Patch Tuesday Analysis - September 2015
•Download as PPTX, PDF•
0 likes•239 views
Ivanti September 2015 Patch Tuesday Analysis Webinar – Formerly Shavlik
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Similar to Patch Tuesday Analysis - September 2015
Similar to Patch Tuesday Analysis - September 2015 (17)
More from Ivanti
More from Ivanti (20)
Recently uploaded
Recently uploaded (20)
Patch Tuesday Analysis - September 2015
- 1. Chris Goettl Sr. Product Manager Minimizing the Impact of Patch Tuesday Wednesday, September 9th, 2015 Dial In: 1-855-749-4750 (US) Attendees: 929 797 333
- 2. Shavlik Confidential Feel free to ask questions via the online Q&A link in the WebEx interface. Questions may be answered during the presentation. Unanswered questions will be resolved via email after the presentation is over. A copy of this presentation will be available at http://www.shavlik.com/webinars/ after the webinar. 2 Logistics
- 3. Shavlik Confidential September 2015 Patch Tuesday Overview Review September 2015 Security Bulletins Patch Recommendations Other patches released since last Patch Tuesday 3 Agenda
- 4. Shavlik Confidential 12 Microsoft Security Bulletins / 56 Vulnerabilities Addressed Adobe Shockwave Bulletin / 2 Vulnerabilities Addressed Affected Products: All supported Windows operating systems (Including Windows 10) Internet Explorer, Edge Microsoft Office 2010, 2013 .Net Framework Microsoft Lync Sharepoint Exchange Server Skype for Business Lync Server Adobe Shockwave 4 Patch Tuesday Overview for September 2015
- 5. Shavlik Confidential Security Bulletins: 5 bulletin is rated as Critical. 7 bulletins are rated as Important. Vulnerability Impact: 6 bulletins address vulnerabilities that could allow Remote Code Execution. 3 bulletins address vulnerabilities that could allow Elevation of Privileges. 1 bulletin addresses a vulnerability that could allow Information Disclosure. 1 bulletin addresses a vulnerability that could allow a Denial of Service attack. 1 bulletin addresses a vulnerability that could allow Security Feature Bypass. 5 Overview for Microsoft September 2015
- 6. Shavlik Confidential Security Bulletins: Adobe Shockwave (Priority 1) Vulnerability Impact: Adobe Shockwave resolves 2 vulnerabilities including Code Execution. 6 Overview for 3rd Party Vendors September 2015
- 7. Shavlik Confidential Maximum Severity: Critical Affected Products: Windows 10, Internet Explorer, Edge, .Net Framework • Description: This update for Windows 10 includes functionality improvements and resolves the vulnerabilities in Windows that are described in the following Microsoft security bulletins: MS15-094, MS15-095, MS15-097, MS15-098, MS15-101, MS15-102, MS15-105. Windows 10 updates are cumulative. Therefore, this package contains all previously released fixes. Impact: Remote Code Execution, Elevation of Privilege, Security Feature Bypass Fixes 32 vulnerabilities: CVE-2015-2483, CVE-2015-2484, CVE-2015-2485, CVE-2015-2486, CVE-2015-2487, CVE-2015-2489, CVE-2015-2490, CVE-2015- 2491, CVE-2015-2492, CVE-2015-2493, CVE-2015-2494, CVE-2015-2498, CVE-2015-2499, CVE-2015-2500, CVE-2015-2501, CVE- 2015-2541, Publicly Disclosed CVE-2015-2542, CVE-2015-2485, CVE-2015-2486, CVE-2015-2494, CVE-2015-2506, CVE-2015- 2507, CVE-2015-2508, CVE-2015-2510, CVE-2015-2511, CVE-2015-2512, CVE-2015-2517, CVE-2015-2518, CVE-2015-2527, Publicly Disclosed CVE-2015-2529, Exploited in Wild CVE-2015-2546 Replaces: CSWU-007 Restart Required: Requires Restart 7 CSWU-007: Cumulative update for Windows 10: September 8, 2015
- 8. Shavlik Confidential Maximum Severity: Critical Affected Products: Internet Explorer Description: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Impact: Remote Code Execution Fixes 17 vulnerabilities: CVE-2015-2483, CVE-2015-2484, CVE-2015-2485, CVE-2015-2486, CVE-2015-2487, CVE-2015-2489, CVE- 2015-2490, CVE-2015-2491, CVE-2015-2492, CVE-2015-2493, CVE-2015-2494, CVE-2015-2498, CVE-2015- 2499, CVE-2015-2500, CVE-2015-2501, CVE-2015-2541, Publicly Disclosed CVE-2015-2542 Replaces: 3087985 in MS15-093, 3081444 in MS15-093 Restart Required: Requires Restart 8 MS15-094: Cumulative Security Update for Internet Explorer (3089548)
- 9. Shavlik Confidential Maximum Severity: Critical Affected Products: Windows, Edge Description: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Impact: Remote Code Execution Fixes 4 vulnerabilities: CVE-2015-2485, CVE-2015-2486, CVE-2015-2494, Publicly Disclosed CVE-2015-2542 Replaces: 3081444, Restart Required: Requires Restart 9 MS15-095: Cumulative Security Update for Microsoft Edge (3089665)
