Endpoint Protection

Microsoft Patch Tuesday – December 2015 

12-08-2015 03:35 PM

ms-tuesday-patch-key-concept-white-light 2_7.png

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing 12 bulletins, eight of which are rated Critical.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the December releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms15-dec

The following is a breakdown of the issues being addressed this month:

  1. MS15-124 Cumulative Security Update for Internet Explorer (3116180)

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6083) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6134) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6140) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6141) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6142) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6143) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6145) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6146) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6147) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6148) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6149) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6150) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6151) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6152) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6153) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6154) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6155) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6156) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6158) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6159) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6160) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2015-6162) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Scripting Engine Memory Corruption Vulnerability (CVE-2015-6136) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the VBScript engine renders when handling objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer XSS Filter Bypass Vulnerability (CVE-2015-6138) MS Rating: Moderate

    An XSS filter bypass vulnerability exists in the way that Internet Explorer disables an HTML attribute in otherwise appropriately filtered HTTP response data. The vulnerability could allow initially disabled scripts to run in the wrong security context, leading to an information disclosure.

    Microsoft Browser XSS Filter Bypass Vulnerability (CVE-2015-6144) MS Rating: Moderate

    An XSS filter bypass vulnerability exists in the way that Internet Explorer disables an HTML attribute in otherwise appropriately filtered HTTP response data. The vulnerability could allow initially disabled scripts to run in the wrong security context, leading to an information disclosure.

    Scripting Engine Information Disclosure Vulnerability (CVE-2015-6135) MS Rating: Important

    An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.

    Microsoft Browser Elevation of Privilege Vulnerability (CVE-2015-6139) MS Rating: Important

    An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce content types. An attacker who successfully exploited the vulnerability could run arbitrary script with elevated privileges.

    Internet Explorer Information Disclosure Vulnerability (CVE-2015-6157) MS Rating: Important

    An information disclosure vulnerability exists when Internet Explorer improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could provide the attacker with information to further compromise the user's system.

    Microsoft Browser ASLR Bypass (CVE-2015-6161) MS Rating: Important

    A security feature bypass exists when Internet Explorer fails to use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. An attacker who successfully exploited it could bypass the Address Space Layout Randomization (ASLR) security feature, which helps protect users from a broad class of vulnerabilities. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, to more reliably run arbitrary code on a target system.

    Internet Explorer XSS Filter Bypass Vulnerability (CVE-2015-6164) MS Rating: Important

    A security feature bypass vulnerability exists when Internet Explorer does not properly enforce cross-domain policies. The vulnerability could allow an attacker to access information from one domain and inject it into another domain.


  2. MS15-125 Cumulative Security Update for Microsoft Edge (3116184)

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6140) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6142) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6148) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6151) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Edge Memory Corruption Vulnerability (CVE-2015-6153) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6154) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6155) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6158) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6159) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Edge Memory Corruption Vulnerability (CVE-2015-6168) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Microsoft Browser Elevation of Privilege Vulnerability (CVE-2015-6139) MS Rating: Important

    An elevation of privilege vulnerability exists when Microsoft Edge does not properly validate file types under specific conditions, potentially allowing script to be run with elevated privileges.

    Microsoft Browser ASLR Bypass y (CVE-2015-6161) MS Rating: Important

    A security feature bypass exists when Microsoft Edge fails to use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. An attacker who successfully exploited it could bypass the Address Space Layout Randomization (ASLR) security feature, which helps protect users from a broad class of vulnerabilities. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, to more reliably run arbitrary code on a target system.

    Microsoft Edge Spoofing Vulnerability (CVE-2015-6169) MS Rating: Important

    A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP responses. An attacker who successfully exploited this vulnerability could trick a user by redirecting them to a specially crafted website. The specially crafted website could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services.

    Microsoft Browser Elevation of Privilege Vulnerability (CVE-2015-6170) MS Rating: Important

    An elevation of privilege vulnerability exists when Microsoft Edge does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.

    Microsoft Browser XSS Filter Bypass Vulnerability (CVE-2015-6176) MS Rating: Moderate

    An XSS filter bypass vulnerability exists in the way that Microsoft Edge disables an HTML attribute in otherwise appropriately filtered HTTP response data. The vulnerability could allow initially disabled scripts to run in the wrong security context, leading to an information disclosure.


  3. MS15-126 Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3116178)

    Scripting Engine Memory Corruption Vulnerability (CVE-2015-6136) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the VBScript engine renders when handling objects in memory in Internet Explorer. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

    Scripting Engine Information Disclosure Vulnerability (CVE-2015-6135) MS Rating: Important

    An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.


  4. MS15-127 Security Update for Microsoft Windows DNS to Address Remote Code Execution (3100465)

    Windows DNS Use After Free Vulnerability (CVE-2015-6125) MS Rating: Critical

    A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly parse requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.


