Patch Analysis for April 2015

This April Patch Tuesday Bulletin brings 11 patches with it. There are 4 critical and 7 important with only a single bulletin addressing a vulnerability that is being actively exploited. Focus on the initial 4 critical patches released with special emphasis on Internet Explorer MS15-032 since there are reports of active attacks. The remaining 3 critical patches remediate issues with Microsoft Office and Windows but there have not been reports of active attacks. Work on remediating the elevation of privilege vulnerabilities next by applying MS15-036, MS15-037, and MS15-038. Look at applying MS15-039 and MS15-041 since they address issues with widely used technologies like XML core services and .NET. Review MS15-040 and MS15-042 to determine if they are applicable to the environment and apply as necessary.

When it comes to endpoint security, the best first line of defense is patch management. Take the first step to quantifying your IT risk and enhancing your endpoint security posture with the Lumension® Patch Scanner you can:

  • Scan for OS and 3rd party application patches
  • Prioritize remediation to improve security stance
  • Gain visibility into apps being used in your environment
  • Generate web-based reports

Click here assess your vulnerabilities now

Visit the Lumension Patch Tuesday Center

Bulletin Exploit Types
/Technologies Affected
System Types Affected Exploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity rating Products Affected Notes Randy's recommendation
MS15-032

3038314
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
No/NoNoCritical Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Internet Explorer 10
Internet Explorer 11
Restart required, multiple vulnerabilities Update immediately
MS15-034

3042553
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoNo Critical Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Server 2012 R2
Windows 8.1
Restart required Update immediately
MS15-040

3045711
Information disclosure

/ Microsoft Windows
Servers
No/No No Important Server 2012 R2
May require restart Update after testing
MS15-037

3046269
Privilege elevation

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/No No Important Server 2008 R2
Windows 7
Update immediately
MS15-035

3046306
Arbitrary code

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/No No Critical Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
May require restart Update immediately
MS15-039

3046482
Security feature bypass

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/No No Important Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
May require restart Update after testing
MS15-042

3047234
Denial of service

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/No No Important Server 2012 R2
Windows 8.1
Restart required Update after testing
MS15-041

3048010
Information disclosure

/ .NET Framework
Workstations
Terminal Servers
Servers
No/NoYesImportant Vista
Server 2003
Server 2008
Server 2008 R2
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
May require restartUpdate after testing
MS15-033

3048019
Arbitrary code

/ Microsoft Office
Workstations
Terminal Servers
No/YesNoCritical Office 2007
Office 2010
Office 2011 for MAC
Office 2013 RT
Office 2013
May require restart, multiple vulnerabilitiesUpdate immediately
MS15-038

3049576
Privilege elevation

/ Microsoft Windows
Workstations
Terminal Servers
Servers
No/NoNoImportant Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Server 2012 R2
Windows 8.1
Windows RT 8.1
Restart required, multiple vulnerabilitiesUpdate after testing
MS15-036

3052044
Privilege elevation

/ Productivity Software
Sharepoint Servers
No/NoNoImportant SharePoint Server 2010
SharePoint Server 2013
May require restart, multiple vulnerabilitiesUpdate after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.