- 10. Shavlik Confidential Maximum Severity: Critical Affected Products: Windows, Office, Lync Description: This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts. Impact: Remote Code Execution Fixes 11 vulnerabilities: CVE-2015-2506, CVE-2015-2507, CVE-2015-2508, CVE-2015-2510, CVE-2015-2511, CVE-2015-2512, CVE- 2015-2517, CVE-2015-2518, CVE-2015-2527, Publicly Disclosed CVE-2015-2529, Exploited in Wild CVE-2015- 2546 Replaces: 3079904 in MS15-078, 2957503 in MS14-036, 3081444, Restart Required: May Require Restart 10 MS15-097: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656)
- 11. Shavlik Confidential Maximum Severity: Critical Affected Products: Windows Description: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Impact: Remote Code Execution Fixes 5 vulnerabilities: CVE-2015-2513, CVE-2015-2514, CVE-2015-2516, CVE-2015-2519, CVE-2015-2530 Replaces: 3046002 in MS15-045, 3081444 Restart Required: May Require Restart 11 MS15-098: Vulnerabilities in Windows Journal Could Allow Remote Code Execution (3089669)
- 12. Shavlik Confidential Maximum Severity: Critical Affected Products: Office, Sharepoint Description: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Impact: Remote Code Execution Fixes 5 vulnerabilities: CVE-2015-2520, CVE-2015-2521, CVE-2015-2522, CVE-2015-2523, Exploited in Wild CVE-2015-2545 Replaces: 2863812 in MS15-059, 3054992 in MS15-081, 2863817 in MS15-059, 3055044 inMS15-081 Restart Required: May Require Restart 12 MS15-099: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)
- 13. Shavlik Confidential Maximum Severity: Priority 1 Affected Products: Shockwave Player Description: Adobe has released a security update for Adobe Shockwave Player. This update addresses critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Impact: Code Execution Fixes 2 vulnerabilities: CVE-2015-6680, CVE-2015-6681 Replaces: 12.1.9.160 and earlier versions Restart Required: 13 APSB15-22: Security update available for Adobe Shockwave Player
- 14. Shavlik Confidential Maximum Severity: Important Affected Products: Microsoft Windows Description: This security update resolves a vulnerability in Active Directory. The vulnerability could allow denial of service if an authenticated attacker creates multiple machine accounts. To exploit the vulnerability an attacker must have an account that has privileges to join machines to the domain. Impact: Denial of Service Fixes 1 vulnerabilities: CVE-2015-2535 Replaces: 2923392 in MS14-016, Restart Required: Requires Restart 14 MS15-096: Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)
- 15. Shavlik Confidential Maximum Severity: Important Affected Products: Microsoft Windows Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Impact: Remote Code Execution Fixes 1 vulnerabilities: Publicly Disclosed CVE-2015-2509 Replaces: None Restart Required: May Require Restart 15 MS15-100: Vulnerability in Windows Media Center Could Allow Remote Code Execution (3087918)
- 16. Shavlik Confidential Maximum Severity: Important Affected Products: Microsoft Windows, .Net Framework Description: This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application. However, in all cases, an attacker would have no way to force users to run the application; an attacker would have to convince users to do so. Impact: Elevation of Privilege Fixes 2 vulnerabilities: Publicly Disclosed CVE-2015-2504, CVE-2015-2526 Replaces: 3074541 – 2656374 inMS12-025, 3074554, 3074233 Restart Required: Does Not Require Restart 16 MS15-101: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662)
- 17. Shavlik Confidential Maximum Severity: Important Affected Products: Microsoft Windows Description: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. Impact: Elevation of Privilege Fixes 3 vulnerabilities: CVE-2015-2524, CVE-2015-2525, CVE-2015-2528 Replaces: 2988948 in MS14-054, 3081444 Restart Required: Does Not Require Restart 17 MS15-102: Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege (3089657)
- 18. Shavlik Confidential Maximum Severity: Important Affected Products: Exchange Server Description: This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow information disclosure if Outlook Web Access (OWA) fails to properly handle web requests, and sanitize user input and email content. Impact: Information Disclosure Fixes 3 vulnerabilities: CVE-2015-2505, CVE-2015-2543, CVE-2015-2544 Replaces: 3062157 in MS15-064 Restart Required: May Require Restart 18 MS15-103: Vulnerabilities in Microsoft Exchange Server Could Allow Information Disclosure (3089250)
