Advisory overview
Qualys Vulnerability R&D Lab has released new
vulnerability checks in the Qualys Cloud Platform to protect
organizations against
52 vulnerabilities
that were fixed in
12 bulletins
announced today by Microsoft. Customers can immediately audit
their networks for these and other new vulnerabilities by accessing
their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Vulnerability details
Microsoft has released 12 security
bulletins
to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
-
Microsoft Active Directory Denial of Service Vulnerability (MS15-096)
-
Severity
-
Serious
3
-
Qualys ID
-
123940
-
Vendor Reference
-
MS15-096
-
CVE Reference
-
CVE-2015-2535
-
CVSS Scores
-
Base 4 /
Temporal 3
-
Description
-
Active Directory Services contains an extensible and scalable set of services that enables you to efficiently manage corporate identities, credentials, information protection, and system and application settings.
A denial of service vulnerability exists in Active Directory when an authenticated attacker creates multiple machine accounts.
This security update is rated Important.
Affected Versions:
Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2.
-
Consequence
-
An attacker could exploit this vulnerability by creating multiple machine accounts, resulting in denial of service.
-
Solution
-
Refer to MS15-096 for further information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-096 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-096 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-096 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-096 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-096 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-096 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-096 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-096 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-096 Windows Server 2012
MS15-096 Windows Server 2012
MS15-096 Windows Server 2012 R2
MS15-096 Windows Server 2012 R2
-
Microsoft Edge Cumulative Security Update (MS15-095)
-
Severity
-
Critical
4
-
Qualys ID
-
91092
-
Vendor Reference
-
MS15-095
-
CVE Reference
-
CVE-2015-2485,
CVE-2015-2486,
CVE-2015-2494,
CVE-2015-2542
-
CVSS Scores
-
Base 9.3 /
Temporal 7.3
-
Description
-
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.
-
Consequence
-
An attacker could host a specially crafted website that is designed to exploit these vulnerabilities through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit these vulnerabilities.
-
Solution
-
Refer to Microsoft Security Bulletin MS15-095 for details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-095 Windows 10 for 32-bit Systems
MS15-095 Windows 10 for x64-based Systems
-
Microsoft Internet Explorer Cumulative Security Update (MS15-094)
-
Severity
-
Urgent
5
-
Qualys ID
-
100257
-
Vendor Reference
-
MS15-094
-
CVE Reference
-
CVE-2015-2483,
CVE-2015-2484,
CVE-2015-2485,
CVE-2015-2486,
CVE-2015-2487,
CVE-2015-2489,
CVE-2015-2490,
CVE-2015-2491,
CVE-2015-2492,
CVE-2015-2493,
CVE-2015-2494,
CVE-2015-2498,
CVE-2015-2499,
CVE-2015-2500,
CVE-2015-2501,
CVE-2015-2541,
CVE-2015-2542
-
CVSS Scores
-
Base 9.3 /
Temporal 7.7
-
Description
-
Microsoft Internet Explorer is a graphical web browser developed by Microsoft and included as part of the Microsoft Windows operating systems.
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
This security update is rated Critical for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.
-
Consequence
-
Successful exploitation allows an attacker to execute arbitrary code.
