Security Alert (A15-05-02): Multiple Vulnerabilities in Microsoft Products (May 2015)


 

Published on: 13 May 2015

  
  

Description:

Microsoft has released 13 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:

MS15-043    Cumulative Security Update for Internet Explorer
MS15-044    Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution
MS15-045    Vulnerability in Windows Journal Could Allow Remote Code Execution
MS15-046    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
MS15-047    Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution
MS15-048    Vulnerabilities in .NET Framework Could Allow Elevation of Privilege
MS15-049    Vulnerability in Silverlight Could Allow Elevation of Privilege
MS15-050    Vulnerability in Service Control Manager Could Allow Elevation of Privilege
MS15-051    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
MS15-052    Vulnerability in Windows Kernel Could Allow Security Feature Bypass
MS15-053    Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass
MS15-054    Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service
MS15-055    Vulnerability in Schannel Could Allow Information Disclosure

 

Affected Systems:

  • Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2
  • Microsoft Internet Explorer 6, 7, 8, 9, 10, 11
  • Microsoft Live Meeting 2007
  • Microsoft Lync 2010, 2013
  • Microsoft Office 2007, 2010, 2013, 2013 RT, Office for Mac 2011
  • Microsoft Office Web Apps 2010, 2013
  • Microsoft Office Web Apps 2010, 2013
  • Microsoft PowerPoint Viewer
  • Microsoft SharePoint Server 2007, 2010, 2013
  • Microsoft Silverlight 5
  • Microsoft Windows Server 2003, 2008, 2012
  • Microsoft Windows Vista, 7, 8, 8.1, RT, RT 8.1

https://technet.microsoft.com/library/security/ms15-May


Impact:

Depending on the vulnerability exploited, a successful attack could lead to bypass of security restrictions, elevation of privilege, information disclosure, denial of service or arbitrary code execution.

 

Recommendation:

Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

  • Microsoft Update
    http://update.microsoft.com/microsoftupdate

 

More Information:

https://technet.microsoft.com/library/security/ms15-May
https://technet.microsoft.com/library/security/MS15-043
https://technet.microsoft.com/library/security/MS15-044
https://technet.microsoft.com/library/security/MS15-045
https://technet.microsoft.com/library/security/MS15-046
https://technet.microsoft.com/library/security/MS15-047
https://technet.microsoft.com/library/security/MS15-048
https://technet.microsoft.com/library/security/MS15-049
https://technet.microsoft.com/library/security/MS15-050
https://technet.microsoft.com/library/security/MS15-051
https://technet.microsoft.com/library/security/MS15-052
https://technet.microsoft.com/library/security/MS15-053
https://technet.microsoft.com/library/security/MS15-054
https://technet.microsoft.com/library/security/MS15-055
https://www.hkcert.org/my_url/en/alert/15051301
https://www.hkcert.org/my_url/en/alert/15051302
https://www.hkcert.org/my_url/en/alert/15051303
https://www.hkcert.org/my_url/en/alert/15051304
https://www.hkcert.org/my_url/en/alert/15051305
https://www.hkcert.org/my_url/en/alert/15051306
https://www.hkcert.org/my_url/en/alert/15051310
https://www.hkcert.org/my_url/en/alert/15051311
https://www.hkcert.org/my_url/en/alert/15051312
https://www.hkcert.org/my_url/en/alert/15051313
https://www.hkcert.org/my_url/en/alert/15051314
https://www.hkcert.org/my_url/en/alert/15051315
https://www.hkcert.org/my_url/en/alert/15051316
https://www.us-cert.gov/ncas/current-activity/2015/05/12/Microsoft-Releases-May-2015-Security-Bulletin
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1671
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1673
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1675
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1677
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1680
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1681
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1683
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1684
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1684
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1694
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1696
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1699
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1700
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1701
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1706
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1708
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1714
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1717
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1718
 



Tag: Microsoft , Internet Explorer , Windows , Windows Server , Microsoft Office , SharePoint , Lync , Live Meeting , Silverlight , .NET Framework
Tags