- 19. Shavlik Confidential Maximum Severity: Important Affected Products: Skype for Business, Lync Server Description: This security update resolves vulnerabilities in Skype for Business Server and Microsoft Lync Server. The most severe of the vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL. An attacker would have to convince users to click a link in an instant messenger or email message that directs them to an affected website by way of a specially crafted URL. Impact: Elevation of Privilege Fixes 3 vulnerabilities: CVE-2015-2531, CVE-2015-2532, CVE-2015-2536 Replaces: 2982390 in MS14-055 Restart Required: Does Not Require Reboot 19 MS15-104: Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege (3089952)
- 20. Shavlik Confidential Maximum Severity: Important Affected Products: Hyper-V Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker runs a specially crafted application that could cause Windows Hyper-V to incorrectly apply access control list (ACL) configuration settings. Customers who have not enabled the Hyper-V role are not affected. Impact: Security Feature Bypass Fixes 1 vulnerabilities: CVE-2015-2534 Replaces: 3081444 Restart Required: Does Not Require Reboot 20 MS15-105: Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287)
- 21. Shavlik Confidential Skype SeaMonkey NotePad++ 21 Other lower priority updates for September
- 22. Shavlik Confidential22 Review Patch Releases Since August Patch Tuesday • Microsoft: 42 (Non-Security), 1 (Security Advisories), 0 (Security Tool), 6 (Security) • Skype: 2 (Security) • Wireshark: 1 (Security) • iTunes: 1 (Security) • Filezilla: 2 (Security) • Opera: 1 (Security) • Thunderbird: 1 (Security) • TortoiseSVN: 1 (Security) • Dropbox: 1 (Non-Security) • Java 8: 1 (Security) • Chrome: 2 (Security) • Splunk Universal Forwarder: 1 (Non-Security) • Acrobat Reader DC: 1 (Security) • QuickTime: 1 (Security) • NotePad++: 1 (Security) • FireFox: 2 (Security) • Box Sync: 1 (Non-Security) • CDBurnerXP: 1 (Non-Security) • Tomcat: 1 (Security), 1 (Non-Security) • Audacity: 1 (Non-Security) • Ccleaner: 1 (Non-Security) • Libre Office: 1 (Non-Security) • XenApp: 3 (Non-Security) • VDA Core Services: 5 (Non-Security) • VMware Player: 1 (Non-Security) • WinZip: 1 (Non-Security) • CoreFTP: 1 (Non-Security) • Acrobat DC: 1 (Security) • Picasa: 1 (Non-Security) • GotoMeeting: 1 (Non-Security)
- 23. Shavlik Confidential23 Patch Day Summary Company Bulletin Software Affected CVE Count Vulnerability Impact Vendor Severity Threat Risk Notes Microsoft MS15-094 Microsoft Windows, Internet Explorer 17 Remote Code Execution Critical MediumHigh Publicly disclosed CVE-2015-2542 Microsoft MS15-095 Microsoft Windows, Edge 4 Remote Code Execution Critical MediumHigh Publicly disclosed CVE-2015-2542 Microsoft MS15-096 Microsoft Windows 1 Denial of Service Important Medium Microsoft MS15-097 Microsoft Windows, Office, Lync 11 Remote Code Execution Critical High Publicly disclosed and Exploited in Wild CVE-2015- 2546, Publicly disclosed CVE-2015-2529 Microsoft MS15-098 Microsoft Windows 5 Remote Code Execution Critical MediumHigh Microsoft MS15-099 Microsoft Office, SharePoint 5 Remote Code Execution Critical High Exploited in Wild CVE-2015-2545 Microsoft MS15-100 Microsoft Windows 1 Remote Code Execution Important MediumHigh Publicly disclosed CVE-2015-2509 Microsoft MS15-101 Microsoft Windows, .Net Framework 2 Elevation of Privilege Important MediumHigh Publicly disclosed CVE-2015-2504 Microsoft MS15-102 Microsoft Windows 3 Elevation of Privilege Important Medium Microsoft MS15-103 Microsoft Exchange Server 3 Information Disclosure Important Medium Microsoft MS15-104 Skype for Business, Lync Server 3 Elevation of Privilege Important Medium Microsoft MS15-105 Microsoft Windows 1 Security Feature Bypass Important Medium Adobe APSB15-22 Shockwave 2 Code Execution Priority 1 MediumHigh
- 24. Q&A