-
Solution
-
Customers are advised to refer to Microsoft Advisory MS15-094 for more details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-094 Windows 10 for 32-bit Systems
MS15-094 Windows 10 for x64-based Systems
MS15-094 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 10)
MS15-094 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 11)
MS15-094 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 8)
MS15-094 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 9)
MS15-094 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 10)
MS15-094 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 11)
MS15-094 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 8)
MS15-094 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 9)
MS15-094 Windows 8 for 32-bit Systems(Internet Explorer 10)
MS15-094 Windows 8 for x64-based Systems(Internet Explorer 10)
MS15-094 Windows 8.1 for 32-bit Systems(Internet Explorer 11)
MS15-094 Windows 8.1 for x64-based Systems(Internet Explorer 11)
MS15-094 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Internet Explorer 8)
MS15-094 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 10)
MS15-094 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 11)
MS15-094 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 8)
MS15-094 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 9)
MS15-094 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 7)
MS15-094 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 8)
MS15-094 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 9)
MS15-094 Windows Server 2008 for Itanium-based Systems Service Pack 2(Internet Explorer 7)
MS15-094 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 7)
MS15-094 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 8)
MS15-094 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 9)
MS15-094 Windows Server 2012(Internet Explorer 10)
MS15-094 Windows Server 2012 R2(Internet Explorer 11)
MS15-094 Windows Vista Service Pack 2(Internet Explorer 7)
MS15-094 Windows Vista Service Pack 2(Internet Explorer 8)
MS15-094 Windows Vista Service Pack 2(Internet Explorer 9)
MS15-094 Windows Vista x64 Edition Service Pack 2(Internet Explorer 7)
MS15-094 Windows Vista x64 Edition Service Pack 2(Internet Explorer 8)
MS15-094 Windows Vista x64 Edition Service Pack 2(Internet Explorer 9)
-
Microsoft Graphics Component Remote Code Execution Vulnerabilities (MS15-097)
-
Severity
-
Urgent
5
-
Qualys ID
-
91094
-
Vendor Reference
-
MS15-097
-
CVE Reference
-
CVE-2015-2506,
CVE-2015-2507,
CVE-2015-2508,
CVE-2015-2510,
CVE-2015-2511,
CVE-2015-2512,
CVE-2015-2517,
CVE-2015-2518,
CVE-2015-2527,
CVE-2015-2529,
CVE-2015-2546
-
CVSS Scores
-
Base 9.3 /
Temporal 8.1
-
Description
-
Multiple vulnerabilities affect the Microsoft Graphics Component in Windows, Office and Lync.
A denial of service vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. An attacker who successfully exploited the vulnerability could crash the affected system.
Elevation of privilege vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library fails to properly handle objects in memory
A remote code execution vulnerability exists in Microsoft Windows when components of Windows, Office, and Lync improperly handle specially crafted OpenType fonts.
Multiple elevation of privilege vulnerabilities exist in Windows when the Windows kernel-mode driver fails to properly handle objects in memory.
An elevation of privilege vulnerability exists when the Windows kernel mode driver (Win32k.sys) fails to properly validate and enforce integrity levels during certain process initialization scenarios.
A security feature bypass vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.
Microsoft has released a security update that addresses the vulnerabilities by correcting how:
- The Windows Adobe Type Manager Library handles OpenType fonts
- The Windows kernel-mode driver handles objects in memory
- Windows validates integrity levels to prevent inappropriate process initialization
- The Windows kernel handles memory addresses
-
Consequence
-
The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.
-
Solution
-
Refer to MS15-097 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-097 Microsoft Live Meeting 2007 Console
MS15-097 Microsoft Lync 2010
MS15-097 Microsoft Lync 2010
MS15-097 Microsoft Lync 2010 Attendee
MS15-097 Microsoft Lync 2010 Attendee
MS15-097 Microsoft Lync 2013 Service Pack 1
MS15-097 Microsoft Lync 2013 Service Pack 1
MS15-097 Microsoft Lync Basic 2013 Service Pack 1
MS15-097 Microsoft Lync Basic 2013 Service Pack 1
MS15-097 Microsoft Office 2007 Service Pack 3
MS15-097 Microsoft Office 2010 Service Pack 2
MS15-097 Microsoft Office 2010 Service Pack 2
MS15-097 Skype for Business 2016
MS15-097 Skype for Business 2016
MS15-097 Windows 10 for 32-bit Systems
MS15-097 Windows 10 for x64-based Systems
MS15-097 Windows 7 for 32-bit Systems Service Pack 1
MS15-097 Windows 7 for x64-based Systems Service Pack 1
MS15-097 Windows 8 for 32-bit Systems
MS15-097 Windows 8 for x64-based Systems
MS15-097 Windows 8.1 for 32-bit Systems
MS15-097 Windows 8.1 for x64-based Systems
MS15-097 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-097 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-097 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-097 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-097 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-097 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-097 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-097 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-097 Windows Server 2012
MS15-097 Windows Server 2012 R2
MS15-097 Windows Vista Service Pack 2
MS15-097 Windows Vista Service Pack 2
MS15-097 Windows Vista x64 Edition Service Pack 2
MS15-097 Windows Vista x64 Edition Service Pack 2
-
Microsoft Windows Journal Remote Code Execution Vulnerability (MS15-098)
-
Severity
-
Urgent
5
-
Qualys ID
-
91090
-
Vendor Reference
-
MS15-098
-
CVE Reference
-
CVE-2015-2513,
CVE-2015-2514,
CVE-2015-2516,
CVE-2015-2519,
CVE-2015-2530
-
CVSS Scores
-
Base 9.3 /
Temporal 6.9
-
Description
-
Microsoft Windows Journal is a notetaking application.
