onsdag 13 maj 2015

Skydd mot nya sårbarheter i IE, GDI+ och .NET Framework

Zscaler, som arbetar tillsammans med Microsoft via MAPPs-programmet (Microsoft Active Protection Program) har proaktivt utvecklat skydd mot de 25 sårbarheter som Microsoft adresserar med dagens uppdatering.

WeClouds webbsäkerhetslösning från Zscaler analyserar allt innehåll i den data som hämtas från webben och bedömer det genom flera olika analyser, jämförelser och beteendeanalyser. Skanningen av http/https sker i realtid och skyddar användare och system oavsett var de kopplat upp sig genom att styra trafiken via någon av skannings-noderna i det globala säkerhetsnätverket.


MS15-043Cumulative Security Update for Internet Explorer
Severity: Critical
Affected Software
  • Internet Explorer 6-11
CVE-2015-1658 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-1685 – Internet Explorer ASLR Bypass
CVE-2015-1686 – VBScript and JScript ASLR Bypass
CVE-2015-1688 – Internet Explorer Elevation of Privilege Vulnerability
CVE-2015-1689 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-1692 – Internet Explorer Clipboard Information Disclosure Vulnerability
CVE-2015-1706 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-1708 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-1709 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-1710 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-1711 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-1713 – Internet Explorer Elevation of Privilege Vulnerability
CVE-2015-1714 – Internet Explorer Memory Corruption Vulnerability
CVE-2015-1718 – Internet Explorer Memory Corruption Vulnerability

Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

MS15-044Vulnerabilities in GDI+ Could Allow Remote Code Execution
Severity: Critical
Affected Software
  • Windows Server 2003 SP2
  • Windows Vista SP2
  • Windows Server 2008 SP2
  • Windows 7 SP1
  • Windows Server 2008 R2
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1
CVE-2015-1671 – TrueType Font Parsing Vulnerability

Description: An information disclosure vulnerability exists in Microsoft Windows when the Windows DirectWrite library improperly handles OpenType fonts. An attacker who successfully exploited this vulnerability could potentially read data which was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

MS15-045Vulnerability in Windows Journal Could Allow Remote Code Execution
Severity: Critical
Affected Software
  • Windows Vista SP2
  • Windows Server 2008 SP2
  • Windows 7 SP1
  • Windows Server 2008 R2
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1
CVE-2015-1675 – Windows Journal Remote Code Execution Vulnerability
CVE-2015-1696 – Windows Journal Remote Code Execution Vulnerability
CVE-2015-1697 – Windows Journal Remote Code Execution Vulnerability
CVE-2015-1698 – Windows Journal Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS15-048Vulnerabilities in .NET Framework Could Allow Elevation of Privilege
Severity: Important
Affected Software
  • Windows Server 2003 SP2
  • Windows Vista SP2
  • Windows Server 2008 SP2
  • Windows 7 SP1
  • Windows Server 2008 R2
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1
CVE-2015-1672 – Microsoft Windows Kernel Memory Disclosure Vulnerability

Description: A denial of service vulnerability exists in Microsoft .NET Framework that could allow an unauthenticated attacker to degrade the performance of a .NET-enabled website and disrupt the availability of applications that use Microsoft .NET Framework. The vulnerability exists when Microsoft .NET Framework attempts to decrypt certain specially crafted XML data.

MS15-051Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
Severity: Important
Affected Software
  • Windows Server 2003
  • Windows Vista SP2
  • Windows Server 2008 R2
  • Windows 7
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1
CVE-2015-1676 – Microsoft Windows Kernel Memory Disclosure Vulnerability
CVE-2015-1678 – Microsoft Windows Kernel Memory Disclosure Vulnerability
CVE-2015-1680 – Microsoft Windows Kernel Memory Disclosure Vulnerability

Description: Information disclosure vulnerabilities exist when the Windows kernel-mode driver leaks private address information during a function call, which could allow the disclosure of kernel memory contents revealing information about the system to an attacker. The information disclosure vulnerabilities by themselves do not allow arbitrary code execution. However, an attacker could use them in conjunction with another vulnerability to bypass security features, such as Address Space Layout Randomization (ASLR).

MS15-052Vulnerability in Windows Kernel Could Allow Security Feature Bypass
Severity: Important
Affected Software
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1
CVE-2015-1674 – Windows Kernel Security Feature Bypass Vulnerability

Description: A security feature bypass vulnerability exists when the Windows kernel fails to properly validate which mode the request comes from, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.

MS15-054Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service
Severity: Important
Affected Software
  • Windows Vista SP2
  • Windows Server 2008 SP2
  • Windows 7 SP1
  • Windows Server 2008 SP1
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1 
CVE-2015-1681 – Microsoft Management Console File Format Denial of Service Vulnerability

Description: This vulnerability allows an unauthenticated attacker to create a denial of service condition if the attacker can convince a user to open a share containing a specially crafted .msc file. However, the attacker has no means to force a user to visit the share or view the file.


www.wecloud.se

info@wecloud.se