Service Pack 1
MS15-097 Microsoft Office 2007 Service Pack 3
MS15-097 Microsoft Office 2010 Service Pack 2
MS15-097 Microsoft Office 2010 Service Pack 2
MS15-097 Skype for Business 2016
MS15-097 Skype for Business 2016
MS15-097 Windows 10 for 32-bit Systems
MS15-097 Windows 10 for x64-based Systems
MS15-097 Windows 7 for 32-bit Systems Service Pack 1
MS15-097 Windows 7 for x64-based Systems Service Pack 1
MS15-097 Windows 8 for 32-bit Systems
MS15-097 Windows 8 for x64-based Systems
MS15-097 Windows 8.1 for 32-bit Systems
MS15-097 Windows 8.1 for x64-based Systems
MS15-097 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-097 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-097 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-097 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-097 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-097 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-097 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-097 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-097 Windows Server 2012
MS15-097 Windows Server 2012 R2
MS15-097 Windows Vista Service Pack 2
MS15-097 Windows Vista Service Pack 2
MS15-097 Windows Vista x64 Edition Service Pack 2
MS15-097 Windows Vista x64 Edition Service Pack 2
Remote code execution vulnerabilities exist in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal.
The update addresses the vulnerabilities by modifying how Internet Explorer handles objects in memory.
This security update is rated Critical.
Affected Versions:
Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows RT 8.1, Windows 8.1, Windows Server 2012 R2 and Windows 10.
Refer to Microsoft Security Bulletin MS15-098 for further details.
Workaround:
- Do not open Windows Journal (.jnt) files that you receive from untrusted sources or that you receive unexpectedly from trusted sources.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-098 Windows 10 for 32-bit Systems
MS15-098 Windows 10 for x64-based Systems
MS15-098 Windows 7 for 32-bit Systems Service Pack 1
MS15-098 Windows 7 for x64-based Systems Service Pack 1
MS15-098 Windows 8 for 32-bit Systems
MS15-098 Windows 8 for x64-based Systems
MS15-098 Windows 8.1 for 32-bit Systems
MS15-098 Windows 8.1 for x64-based Systems
MS15-098 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-098 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-098 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-098 Windows Server 2012
MS15-098 Windows Server 2012 R2
MS15-098 Windows Vista Service Pack 2
MS15-098 Windows Vista x64 Edition Service Pack 2
Remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory.
A cross-site scripting (XSS) vulnerability, which could result in spoofing, exists when SharePoint fails to properly sanitize user-supplied web requests. An attacker who successfully exploited this vulnerability could perform persistent cross-site scripting attacks and run script (in the security context of the logged-on user) with malicious content that appears authentic.
A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file.
Microsoft has released a security update that addresses these vulnerabilities by correcting how Microsoft Office handles files in memory and by modifying how SharePoint validates web requests.
Workaround:
1) Modify the Access Control List to deny access to EPSIMP32.FLT for ALL USERS
Impact of workaround #1: This workaround prevents EPS files from loading in Office, which may prevent certain images from displaying properly in Office. This setting must be reverted before installing future security updates.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-099 Microsoft Office Mac
MS15-099 Microsoft Office Windows
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-100 Windows 7 for 32-bit Systems Service Pack 1(Media Center)
MS15-100 Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
MS15-100 Windows 8 for 32-bit Systems
MS15-100 Windows 8 for 64-bit Systems
MS15-100 Windows 8.1 for 32-bit Systems
MS15-100 Windows 8.1 for x64-based Systems
MS15-100 Windows Vista Service Pack 2
MS15-100 Windows Vista Service Pack 2
- An elevation of privilege vulnerability exists in the way that the .NET Framework validates the number of objects in memory before copying those objects into an array.
- A denial of service vulnerability exists that is caused when .NET fails to properly handle certain specially crafted requests.
This security update is rated Important for Microsoft .NET Framework on all supported releases of Microsoft Windows.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-101
Elevation of privilege vulnerabilites exists when Microsoft Windows fails to properly validate, fails to enforce impersonation levels and improperly verifies certain file system interactions.
This security update is rated Important.
Affected Versions:
Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT, Windoes RT 8.1 and Windows 10.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-102 Windows 10 for 32-bit Systems
MS15-102 Windows 10 for x64-based Systems
MS15-102 Windows 7 for 32-bit Systems Service Pack 1
MS15-102 Windows 7 for x64-based Systems Service Pack 1
MS15-102 Windows 8 for 32-bit Systems
MS15-102 Windows 8 for 32-bit Systems
MS15-102 Windows 8 for x64-based Systems
MS15-102 Windows 8 for x64-based Systems
MS15-102 Windows 8.1 for 32-bit Systems
MS15-102 Windows 8.1 for 32-bit Systems
MS15-102 Windows 8.1 for x64-based Systems
MS15-102 Windows 8.1 for x64-based Systems
MS15-102 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-102 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-102 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-102 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-102 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-102 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-102 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-102 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-102 Windows Server 2012
MS15-102 Windows Server 2012
MS15-102 Windows Server 2012
MS15-102 Windows Server 2012
MS15-102 Windows Server 2012 R2
MS15-102 Windows Server 2012 R2
MS15-102 Windows Server 2012 R2
MS15-102 Windows Server 2012 R2
MS15-102 Windows Vista Service Pack 2
MS15-102 Windows Vista x64 Edition Service Pack 2
- An information disclosure vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests.
- Spoofing vulnerabilities exist in Microsoft Exchange Server when OWA does not properly sanitize specially crafted email.
The security update addresses the vulnerabilities by correcting how Microsoft Exchange OWA handles web requests and by helping to ensure that OWA properly sanitizes user input and email content.
This security update is rated Important for all supported editions of Microsoft Exchange Server 2013.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-103 Microsoft Exchange Server 2013 Cumulative Update 8
MS15-103 Microsoft Exchange Server 2013 Cumulative Update 9
MS15-103 Microsoft Exchange Server 2013 Service Pack 1
A cross-site scripting (XSS) vulnerability, which could result in information disclosure, exists when Lync Server fail to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user's browser to obtain information from web sessions (CVE-2015-2532).
A cross-site scripting (XSS) vulnerability, which could result in elevation of privileges, exists when Skype for Business Server or Lync Server fails to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights (CVE-2015-2536).
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-104 Microsoft Lync Server 2013
MS15-104 Skype for Business Server 2015
A security feature bypass vulnerability exists in Windows Hyper-V when access control list (ACL) configuration settings are not applied correctly.
This security update is rated Important for Windows Hyper-V on Windows 8.1, Windows Server 2012 R2 and Windows 10.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-105 Windows 10 for x64-based Systems
MS15-105 Windows 8.1 for x64-based Systems
MS15-105 Windows Server 2012 R2
MS15-105 Windows Server 2012 R2
These new vulnerability checks are included in Qualys vulnerability signature 2.3.109-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
To perform a selective vulnerability scan, configure a scan profile to use the following options:
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Platforms and Platform Identification
For more information, customers may contact Qualys Technical Support.
The Qualys Cloud Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.