Remote code execution vulnerabilities exist in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal.
The update addresses the vulnerabilities by modifying how Internet Explorer handles objects in memory.
This security update is rated Critical.
Affected Versions:
Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows RT 8.1, Windows 8.1, Windows Server 2012 R2 and Windows 10.
-
Consequence
-
An attacker who successfully exploit this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.
-
Solution
-
Refer to Microsoft Security Bulletin MS15-098 for further details.
Workaround:
- Do not open Windows Journal (.jnt) files that you receive from untrusted sources or that you receive unexpectedly from trusted sources.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-098 Windows 10 for 32-bit Systems
MS15-098 Windows 10 for x64-based Systems
MS15-098 Windows 7 for 32-bit Systems Service Pack 1
MS15-098 Windows 7 for x64-based Systems Service Pack 1
MS15-098 Windows 8 for 32-bit Systems
MS15-098 Windows 8 for x64-based Systems
MS15-098 Windows 8.1 for 32-bit Systems
MS15-098 Windows 8.1 for x64-based Systems
MS15-098 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-098 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-098 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-098 Windows Server 2012
MS15-098 Windows Server 2012 R2
MS15-098 Windows Vista Service Pack 2
MS15-098 Windows Vista x64 Edition Service Pack 2
-
Microsoft Office Remote Code Execution Vulnerabilities (MS15-099)
-
Severity
-
Urgent
5
-
Qualys ID
-
110259
-
Vendor Reference
-
MS15-099
-
CVE Reference
-
CVE-2015-2520,
CVE-2015-2521,
CVE-2015-2522,
CVE-2015-2523,
CVE-2015-2545
-
CVSS Scores
-
Base 9.3 /
Temporal 8.1
-
Description
-
Microsoft Office is prone to the following vulnerabilities:
Remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory.
A cross-site scripting (XSS) vulnerability, which could result in spoofing, exists when SharePoint fails to properly sanitize user-supplied web requests. An attacker who successfully exploited this vulnerability could perform persistent cross-site scripting attacks and run script (in the security context of the logged-on user) with malicious content that appears authentic.
A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file.
Microsoft has released a security update that addresses these vulnerabilities by correcting how Microsoft Office handles files in memory and by modifying how SharePoint validates web requests.
-
Consequence
-
The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.
-
Solution
-
Refer to MS15-099 to obtain more information.
Workaround:
1) Modify the Access Control List to deny access to EPSIMP32.FLT for ALL USERS
Impact of workaround #1: This workaround prevents EPS files from loading in Office, which may prevent certain images from displaying properly in Office. This setting must be reverted before installing future security updates.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-099 Microsoft Office Mac
MS15-099 Microsoft Office Windows
-
Microsoft Windows Media Center Remote Code Execution Vulnerability (MS15-100)
-
Severity
-
Critical
4
-
Qualys ID
-
91095
-
Vendor Reference
-
MS15-100
-
CVE Reference
-
CVE-2015-2509
-
CVSS Scores
-
Base 9.3 /
Temporal 7.7
-
Description
-
This security update resolves a vulnerability in Microsoft Windows.A vulnerability exists in Windows Media Center that could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code
This security update is rated Important for all supported editions of Windows Media Center when installed on Windows Vista, Windows 7, Windows 8, or Windows 8.1.
-
Consequence
-
An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.To exploit this vulnerability, an attacker must entice a user to install the .mcl file on the local machine. Malicious code referenced by the .mcl file could then be executed from an attacker-controlled location. The security update addresses the vulnerability by correcting how Media Center link files are handled.
