Skip to content ↓ | Skip to navigation ↓

Today’s VERT Alert addresses 12 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-643 on Wednesday, November 11th.

Ease of Use (published exploits) to Risk Table

Automated Exploit
Easy
Moderate
Difficult
MS15-121
Extremely Difficult
MS15-120
No Known Exploit
MS15-112
MS15-113
MS15-114
MS15-115
MS15-116
MS15-118
MS15-122
MS15-123

MS15-117
MS15-119
Exposure
Local
Availability
Local
Access
Remote
Availability
Remote
Access
Local
Privileged
Remote
Privileged

 

MS15-112 Multiple Internet Explorer Memory Corruption Vulnerabilities MULTIPLE
Scripting Engine Memory Corruption Vulnerability CVE-2015-6089
Internet Explorer Information Disclosure Vulnerability CVE-2015-6086
Microsoft Browser ASLR Bypass CVE-2015-6088
MS15-113 Multiple Microsoft Edge Memory Corruption Vulnerabilities MULTIPLE
Microsoft Browser ASLR Bypass CVE-2015-6088
MS15-114 Windows Journal Heap Overflow Vulnerability CVE-2015-6097
MS15-115 Multiple Windows Kernel Memory Elevation of Privilege Vulnerabilities MULTIPLE
Multiple Windows Kernel Memory Information Disclosure Vulnerabilities MULTIPLE
Multiple Windows Graphics Memory Remote Code Execution Vulnerabilities MULTIPLE
Windows Kernel Security Feature Bypass Vulnerability CVE-2015-6113
MS15-116 Multiple Microsoft Office Memory Corruption Vulnerabilities MULTIPLE
Microsoft Office Elevation of Privilege Vulnerability CVE-2015-2503
Microsoft Outlook for Mac Spoofing Vulnerability CVE-2015-6123
MS15-117 Windows NDIS Elevation of Privilege Vulnerability CVE-2015-6098
MS15-118 .NET Information Disclosure Vulnerability CVE-2015-6096
.NET Elevation of Privilege Vulnerability CVE-2015-6099
.NET ASLR Bypass CVE-2015-6115
MS15-119 Winsock Elevation of Privilege Vulnerability CVE-2015-2478
MS15-120 Windows IPSec Denial of Service Vulnerability CVE-2015-6111
MS15-121 Schannel TLS Triple Handshake Vulnerability CVE-2015-6112
MS15-122 Windows Kerberos Security Feature Bypass CVE-2015-6095
MS15-123 Server Input Validation Information Disclosure Vulnerability CVE-2015-6061

 

MS15-112

Like almost every month, this month starts off with an Internet Explorer patch. Something that’s interesting in the naming this month is the vulnerabilities labeled ‘Internet Explorer Memory Corruption Vulnerability’ vs ‘Microsoft Browser Memory Corruption Vulnerability’. This small distinction is an easy way to tell if a vulnerability applies just to IE (MS15-112) or also to Edge (MS15-113).

MS15-113

The Edge update this month is relatively small containing just 4 CVEs, all of which are also included in MS15-112 and distinguished by the use of ‘Microsoft Browser’ in the name to show that both browsers are affected.

MS15-114

Once again, a vulnerability in Windows Journal is patched and once again we issue the same reminder. If you aren’t a regular user of the Windows Journal, apply the Microsoft mitigations, which include removing the .jnt file association, uninstalling journal, or denying access to the executable. Given the frequency of Journal updates recently, this small amount of effort could greatly improve your security hygiene.

MS15-115

Windows Kernel issues are as common as IE update at this point and the Adobe Type Manager Library is, once again, one of the culprits. Along with the browser updates, this should be at the top of your list.

MS15-116

Up next, we have the Office bulletin. Office, however, is not the most interesting aspect of this bulletin. This bulletin also includes updates to Skype for Business and Lync. These same platforms are also addressed in MS15-123. It should be noted that where the product versions overlap, so do the updates and the duplicated update does not need to be installed twice in those situations.

MS15-117

An elevation of privilege in NDIS is next on the list. This is the first time in quite a while that we’ve seen a vulnerability affecting NDIS, which may mean that it’s been overlooked and that researchers may look for other issues in the Network Driver Interface Specification in the near future.

MS15-118

MS15-118 resolves three vulnerabilities in .NET including a cross-site scripting vulnerability in ASP.NET and an ASLR bypass in the .NET Framework. The final vulnerability is a local file include vulnerability in the document type definition when parsing XML files.

MS15-119

Yet another privilege escalation vulnerability is resolved by MS15-119. This one affects Winsock.

MS15-120

Up next, we have a publicly disclosed IPSec Denial of Service vulnerability. A flaw in the service’s handling of encryption negotiation allows an attacker with valid credentials to connect to the listening service and render the server unresponsive.

MS15-121

Another publicly disclosed vulnerability is resolved by MS15-121. This one affects Schannel and other TLS implementations. The fix involves the implementation of RFC7627. To find out additional details, please read this blog post on The State of Security.

MS15-122

The penultimate update this month is a shortcoming in Kerberos. This flaw, a fault in the way the software checks a password change, could allow a user to bypass authentication and decrypt BitLocker protected drives.

MS15-123

The final bulletin this month resolves a vulnerability in Lync and Skype for Business. This is the update that shares packages with a portion of MS15-116. The attack is essentially a cross-site scripting attack within the messaging platform; allowing an attacker to browse to webpages, open conversations, and more.

Additional Details

Adobe has released APSB15-28 to address multiple vulnerabilities in Adobe Flash Player.

As always, VERT recommends that you apply all the patches as soon as possible but also that you fully vet patches (when possible) before applying them to production systems.