Multiple vulnerabilities in Microsoft products

Description

Multiple critical vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to fain privileges, bypass security restrictions or cause denial of service.

Below is a complete list of vulnerabilities

1. A double-free and other unknown vulnerability can be exploited locally via a specially designed applications;
2. An unknown vulnerability can be exploited locally via specially designed TrueType font;
3. Improper work with impersonation token can be exploited locally via an unknown vectors.

Original advisories

• MS advisory

• CVE-2015-0057
• CVE-2015-0060
• CVE-2015-0058
• CVE-2015-0059
• CVE-2015-0010
• CVE-2015-0003

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Windows-Vista-4
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Microsoft-Windows-Server-2003
• Windows-RT

CVE list

• CVE-2015-0057
  high
• CVE-2015-0060
  warning
• CVE-2015-0058
  high
• CVE-2015-0059
  high
• CVE-2015-0010
  warning
• CVE-2015-0003
  high

KB list

• 3037639
• 3013455
• 3036220
• 3023562

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com