Trustwave SpiderLabs Uncovers Unique Cybersecurity Risks in Today's Tech Landscape. Learn More

Trustwave SpiderLabs Uncovers Unique Cybersecurity Risks in Today's Tech Landscape. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

Microsoft Patch Tuesday, September 2015

Today marks Patch Tuesday for September and this month brings with it 12 bulletins. Four are rated Critical, and eight are rated Important. Across all bulletins, a total of 55 individual CVEs are patched this month.

Of the four Critical bulletins, both Internet Explorer and the new MS Edge browser make an appearance with seventeen vulnerabilities patched in IE and four patched in Edge. The most critical of these could allow for remote code execution if the attacker can lure a user to a maliciously crafted webpage. The other two Critical vulnerabilities are in Windows Journal and Microsoft Graphics Component. The Journal vulnerability can result in remote code execution if a user opens a maliciously crafted Journal file, while the Graphics vulnerability can also result in remote code execution if a user opens a document or visits a website with malicious OpenType font embedded in it.

 

MS15-094
CVE-2015-2483, CVE-2015-2484, CVE-2015-2485, CVE-2015-2486, CVE-2015-2487, CVE-2015-2489, CVE-2015-2490, CVE-2015-2491, CVE-2015-2492, CVE-2015-2493, CVE-2015-2494, CVE-2015-2498, CVE-2015-2499, CVE-2015-2500, CVE-2015-2501, CVE-2015-2541, CVE-2015-2542
Critical
Cumulative Security Update for Internet Explorer

This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user.

This security update is rated Critical for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers

 

MS15-095
CVE-2015-2485, CVE-2015-2486, CVE-2015-2494, CVE-2015-2542
Critical
Cumulative Security Update for Microsoft Edge

This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user.

This security update is rated Critical for Microsoft Edge on affected Windows clients.

 

MS15-096
CVE-2015-2535
Important
Vulnerability in Active Directory Service Could Allow Denial of Service

This security update resolves a vulnerability in Active Directory. The vulnerability could allow denial of service if an authenticated attacker creates multiple machine accounts. To exploit the vulnerability an attacker must have an account that has privileges to join machines to the domain.

This security update is rated Important for all supported editions of Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.

 

MS15-097
CVE-2015-2506, CVE-2015-2507, CVE-2015-2508, CVE-2015-2510, CVE-2015-2511, CVE-2015-2512, CVE-2015-2517, CVE-2015-2518, CVE-2015-2527, CVE-2015-2529, CVE-2015-2546
Critical
Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution

This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.

This security update is rated Critical for:

  • All supported editions of Windows Vista, Windows Server 2008
  • All affected editions of Microsoft Lync 2013, Microsoft Lync 2010, Microsoft Live Meeting 2007
  • All affected editions of Microsoft Office 2007, Microsoft Office 2010

 

MS15-098
CVE-2015-2513, CVE-2015-2514, CVE-2015-2516, CVE-2015-2519, CVE-2015-2530
Critical
Vulnerabilities in Windows Journal Could Allow Remote Code Execution

This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for all supported releases of Windows excluding Itanium editions, which are not affected.

 

MS15-099
CVE-2015-2520, CVE-2015-2521, CVE-2015-2522, CVE-2015-2523
Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.

This security update is rated Important for all supported editions of the following software:

  • Microsoft Excel 2007
  • Microsoft Excel 2010
  • Microsoft Excel 2013
  • Microsoft Excel 2013 RT
  • Microsoft Excel for Mac 2011
  • Microsoft Excel for Mac 2016
  • Microsoft SharePoint Foundation 2013, Microsoft SharePoint Server 2013

 

MS15-100
CVE-2015-2509
Important
Vulnerability in Windows Media Center Could Allow Remote Code Execution

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

This security update is rated Important for all supported editions of Windows Media Center when installed on Windows Vista, Windows 7, Windows 8, or Windows 8.1

 

MS15-101
CVE-2015-2504, CVE-2015-2526
Important
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege

This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application. However, in all cases, an attacker would have no way to force users to run the application; an attacker would have to convince users to do so.

This security update is rated Important for Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4, Microsoft .NET Framework 4.5, Microsoft .NET Framework 4.5.1, and Microsoft .NET Framework 4.5.2 on affected releases of Microsoft Windows.

 

MS15-102
CVE-2015-2524, CVE-2015-2525, CVE-2015-2528
Important
Vulnerability in Windows Task Management Could Allow Elevation of Privilege

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.

This security update is rated Important for all supported releases of Microsoft Windows

 

MS15-103
CVE-2015-2505, CVE-2015-2543, CVE-2015-2544
Important
Vulnerability in Microsoft Exchange Server Could Allow Information Disclosure

This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow information disclosure if Outlook Web Access (OWA) fails to properly handle web requests, and sanitize user input and email content.

This security update is rated Important for all supported editions of Microsoft Exchange Server 2013.

 

MS15-104
CVE-2015-2531, CVE-2015-2532, CVE-2015-2536
Important
Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege

This security update resolves vulnerabilities in Skype for Business Server and Microsoft Lync Server. The most severe of the vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL. An attacker would have to convince users to click a link in an instant messenger or email message that directs them to an affected website by way of a specially crafted URL.

This security update is rated Important for all supported editions of Skype for Business Server 2015 and Microsoft Lync Server 2013.

 

MS15-105
CVE-2015-2534
Important
Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker runs a specially crafted application that could cause Windows Hyper-V to incorrectly apply access control list (ACL) configuration settings. Customers who have not enabled the Hyper-V role are not affected.

This security update is rated Important for all supported editions of Windows 8.1 for x64-based Systems, Windows Server 2012 R2, and Windows 10 for x64-based Systems

Latest SpiderLabs Blogs

Why We Should Probably Stop Visually Verifying Checksums

Hello there! Thanks for stopping by. Let me get straight into it and start things off with what a checksum is to be inclusive of all audiences here, from Wikipedia [1]:

Read More

Agent Tesla's New Ride: The Rise of a Novel Loader

Malware loaders, critical for deploying malware, enable threat actors to deliver and execute malicious payloads, facilitating criminal activities like data theft and ransomware. Utilizing advanced...

Read More

Evaluating Your Security Posture: Security Assessment Basics

This is Part 4 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here.

Read More