Monday, December 19, 2016

Microsoft Security Bulletin Release for July 2015

Microsoft Security Bulletin Release for July 2015



Microsoft released fourteen (14) bulletins.  Four (4) bulletins are identified as Critical and the remaining ten (10) are rated Important in severity.

The updates address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft SQL Server, and Internet Explorer.  Details about the CVEs can be found in the below-referenced TechNet Security Bulletin.

Two Security Advisories were also released:

KB3057154 -- Update to Harden Use of DES Encryption
KB3074162 -- Vulnerability in Microsoft Malicious Software Removal Tool Could Allow Elevation of Privilege

Critical:
  • MS15-065  -- Security Update for Internet Explorer (3076321) 
  • MS15-066  -- Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604) 
  • MS15-067 -- Vulnerability in RDP Could Allow Remote Code Execution (3073094) 
  • MS15-068 -- Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000) 
Important:
  • MS15-058 -- Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718) 
  • MS15-069 -- Vulnerabilities in Windows Could Allow Remote Code Execution (3072631) 
  • MS15-070 -- Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3072620) 
  • MS15-071 -- Vulnerability in Netlogon Could Allow Elevation of Privilege (3068457) 
  • MS15-072 -- Vulnerability in Windows Graphics Component Could Allow Elevation of Privilege (3069392) 
  • MS15-073 -- Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3070102) 
  • MS15-074 -- Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (3072630) 
  • MS15-075 -- Vulnerabilities in OLE Could Allow Elevation of Privilege (3072633) 
  • MS15-076 -- Vulnerability in Windows Remote Procedure Call Could Allow Elevation of Privilege (3067505) 
  • MS15-077 -- Vulnerability in ATM Font Driver Could Allow Elevation of Privilege (3077657) 

Additional Update Notes

  • MSRT -- Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. The updated version includes Win32/Crowti and Win32/Reveton.  Details are available in the MMPC Blog Post.
  • Internet Explorer -- For additional information about the blocking of out-of-date ActiveX controls see the TechNet article, Out-of-date ActiveX control blocking.  Additional changes introduced this month include the blocking of outdated Silverlight.  Additional information is available in the IE Blog.

  • Windows 8.x -- Non-security new features and improvements for Windows 8.1 are now included with the second Tuesday of the month updates.  Additional information about this change is available here.

  • Windows XP -- Effective today, Microsoft definition updates for Microsoft Security Essentials for Windows XP are finished!  See Microsoft antimalware support for Windows XP. 

References

  • MSRC: July 2015 Updates
  • TechNet: Microsoft Security Bulletin for July 2015 



    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...











    Home
    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...



    Available link for download