- 25. Shavlik Confidential • Server 2003 End of Life - http://blog.shavlik.com/server-2003-end-life-September-14-2015- whats-plan/ • We are looking for Protect 9.2 Field Test and Beta Test customers. If you are interested in a demo of what is coming and participating in the test process contact Beta@Shavlik.com. • Slide deck and video playback available here: www.shavlik.com/Webinars • Sign up for next months Patch Tuesday Webinar and view webinar playbacks: http://www.shavlik.com/webinars/ • Sign up for Content Announcements: • Email http://www.shavlik.com/support/xmlsubscribe/ • RSS http://protect7.shavlik.com/feed/ • Twitter @ShavlikXML • Follow us on: • Shavlik on LinkedIn • Twitter @ShavlikProtect • Shavlik blog -> www.shavlik.com/blog • Chris Goettl on LinkedIn • Twitter @ChrisGoettl 25 Resources and Webinars
Editor's Notes
- 5 public disclosures (across 4 bulletins) and 1 exploited in wild in Microsoft release
- Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Public Disclosure: CVE-2015-2542, CVE-2015-2529 Exploited in Wild: CVE-2015-2546
- Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Public Disclosure: CVE-2015-2542 An attacker could host a specially crafted website that is designed to exploit these vulnerabilities through Internet Explorer, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an instant messenger or email message that takes users to the attacker's website, or by getting them to open an attachment sent through email. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Public Disclosure: CVE-2015-2542 An attacker could host a specially crafted website that is designed to exploit these vulnerabilities through Internet Explorer, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an instant messenger or email message that takes users to the attacker's website, or by getting them to open an attachment sent through email. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from these vulnerabilities.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Public Disclosure and Exploited in Wild: CVE-2015-2546 To exploit these vulnerabilities, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerabilities and take control of an affected system. The update addresses the vulnerabilities by correcting how the Windows kernel-mode driver handles objects in memory. Public Disclosure: CVE-2015-2529 An attacker who successfully exploited this vulnerability could retrieve the base address of the kernel driver from a compromised process. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses. Known Issues: https://support.microsoft.com/en-us/kb/3086255 After you install this security update, some programs may not run. (For example, some video games may not run.) To work around this issue, you can temporarily turn on the service for the secdrv.sys driver by running certain commands, or by editing the registry. Note When you no longer require the service to be running, we recommend that you turn off the service again. Warning This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Shavlik did not release variations for Windows 8 x86/x64 and Server 2012 Gold due to issues encountered during testing. The ONLY scenario that worked without issue was a complete clean install with no patches applied yet. Shavlik has opened a ticket with Microsoft and will add support for these variations after a re-release. For an attack to be successful, the vulnerabilities require that a user open a specially crafted Journal file with an affected version of Windows Journal. In an email attack scenario, an attacker could exploit the vulnerabilities by sending a specially crafted Journal file to the user and by convincing the user to open the file. The update addresses the vulnerabilities by modifying how Windows Journal parses Journal files.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems. Exploited in Wild: CVE-2015-2545 This vulnerability could not be exploited automatically through a Web-based attack scenario. An attacker could host a specially crafted website containing an Office file that is designed to exploit the vulnerability, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an instant messenger or email message that takes users to the attacker's website, or by getting them to open an attachment sent through email. If Microsoft Word is the selected email reader, which is the default setting, then an attacker could leverage Outlook for an email-based attack by sending a specially crafted file, containing an EPS image binary, to the targeted user. In this scenario this attack vector requires minimal user action (as in viewing a specially crafted email through the preview pane in Outlook) to be exploited. Workstations and terminal servers that have Microsoft Office installed are primarily at risk. Servers could be at more risk if administrators allow users to log on to servers and to run programs. However, best practices strongly discourage allowing this.