Security Alert (A15-08-02): Multiple Vulnerabilities in Microsoft Products (August 2015)
12 August 2015
Microsoft has released 14 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:
MS15-079 Cumulative Security Update for Internet Explorer MS15-080 Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution MS15-081 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution MS15-082 Vulnerabilities in RDP Could Allow Remote Code Execution MS15-083 Vulnerability in Server Message Block Could Allow Remote Code Execution MS15-084 Vulnerabilities in XML Core Services Could Allow Information Disclosure MS15-085 Vulnerability in Mount Manager Could Allow Elevation of Privilege MS15-086 Vulnerability in System Center Operations Manager Could Allow Elevation of Privilege MS15-087 Vulnerability in UDDI Services Could Allow Elevation of Privilege MS15-088 Unsafe Command Line Parameter Passing Could Allow Information Disclosure MS15-089 Vulnerability in WebDAV Could Allow Information Disclosure MS15-090 Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege MS15-091 Cumulative Security Update for Microsoft Edge MS15-092 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege
Depending on the vulnerability exploited, a successful attack could lead to arbitrary code execution, elevation of privilege or information disclosure.
Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
Microsoft Update http://update.microsoft.com/microsoftupdate
Users should be reminded that Microsoft Windows Server 2003 has reached its End-Of-Support on 14 July 2015. No more security updates are available from the vendor. Users should upgrade or migrate the obsolete Windows Server 2003 to a platform with vendor support and implement compensating security measures before completing the upgrade or migration.