  5. MS15-128 Security Update for Microsoft Graphics Component to Address Remote Code Execution (3104503)

    Graphics Memory Corruption Vulnerability (CVE-2015-6106) MS Rating: Important

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

    Graphics Memory Corruption Vulnerability (CVE-2015-6107) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

    Graphics Memory Corruption Vulnerability (CVE-2015-6108) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.


  6. MS15-129 Security Update for Silverlight to Address Remote Code Execution (3106614)

    Microsoft Silverlight RCE Vulnerability (CVE-2015-6166) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Silverlight incorrectly handles certain open and close requests that can result in read and write access violations.

    Microsoft Silverlight Information Disclosure Vulnerability (CVE-2015-6114) MS Rating: Important

    An information disclosure vulnerability exists when Silverlight fails to properly handle objects in memory, which could allow an attacker to more reliably predict pointer values and degrade the efficacy of the Address Space Layout Randomization (ASLR) security feature.

    Microsoft Silverlight Information Disclosure Vulnerability (CVE-2015-6165) MS Rating: Important

    An information disclosure vulnerability exists when Silverlight fails to properly handle objects in memory, which could allow an attacker to more reliably predict pointer values and degrade the efficacy of the Address Space Layout Randomization (ASLR) security feature.


  7. MS15-130 Security Update for Microsoft Uniscribe to Address Remote Code Execution (3108670)

    Windows Integer Underflow Vulnerability (CVE-2015-6130) MS Rating: Critical

    A remote code execution vulnerability exists when Windows Uniscribe improperly parses specially crafted fonts. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.


  8. MS15-131 Security Update for Microsoft Office to Address Remote Code Execution (3116111)

    Microsoft Office Memory Corruption Vulnerability (CVE-2015-6040) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Microsoft Office Memory Corruption Vulnerability (CVE-2015-6118) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Microsoft Office Memory Corruption Vulnerability (CVE-2015-6122) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Microsoft Office Memory Corruption Vulnerability (CVE-2015-6124) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Microsoft Office Memory Corruption Vulnerability (CVE-2015-6172) MS Rating: Critical

    A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Microsoft Office Memory Corruption Vulnerability (CVE-2015-6177) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


  9. MS15-132 Security Update for Microsoft Windows to Address Remote Code Execution (3116162)

    Windows Library Loading Remote Code Execution Vulnerability (CVE-2015-6128) MS Rating: Important

    A remote code execution vulnerability exists when Windows improperly validates input before loading libraries. An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Windows Library Loading Remote Code Execution Vulnerability (CVE-2015-6132) MS Rating: Important

    A remote code execution vulnerability exists when Windows improperly validates input before loading libraries. An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Windows Library Loading Remote Code Execution Vulnerability (CVE-2015-6133) MS Rating: Important

    A remote code execution vulnerability exists when Windows improperly validates input before loading libraries. An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


  10. MS15-133 Security Update for Windows PGM to Address Elevation of Privilege (3116130)

    Windows PGM UAF Elevation of Privilege Vulnerability (CVE-2015-6126) MS Rating: Important

    An elevation of privilege vulnerability exists in the Windows Pragmatic General Multicast (PGM) protocol that is caused when an attacker-induced race condition results in references to memory contents that have already been freed. An attacker who successfully exploited this vulnerability could execute code with elevated privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.


  11. MS15-134 Security Update for Windows Media Center to Address Remote Code Execution (3108669)

    Media Center Library Parsing RCE Vulnerability (CVE-2015-6131) MS Rating: Important

    A vulnerability exists in Windows Media Center that could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could take control of an affected system remotely. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Workstations are primarily at risk of this vulnerability.

    Windows Media Center Information Disclosure Vulnerability (CVE-2015-6127) MS Rating: Important

    A vulnerability exists in Windows Media Center that could allow an information disclosure if Windows Media Center improperly handles a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited the vulnerability could disclose local file system information. Workstations are primarily at risk of this vulnerability.


  12. MS15-135 Security Update for Windows Kernel Mode Drivers to Address Elevation of Privilege (3119075)

    Windows Kernel Memory Elevation of Privilege Vulnerability (CVE-2015-6171) MS Rating: Important

    An elevation of privilege vulnerability exists due to the way the Windows kernel handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

    Windows Kernel Memory Elevation of Privilege Vulnerability (CVE-2015-6173) MS Rating: Important

    An elevation of privilege vulnerability exists due to the way the Windows kernel handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

    Windows Kernel Memory Elevation of Privilege Vulnerability (CVE-2015-6174) MS Rating: Important

    An elevation of privilege vulnerability exists due to the way the Windows kernel handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

    Windows Kernel Memory Elevation of Privilege Vulnerability (CVE-2015-6175) MS Rating: Important

    An elevation of privilege vulnerability exists due to the way the Windows kernel handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

More information on the vulnerabilities being addressed this month is available at Symantec's free Security Response portal and to our customers through the DeepSight Threat Management System.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.