Security Alert (A15-06-01): Multiple Vulnerabilities in Microsoft Products (June 2015)

Description:

Microsoft has released 8 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:

MS15-056    Cumulative Security Update for Internet Explorer
MS15-057    Vulnerability in Windows Media Player Could Allow Remote Code Execution
MS15-059    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
MS15-060    Vulnerability in Microsoft Common Controls Could Allow Remote Code Execution
MS15-061    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
MS15-062    Vulnerability in Active Directory Federation Services Could Allow Elevation of Privilege
MS15-063    Vulnerability in Windows Kernel Could Allow Elevation of Privilege
MS15-064    Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege

Affected Systems:

• Microsoft Exchange Server 2013
• Microsoft Internet Explorer 6, 7, 8, 9, 10, 11
• Microsoft Office 2007, 2010, 2013, 2013 RT
• Microsoft Office Compatibility Pack
• Microsoft Windows Media Player 10, 11, 12
• Microsoft Windows Server 2003, 2008, 2012
• Microsoft Windows Vista, 7, 8, 8.1, RT, RT 8.1

Impact:

Depending on the vulnerability exploited, a successful attack could lead to elevation of privilege or arbitrary code execution.

Recommendation:

Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

• Microsoft Update
  http://update.microsoft.com/microsoftupdate

More Information:

https://technet.microsoft.com/library/security/ms15-jun
https://technet.microsoft.com/library/security/MS15-056
https://technet.microsoft.com/library/security/MS15-057
https://technet.microsoft.com/library/security/MS15-059
https://technet.microsoft.com/library/security/MS15-060
https://technet.microsoft.com/library/security/MS15-061
https://technet.microsoft.com/library/security/MS15-062
https://technet.microsoft.com/library/security/MS15-063
https://technet.microsoft.com/library/security/MS15-064
https://www.hkcert.org/my_url/en/alert/15061001
https://www.hkcert.org/my_url/en/alert/15061002
https://www.hkcert.org/my_url/en/alert/15061003
https://www.hkcert.org/my_url/en/alert/15061004
https://www.hkcert.org/my_url/en/alert/15061005
https://www.hkcert.org/my_url/en/alert/15061006
https://www.hkcert.org/my_url/en/alert/15061007
https://www.hkcert.org/my_url/en/alert/15061008
https://www.us-cert.gov/ncas/current-activity/2015/06/09/Microsoft-Releases-June-2015-Security-Bulletin
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1719 to (CVE-2015-1728)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1739 to (CVE-2015-1745)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1750 to (CVE-2015-1760)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1765
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2359
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2360