Zscaler, som arbetar tillsammans med Microsoft via MAPPs-programmet (Microsoft Active Protection Program) har proaktivt utvecklat skydd mot de 42 sårbarheter som Microsoft adresserar med en uppdatering.
WeClouds webbsäkerhetslösning från Zscaler analyserar allt innehåll i den data som hämtas från webben och bedömer det genom flera olika analyser, jämförelser och beteendeanalyser. Skanningen av http/https sker i realtid och skyddar användare och system oavsett var de kopplat upp sig genom att styra trafiken via någon av skannings-noderna i det globala säkerhetsnätverket.
MS15-009 – Security Update for Internet Explorer
Severity: Critical
Affected Software
Severity: Critical
Affected Software
- Internet Explorer 6-11
CVE-2014-8967 – Internet Explorer Memory
Corruption Vulnerability
CVE-2015-0017 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0018 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0019 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0020 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0021 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0023 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0025 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0026 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0028 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0029 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0035 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0036 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0038 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0039 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0040 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0041 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0042 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0043 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0044 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0045 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0046 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0048 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0049 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0050 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0051 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0052 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0053 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0054 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0055 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0067 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0068 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0069 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0070 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0071 – Internet Explorer Memory Corruption Vulnerability
Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.
MS15-010 – Vulnerabilities in Windows Kernel Mode Driver Could Allow Remote Code Execution
Severity: Important
Affected Software
CVE-2015-0017 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0018 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0019 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0020 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0021 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0023 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0025 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0026 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0028 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0029 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0035 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0036 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0038 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0039 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0040 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0041 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0042 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0043 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0044 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0045 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0046 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0048 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0049 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0050 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0051 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0052 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0053 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0054 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0055 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0067 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0068 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0069 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0070 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-0071 – Internet Explorer Memory Corruption Vulnerability
Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.
MS15-010 – Vulnerabilities in Windows Kernel Mode Driver Could Allow Remote Code Execution
Severity: Important
Affected Software
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
- Windows 8
- Windows 8.1
- Windows Server 2012
- Windows Server 2012 R2
- Windows RT
- Windows RT 8.1
CVE-2015-0057 – Win32k Elevation of Privilege
Vulnerability
CVE-2015-0058 – Windows Cursor Object Double Free Vulnerability
CVE-2015-0059 – TrueType Font Parsing Remote Code Execution Vulnerability
Description: An elevation of privilege vulnerability exists in the Windows kernel-mode driver (win32k.sys) due to a double-free condition. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
MS15-012 – Vulnerability in Microsoft Office Could Allow Remote Code Execution
Severity: Important
Affected Software
CVE-2015-0058 – Windows Cursor Object Double Free Vulnerability
CVE-2015-0059 – TrueType Font Parsing Remote Code Execution Vulnerability
Description: An elevation of privilege vulnerability exists in the Windows kernel-mode driver (win32k.sys) due to a double-free condition. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
MS15-012 – Vulnerability in Microsoft Office Could Allow Remote Code Execution
Severity: Important
Affected Software
- Office 2007
- Office 2010
- Office 2013
- Office Web Apps 2010
CVE-2015-0064 – Office Remote Code Execution
Vulnerability
CVE-2015-0065 – OneTableDocumentStream Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Word that is caused when Word improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.
MS15-015 – Vulnerability in Microsoft Windows Could Allow Elevation of Privilege
Severity: Important
Affected Software
CVE-2015-0065 – OneTableDocumentStream Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Word that is caused when Word improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.
MS15-015 – Vulnerability in Microsoft Windows Could Allow Elevation of Privilege
Severity: Important
Affected Software
- Windows 7
- Windows Server 2008 R2
- Windows 8
- Windows 8.1
- Windows Server 2012
- Windows Server 2012 R2
- Windows RT
- Windows RT 8.1
CVE-2015-0062 – Windows Create Process
Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists in Microsoft Windows when it fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security checks and gain elevated privileges on a targeted system.
MS15-017 – Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege
Severity: Important
Affected Software
Description: An elevation of privilege vulnerability exists in Microsoft Windows when it fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security checks and gain elevated privileges on a targeted system.
MS15-017 – Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege
Severity: Important
Affected Software
- Microsoft System Center Virtual
Machine Manager 2012
Description: A vulnerability exists in Virtual Machine Manager (VMM) when the VMM improperly validates user roles. The vulnerability could allow elevation of privilege if an attacker logs on an affected system. An attacker must have valid Active Directory login credentials and be able to log on with that credential to exploit the vulnerability.
www.wecloud.se
info@wecloud.se