Patch Tuesday Wednesday (Sep-2015)

patch-tuesday This month Microsoft have released twelve (12) security bulletins of which five (5) have a maximum rating of Critical and seven (7) have a maximum rating of Important.

Continuing the new trend, MSRC posted this months summary in a format almost prepared for Twitter;

❝ Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. ❞ [1]

Bulletin KB number Description Impact / Severity Software
MS15-094 3089548 Cumulative Security Update for Internet Explorer Critical:
Remote Code Execution
Microsoft Windows, Internet Explorer
MS15-095 3089665 Cumulative Security Update for Microsoft Edge Critical:
Remote Code Execution
Microsoft Windows, Microsoft Edge
MS15-096 3072595 Vulnerability in Active Directory Service Could Allow Denial of Service Important:
Denial of Service
Microsoft Windows
MS15-097 3089656 Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution Important:
Remote Code Execution
Microsoft Windows, Microsoft Office, Microsoft Lync
MS15-098 3089669 Vulnerabilities in Windows Journal Could Allow Remote Code Execution Critical:
Remote Code Execution
Microsoft Windows
MS15-099 3089664 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution Critical:
Remote Code Execution
Microsoft Office, Microsoft SharePoint Foundation
MS15-100 3087918 Vulnerability in Windows Media Center Could Allow Remote Code Execution Important:
Remote Code Execution
Microsoft Windows
MS15-101 3089662 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege Important:
Elevation of Privilege
Microsoft Windows, Microsoft .NET Framework
MS15-102 3089657 Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege Important:
Elevation of Privilege
Microsoft Windows
MS15-103 3089250 Vulnerabilities in Microsoft Exchange Server Could Allow Information Disclosure Important:
Information Disclosure
Microsoft Exchange Server
MS15-104 3089952 Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege Important:
Elevation of Privilege
Skype for Business Server, Microsoft Lync Server
MS15-105 3091287 Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass Important:
Security Feature Bypass
Microsoft Windows

Known issues:
MS15-097 3086255

PATCH NOW:
MS15-094, MS15-095, MS15-097 exploit available [2], MS15-098, MS15-099 exploit in the wild [2], MS15-100

Advertisements
This entry was posted in microsoft, patch, Patch_Tuesday, security. Bookmark the permalink.

4 Responses to Patch Tuesday Wednesday (Sep-2015)

  1. Enos says:

    Thanks. Please could you share your source for exploit 097 being available?
    (I do not need the exploit itself, just a source telling me if exploits are available)

  2. Enos says:

    BTW according to SANS an exploit is available also for MS15-099.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s