20150716, Microsoft July 15 released 14 security patches

Last Update:2015-07-16 Source: Internet

Author: User

Tags cve

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Hello, we are Microsoft Greater China Security Support team.

Microsoft at GMT -Years7Month theThe day released -A new security bulletin, where4A severity rating,TenTo a critical level, fixedMicrosoft Windows、Microsoft Office、Internet ExplorerAndSQL ServerVulnerabilities in the. whichms15-065The vulnerabilities that are fixed incve-2015-2425、cve-2015-2425Andcve-2015-2398has been publicly disclosed, and Microsoft has foundcve-2015-2425Exploitation of vulnerabilities.ms15-077The vulnerability incve-2015-2387has been publicly disclosed, and Microsoft has also discovered an attack that exploited the vulnerability.

At the same time, two new security bulletins were released:

Security Bulletin 3057154 | Hardening updates that use DES encryption

This update strengthens the Data Encryption Standard (DES) encryption key used by the account. From Windows 7 and Windows Server R2, DES is disabled by default in Microsoft. However, the update can enhance user protection for environments where DES is still enabled for application compatibility reasons. By default, the update disables DES for the built-in account krbtgt account, trust account, machine account, and machine account \ user account.

Security Bulletin 3074162 | Vulnerability in Microsoft malicious Software Removal Tool could allow elevation of privilege

This security bulletin is intended to inform customers that an update to the Microsoft Malicious Software Removal Tool (MSRT) resolves a security vulnerability reported to Microsoft. This vulnerability allows elevation of privilege when an attacker logs on to the target system and places a specially crafted dynamic link library (. dll) file in the local directory. An authenticated attacker who successfully exploited this vulnerability could elevate its privileges on the target system. An attacker can then install programs, view, change, or delete data, or create a new account with full administrative privileges

The following table outlines the security bulletins for this month, sorted by severity.

Announcement ID	Announcement Title and Executive summary	Highest severity Rating and vulnerability impact	Restart requirements and Known issues	The Affected Software
ms15-058 Vulnerability in	sql Server could Allow Remote code execution (3065718 )	important Remote code execution	may require a reboot	microsoft SQL Server
ms15-065	internet Explorer Security Update ( 3076321)	critical Remote code Execution	Need to restart	microsoft Windows, Internet Explorer
ms15-066	vbscript the vulnerability in the scripting engine could Allow remote code execution ( 3072604)	critical Remote code Execution	May require a restart	microsoft Windows
ms15-067 Vulnerability in	RDP could Allow Remote Code execution (3073094)	critical Remote code Execution	May require a restart	microsoft Windows
ms15-068	windows vulnerability in Hyper-V Could Allow remote code execution (3072000)	serious Remote code Execution	reboot required	microsoft Windows
ms15-069 Vulnerability in	windows could Allow Remote code execution ( 3072631)	important Remote code execution	may require a reboot	microsoft Windows
ms15-070	microsoft Office The vulnerability in could Allow Remote Code Execution (3072620)	may require a reboot	microsoft Office
ms15-071 Vulnerability in	netlogon could allow elevation of privilege (3068457 )	important Elevation of privilege	requires restart	microsoft Windows
ms15-072 The vulnerability in	windows graphics components could allow elevation of privilege ( 3069392)	important Elevation of privilege	requires restart	microsoft Windows
ms15-073	windows vulnerabilities in kernel-mode drivers could allow elevation of privilege ( 3070102)	important Elevation of privilege	requires restart	microsoft Windows
ms15-074	windows Installer Vulnerability in service could allow elevation of privilege (3072630)	requires restart	microsoft Windows
ms15-075 Vulnerability in	ole could allow elevation of privilege (3072633)	Elevation of privilege	may require restart	microsoft Windows
ms15-076	windows A vulnerability in a remote procedure call could allow Elevation of privilege ( 3067505)	important Elevation of privilege	need to restart microsoft Windows
ms15-077	Vulnerability in ATM font driver could allow elevation of privilege (3077657)	Important Privilege elevation	Restart required	Microsoft Windows

For more information, please refer to the annual 7 Month Security Bulletin Summary:

Https://technet.microsoft.com/zh-cn/library/security/ms15-jul.aspx

20150716, Microsoft July 15 released 14 security patches

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More