KLA10470
Multiple vulnerabilities in Microsoft products
Updated: 06/01/2019
Detect date
?
03/10/2015
Severity
?
Critical
Description

Multiple critical vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privilleges.

Below is a complete list of vulnerabilities

  1. Unknown vulnerability can be exploited remotely via specially designed web site or file;
  2. An untrusted path vulnerability can be exploited locally via DLL hijack.
Affected products

Windows Server 2003 x86, x64, for Itanium-based Systems Service Pack 2
Windows Vista x86, x64 Service Pack 2
Windows Server 2008 x86, x64, for Itanium-based Systems Service Pack 2
Windows 7 x86, x64 Service Pack 1
Windows Server 2012, 2012 R2
Windows RT, RT 8.1

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS bulletin
CVE-2015-0096
CVE-2015-0081

Impacts
?
ACE 
[?]

PE 
[?]
Related products
Microsoft Windows Vista
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Server 2008
CVE-IDS
?
CVE-2015-00969.3Critical
CVE-2015-00819.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3033889
3039066
3041836