-
Solution
-
Refer to Microsoft Security Bulletin MS15-100 for further details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-100 Windows 7 for 32-bit Systems Service Pack 1(Media Center)
MS15-100 Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
MS15-100 Windows 8 for 32-bit Systems
MS15-100 Windows 8 for 64-bit Systems
MS15-100 Windows 8.1 for 32-bit Systems
MS15-100 Windows 8.1 for x64-based Systems
MS15-100 Windows Vista Service Pack 2
MS15-100 Windows Vista Service Pack 2
-
Microsoft .NET Framework Elevation of Privilege and Denial of Service Vulnerability (MS15-101)
-
Severity
-
Critical
4
-
Qualys ID
-
91091
-
Vendor Reference
-
MS15-101
-
CVE Reference
-
CVE-2015-2504,
CVE-2015-2526
-
CVSS Scores
-
Base 9.3 /
Temporal 7.3
-
Description
-
The Microsoft .NET Framework is a software framework for computers running Microsoft Windows operating systems.
- An elevation of privilege vulnerability exists in the way that the .NET Framework validates the number of objects in memory before copying those objects into an array.
- A denial of service vulnerability exists that is caused when .NET fails to properly handle certain specially crafted requests.
This security update is rated Important for Microsoft .NET Framework on all supported releases of Microsoft Windows.
-
Consequence
-
Successfully exploiting this vulnerability might allow an attacker to gain escalated privileges or cause denial-of-service like conditions.
-
Solution
-
Refer to MS15-101 for further information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-101
-
Microsoft Windows Task Management Elevation of Privilege Vulnerability (MS15-102)
-
Severity
-
Serious
3
-
Qualys ID
-
91089
-
Vendor Reference
-
MS15-102
-
CVE Reference
-
CVE-2015-2524,
CVE-2015-2525,
CVE-2015-2528
-
CVSS Scores
-
Base 7.2 /
Temporal 6
-
Description
-
The Task Scheduler is a Windows service that enables the automation of routine tasks on a chosen computer. Task Scheduler does this by monitoring the criteria the user has chosen for initiating tasks (referred to as triggers) and then executing the tasks when the criteria has been met.
Elevation of privilege vulnerabilites exists when Microsoft Windows fails to properly validate, fails to enforce impersonation levels and improperly verifies certain file system interactions.
This security update is rated Important.
Affected Versions:
Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT, Windoes RT 8.1 and Windows 10.
-
Consequence
-
By crafting a crafted application, a restricted user can gain administrator and SYSTEM privileges. An attacker will need a local user's account to exploit this vulnerability.
-
Solution
-
Refer to MS15-102 for further information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-102 Windows 10 for 32-bit Systems
MS15-102 Windows 10 for x64-based Systems
MS15-102 Windows 7 for 32-bit Systems Service Pack 1
MS15-102 Windows 7 for x64-based Systems Service Pack 1
MS15-102 Windows 8 for 32-bit Systems
MS15-102 Windows 8 for 32-bit Systems
MS15-102 Windows 8 for x64-based Systems
MS15-102 Windows 8 for x64-based Systems
MS15-102 Windows 8.1 for 32-bit Systems
MS15-102 Windows 8.1 for 32-bit Systems
MS15-102 Windows 8.1 for x64-based Systems
MS15-102 Windows 8.1 for x64-based Systems
MS15-102 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-102 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-102 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-102 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-102 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-102 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-102 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-102 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-102 Windows Server 2012
MS15-102 Windows Server 2012
MS15-102 Windows Server 2012
MS15-102 Windows Server 2012
MS15-102 Windows Server 2012 R2
MS15-102 Windows Server 2012 R2
MS15-102 Windows Server 2012 R2
MS15-102 Windows Server 2012 R2
MS15-102 Windows Vista Service Pack 2
MS15-102 Windows Vista x64 Edition Service Pack 2
-
Microsoft Exchange Server Information Disclosure Vulnerabilities (MS15-103)
-
Severity
-
Serious
3
-
Qualys ID
-
53001
-
Vendor Reference
-
MS15-103
-
CVE Reference
-
CVE-2015-2505,
CVE-2015-2543,
CVE-2015-2544
-
CVSS Scores
-
Base 5 /
Temporal 3.7
-
Description
-
Microsoft Exchange Server is prone to the following vulnerabilities:
- An information disclosure vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests.
