July 2015 Microsoft Patch Tuesday
Overview of the July 2015 Microsoft patches and their status.
| # | Affected | Contra Indications - KB | Known Exploits | Microsoft rating(**) | ISC rating(*) | |
|---|---|---|---|---|---|---|
| clients | servers | |||||
| MS15-058 | Remote Code Execution Vulnerabilities in SQL Server (This bulletin was supposed to be part of the June 2015 patch Tuesday, but got delayed until today) |
|||||
| SQL Server CVE-2015-1761 CVE-2015-1762 CVE-2015-1763 |
KB 3065718 | no. | Severity:Important Exploitability: 2 |
N/A | Important | |
| MS15-065 | Internet Explorer Rollup Patch (Replaces MS15-056 ) | |||||
| Internet Explorer CVE-2015-1729 CVE-2015-1733 CVE-2015-1738 CVE-2015-1767 CVE-2015-2372 CVE-2015-2383 CVE-2015-2384 CVE-2015-2385 CVE-2015-2388 CVE-2015-2389 CVE-2015-2390 CVE-2015-2391 CVE-2015-2397 CVE-2015-2398 CVE-2015-2401 CVE-2015-2403 CVE-2015-2404 CVE-2015-2405 CVE-2015-2406 CVE-2015-2408 CVE-2015-2410 CVE-2015-2411 CVE-2015-2412 CVE-2015-2413 CVE-2015-2414 CVE-2015-2419 CVE-2015-2421 CVE-2015-2422 CVE-2015-2425 |
KB 3076321 | CVE-2015-2398 has been publicly disclosed.. | Severity:Critical Exploitability: 0 |
Critical | Important | |
| MS15-066 | Remote Code Execution Vulnerability in VBScript Scripting Engine (Replaces MS15-019 ) | |||||
| VBScript CVE-2015-2372 |
KB 3072604 | no. | Severity:Critical Exploitability: 1 |
Critical | Important | |
| MS15-067 | Remote Code Execution Vulnerability in RDP (Replaces MS15-030 ) | |||||
| RDP CVE-2015-2373 |
KB 3073094 | no. | Severity:Critical Exploitability: 3 |
Critical | Critical | |
| MS15-068 | Remote Code Execution Vulnerabilities in Hyper-V | |||||
| Hyper-V CVE-2015-2361 CVE-2015-2362 |
KB 3072000 | no. | Severity:Critical Exploitability: 2 |
N/A | Critical | |
| MS15-069 | Remote Code Execution Vulnerabilities in Windows | |||||
| Windows and Windows Media Device Manager CVE-2015-2368 CVE-2015-2369 |
KB 3072631 | unauthorized DLL loading is an ongoing issue. | Severity:Important Exploitability: 1 |
Critical | Important | |
| MS15-070 | Remote Code Execution Vulnerabilities in Office (Replaces MS13-084 MS15-022 MS15-033 MS15-046 ) | |||||
| Microsoft Office (including Mac and Sharepoint) CVE-2015-2376 CVE-2015-2377 CVE-2015-2379 CVE-2015-2380 CVE-2015-2415 CVE-2015-2424 CVE-2015-2375 CVE-2015-2378 |
KB 3072620 | CVE-2015-2424 has been used in exploits.. | Severity:Important Exploitability: 1 |
Critical | Important | |
| MS15-071 | Spoofing Vulnerability in Netlogon (Replaces MS15-027 ) | |||||
| Netlogon CVE-2015-2374 |
KB 3068457 | no. | Severity:Important Exploitability: 3 |
Important | Important | |
| MS15-072 | Elevation of Privilege Vulnerability in Windows Graphics Component (Replaces MS15-035 ) | |||||
| Windows Graphics component CVE-2015-2364 |
KB 3069392 | no. | Severity:Important Exploitability: 1 |
Important | Important | |
| MS15-073 | Elevation of Privilege Vulnerability in Kernel Mode Drivers (Replaces MS15-061 ) | |||||
| Kernel Mode Drivers CVE-2015-2363 CVE-2015-2365 CVE-2015-2366 CVE-2015-2367 CVE-2015-2381 CVE-2015-2382 |
KB 3070102 | no. | Severity:Important Exploitability: 2 |
Important | Important | |
| MS15-074 | Elevation of Privilege Vulnerability in Windows Installer Service (Replaces MS49-049 ) | |||||
| Windows Installer Service CVE-2015-2371 |
KB 3072630 | no. | Severity:Important Exploitability: 1 |
Important | Important | |
| MS15-075 | Elevation of Privilege Vulnerability in OLE (Replaces MS13-070 ) | |||||
| OLE CVE-2015-2416 CVE-2015-2417 |
KB 3072633 | no. | Severity:Important Exploitability: 1 |
Critical | Important | |
| MS15-076 | Elevation of Privilege in Windows RPC (Replaces MS15-055 ) | |||||
| Windows RPC CVE-2015-2370 |
KB 3067505 | no. | Severity:Important Exploitability: 2 |
Important | Important | |
| MS15-077 | Elevationof Privilege Vulnerability in ATM Font Driver (Replaces MS15-021 ) | |||||
| ATM Font Driver (ATMFD.DLL) CVE-2015-2387 |
KB 3077657 | Exploits Detected. | Severity:Important Exploitability: 0 |
Important | Important | |
We will update issues on this page for about a week or so as they evolve.
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
- We use 4 levels:
- PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
- Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
- Important: Things where more testing and other measures can help.
- Less Important patches for servers that do not use outlook, MSIE, word etc. to do traditional office or leisure work.
- The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threats.
Adobe Updates Flash Player, Shockwave and PDF Reader
In a warm up to patch Tuesday, it looks like we have a new version for Adobe Flash Player, Shockwave Player and PDF Reader. Given that some of the exploits against the vulnerabilities patched are public, you may want to expedite patching and review your Flash Player and browser configuration.
the latest (patched) versions are (thanks Dave!):
- Flash Player 18.0.0.209
- Flash Player EST 13.0.0.305
- Reader 10.1.15
- Reader 11.0.12
- Shockwave Player 12.1.9.159
Bulletins:
https://helpx.adobe.com/security/products/shockwave/apsb15-17.html
https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
https://helpx.adobe.com/security/products/reader/apsb15-15.html
You can get the latest version here: https://get.adobe.com/flashplayer/
Also note that many browsers now allow you to disable Flash by default. You can re-enable it for sites that require Flash. Here is a nice page that will explain how to have your browser ask for permission before running plugins:
http://www.howtogeek.com/188059/how-to-enable-click-to-play-plugins-in-every-web-browser/
ISC StormCast for Tuesday, July 14th 2015 http://isc.sans.edu/podcastdetail.html?id=4567
×
![modal content]()
Diary Archives
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago