May, 2015: Patch Tuesday: Busy month for admins with 13 patches, 3 critical

This months Patch Tuesday includes 13 patches with 3 of classified as "Critical". These 13 patches cover 48 various CVE's. We recommend that you test and immediately install MS15-043, MS15-044 and MS15-045 which are our three critical patches for the month. These three patches affect a wide variety of systems and fix a remote code execution vulnerability. Please note that for MS15-50, MS is not releasing and update and is recommending that affected users update their OS. Windows Server 2003 support is ending July 14, 2015 but already it's EOL is affecting users still using this OS. MS15-051 is classified as important but could allow an attacker to to install programs, modify data or create full privileged user accounts so we are recommending you test and patch. Of the 13 patches this month, this is the only one associated with a vulnerability that MS is aware of limited, targeted attacks. For the other 12, no active exploits have been reported by MS as of release time of this months bulletins.

When it comes to endpoint security, the best first line of defense is patch management. Take the first step to quantifying your IT risk and enhancing your endpoint security posture with the Lumension® Patch Scanner you can:

  • Scan for OS and 3rd party application patches
  • Prioritize remediation to improve security stance
  • Gain visibility into apps being used in your environment
  • Generate web-based reports

Click here assess your vulnerabilities now

Visit the Lumension Patch Tuesday Center



BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS15-045

3046002
Remote Code Execution

/ Microsoft Windows
Workstations
Servers
Yes/NoYesCritical Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Only affects systems with Windows Journal installed. Workaround is to not install .jnt files from untrusted sources or disable Windows Journal component.Patch if you have systems using Windows Journal.
MS15-043

3049563
Remote Code Execution

/ Microsoft Windows, Internet Explorer
Workstations
Servers
No/NoNoCritical Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Internet Explorer 10
Internet Explorer 11
Req's restart. There are workarounds published by MS, but none that we see fit as "practical". Servers running IE with ESC enabled are less vulnerable.Critical, so patch manually or with Windows Update on Windows 7 and later versions.
MS15-052

3050514
Security feature bypass

/ Microsoft Windows
Workstations
Servers
No/NoNoImportant Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Req's restart.Test and patch as needed.
MS15-054

3051768
Denial of service

/ Microsoft Windows
Workstations
Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Req's restart.DOS, test and patch as needed.
MS15-050

3055642
Privilege elevation

/ Microsoft Windows
Workstations
Servers
No/NoNoImportant Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Req's restart. Server 2003 is listed but MS is not issuing an update due to compatibility problems. MS recommends Server 2003 security-conscious customers to upgrade to a later OS.Test and patch as needed.
MS15-044

3057110
Information disclosure
Remote Code Execution

/ Microsoft Windows, .NET Framework, Office, Lync, Silverlight
Workstations
Servers
No/NoNoCritical Vista
Office 2007
Server 2003
Server 2008
Server 2008 R2
Windows 7
Office 2010
Silverlight 5
Lync 2010
Windows 8
Server 2012
Windows RT
Lync 2013
Server 2012 R2
Windows 8.1
Windows RT 8.1
.NET Framework 3.5
.NET Framework 3.5.1
.NET Framework 4
.NET Framework 4.5
.NET Framework 4.5.1
.NET Framework 3.0 SP2
.NET Framework 4.5.2
Silverlight 5 Developer
Live Meeting 2007
May req' restart. Multiple updates available but can be installed in any order.Critical, patch immediately.
MS15-048

3057134
Privilege elevation
Denial of service

/ Microsoft Windows, .NET Framework
Workstations
Servers
No/NoNoImportant Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
.NET Framework 1.1 SP1
.NET Framework 2.0 SP2
.NET Framework 3.5
.NET Framework 3.5.1
.NET Framework 4
.NET Framework 4.5
.NET Framework 4.5.1
.NET Framework 4.5.2
Multiple updates can be installed in any sequence. Test and patch.
MS15-046

3057181
Remote Code Execution

/ Microsoft Offie
Workstations
Servers
Sharepoint Servers
No/NoNoImportant Office 2007
Office 2010
Office 2011 for MAC
Powerpoint Viewer
SharePoint Server 2010
SharePoint Server 2013
Office 2013 RT
Office 2013
Office 2013 Web Apps
Office 2010 Web Apps
May req' restart. Multiple vulnerabilities covered.Vulnerability triggered when an end user opens a specially crafted file. We recommend admins test and patch.
MS15-051

3057191
Privilege elevation
Information disclosure

/ Microsoft Windows
Workstations
Servers
Yes/NoNoImportant Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Req's restart. Mutliple vulnerabilities with one publicly disclosed.Test and patch as needed.
MS15-053

3057263
Arbitrary code
Security feature bypass

/ Microsoft Windows
Workstations
Servers
No/NoNoImportant Vista
Server 2003
Server 2008
Server 2008 R2
VBScript 5.6
VBScript 5.7
VBScript 5.8
JScript 5.6
JScript 5.7
JScript 5.8
May req restart. Multiple vulnerabilities.Test and patch as needed.
MS15-047

3058083
Remote Code Execution

/ Microsoft Server Software
Sharepoint Servers
No/NoNoImportant SharePoint Server 2007
SharePoint Server 2010
SharePoint Server 2013
Attacker must be authenticated.Test first and then patch.
MS15-049

3058985
Privilege elevation

/ Silverlight
Workstations
No/NoYesImportant Silverlight 5
Silverlight 5 Developer
Does not require restart. Builds prior to 5.1.40416.00 are affected. Workaround is to disable Silverlight in the browser. Affect IE, Firefox and Chrome if the plugin is being used.Test and patch.
MS15-055

3061518
Information disclosure

/ Microsoft Windows
Workstations
Servers
No/NoNoImportant Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Req's restart. If installing manually, install MS15-052 before installing MS15-055 on Win8 and Server 2012. MS customers installing automatically are taken care of with automatic updates enabled.Patch as needed.

Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.