- Spoofing vulnerabilities exist in Microsoft Exchange Server when OWA does not properly sanitize specially crafted email.
The security update addresses the vulnerabilities by correcting how Microsoft Exchange OWA handles web requests and by helping to ensure that OWA properly sanitizes user input and email content.
This security update is rated Important for all supported editions of Microsoft Exchange Server 2013.
-
Consequence
-
An attacker who successfully exploited the vulnerability could discover stacktrace details, perform HTML injection attacks on affected systems.
-
Solution
-
Please refer to MS15-103 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-103 Microsoft Exchange Server 2013 Cumulative Update 8
MS15-103 Microsoft Exchange Server 2013 Cumulative Update 9
MS15-103 Microsoft Exchange Server 2013 Service Pack 1
-
Microsoft Skype for Business Server and Lync Server Elevation of Privilege Vulnerability (MS15-104)
-
Severity
-
Serious
3
-
Qualys ID
-
91096
-
Vendor Reference
-
MS15-104
-
CVE Reference
-
CVE-2015-2531,
CVE-2015-2532,
CVE-2015-2536
-
CVSS Scores
-
Base 4.3 /
Temporal 3.2
-
Description
-
A cross-site scripting (XSS) vulnerability, which could result in information disclosure, exists when the jQuery engine in Skype for Business Server or in Lync Server fails to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user's browser to obtain information from web sessions (CVE-2015-2531).
A cross-site scripting (XSS) vulnerability, which could result in information disclosure, exists when Lync Server fail to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user's browser to obtain information from web sessions (CVE-2015-2532).
A cross-site scripting (XSS) vulnerability, which could result in elevation of privileges, exists when Skype for Business Server or Lync Server fails to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights (CVE-2015-2536).
-
Consequence
-
Successfully exploiting these vulnerabilities might allow a remote attacker to perform cross-site-scripting attacks.
-
Solution
-
Please refer to MS15-104 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-104 Microsoft Lync Server 2013
MS15-104 Skype for Business Server 2015
-
Microsoft Hyper-V Security Bypass Vulnerability (MS15-105)
-
Severity
-
Critical
4
-
Qualys ID
-
91093
-
Vendor Reference
-
MS15-105
-
CVE Reference
-
CVE-2015-2534
-
CVSS Scores
-
Base 1.9 /
Temporal 1.4
-
Description
-
Hyper-V is a hypervisor-based technology.
A security feature bypass vulnerability exists in Windows Hyper-V when access control list (ACL) configuration settings are not applied correctly.
This security update is rated Important for Windows Hyper-V on Windows 8.1, Windows Server 2012 R2 and Windows 10.
-
Consequence
-
Successful exploitation allows attacker to run specially crafted application that can cause Hyper-V to allow unintended traffic.
-
Solution
-
Refer to Microsoft Security Bulletin MS15-105 for details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-105 Windows 10 for x64-based Systems
MS15-105 Windows 8.1 for x64-based Systems
MS15-105 Windows Server 2012 R2
MS15-105 Windows Server 2012 R2
These new vulnerability checks are included in Qualys
vulnerability signature
2.3.109-3.
Each Qualys account is automatically updated with the latest
vulnerability signatures as they become available. To view the
vulnerability signature version in your account, from the
Qualys Help menu, select the About tab.
Selective Scan Instructions Using Qualys
To perform a selective vulnerability scan, configure a scan profile to use the following options:
-
Ensure access to TCP ports 135 and 139 are available.
-
Enable Windows Authentication (specify Authentication Records).
-
Enable the following Qualys IDs:
-
123940
-
91092
-
100257
-
91094
-
91090
-
110259
-
91095
-
91091
-
91089
-
53001
-
91096
-
91093
- If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
- If you would like to be notified if Qualys is unable to log on to a host (if Authentication fails), also include QID 105015.
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Access for Qualys Customers
Platforms and Platform Identification
Technical Support
For more information, customers may contact Qualys Technical Support.
About Qualys
The Qualys Cloud Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.
OVERVIEW
CAPABILITIES
PLATFORM APPS
RESOURCES
Qualys Cloud Platform
Free Services
Use Cases
Segments
Research