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 1. This means you should update as soon as possible on all systems.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 2. This means the update should be implemented in a reasonable timeframe after adequate testing.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 2. This means the update should be implemented in a reasonable timeframe after adequate testing. Public Disclosure: CVE-2015-2509 To exploit this vulnerability, an attacker must entice a user to install the .mcl file on the local machine. Malicious code referenced by the .mcl file could then be executed from an attacker-controlled location. The security update addresses the vulnerability by correcting how Media Center link files are handled.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 2. This means the update should be implemented in a reasonable timeframe after adequate testing. There will likely be multiple variations of MS15-101 missing on a given machine. Public Disclosure: CVE-2015-2504 There are two attack scenarios possible for exploiting this vulnerability: a web browsing scenario and a Windows .NET application bypass of Code Access Security (CAS) restrictions. These scenarios are described as follows: Web browsing attack scenario An attacker could host a specially crafted website that contains a specially crafted XBAP (XAML browser application) that could exploit this vulnerability, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. In all cases, however, an attacker would have no way to force users to visit these websites. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an instant messenger or email message that takes users to the attacker's website. It could also be possible to display specially crafted web content by using banner advertisements or by using other methods to deliver web content to affected systems. Windows .NET applications attack scenario This vulnerability could also be used by Windows .NET Framework applications to bypass Code Access Security (CAS) restrictions. There are two types of systems at risk, which are described as follows: Web browsing scenario Successful exploitation of this vulnerability requires a user to be logged on and visiting websites using a web browser capable of instantiating XBAPs. Therefore, any systems where a web browser is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability. Servers could be at more risk if administrators allow users to browse and read email on servers. However, best practices strongly discourage allowing this. Windows .NET applications Workstations and servers that run untrusted Windows .NET Framework applications are also at risk from this vulnerability.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 2. This means the update should be implemented in a reasonable timeframe after adequate testing.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 2. This means the update should be implemented in a reasonable timeframe after adequate testing.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 2. This means the update should be implemented in a reasonable timeframe after adequate testing.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 2. This means the update should be implemented in a reasonable timeframe after adequate testing.
- Shavlik Priority: Shavlik rates this bulletin as a Priority 3. Consider this update for testing and rollout when convenient. Note: Some 3rd party updates may be non-security, but are still classified in Protect as Security. This is due to the fact that the step from current to this version September include security fixes based on the version currently on a machine. It would only be considered non-security if you were up to the latest version before the non-security release was made available.
- Windows 10 Cumulatives: CSWU-004 – No additional security fixes CSWU-005 - MS15-093: Security update for Internet Explorer: August 18, 2015 CSWU-006 – No additional security fixes MS15-087 – Added support for UDDI 2012, 2013, 2013 R2 MS15-080 – Re-release for Vista, 2008, 7, 2008 R2 MS15-080 – Added support for 2003 for Custom Content subscribers Added support for products: Splunk Universal Forwarder, Boxy Sync 4,