Kaspersky Threats

Detect date

?

02/10/2015

Severity

?

Critical

Description

Multiple critical vulnerabilities have been found in Internet Explorer. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information.

Below is a complete list of vulnerabilities

An unknwon vulnerabilities can be exploited remotely via a specially designed web site;
Use-after-free vulnerability can be exploited remotely via a specially edsigned HTML document.

Affected products

Internet Explorer versions from 6 to 11

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS advisory
CVE-2015-0043
CVE-2015-0042
CVE-2015-0041
CVE-2015-0040
CVE-2015-0048
CVE-2015-0046
CVE-2015-0045
CVE-2015-0044
CVE-2015-0017
CVE-2015-0038
CVE-2015-0029
CVE-2015-0028
CVE-2015-0050
CVE-2015-0055
CVE-2015-0070
CVE-2015-0053
CVE-2014-8967
CVE-2015-0049
CVE-2015-0051
CVE-2015-0020
CVE-2015-0021
CVE-2015-0026
CVE-2015-0027
CVE-2015-0054
CVE-2015-0025
CVE-2015-0066
CVE-2015-0067
CVE-2015-0019
CVE-2015-0018
CVE-2015-0031
CVE-2015-0030
CVE-2015-0036
CVE-2015-0039
CVE-2015-0022
CVE-2015-0023
CVE-2015-0035
CVE-2015-0052
CVE-2015-0037
CVE-2015-0068
CVE-2015-0069
CVE-2015-0071

Impacts

?

ACE

[?]

OSI

[?]

DoS

[?]

SB

[?]

Related products

Microsoft Internet Explorer

CVE-IDS

?

Microsoft official advisories

Microsoft Security Update Guide

KB list

3034682
3034196
3021952

Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/40757

https://www.exploit-db.com/exploits/40841

Detect date ?	02/10/2015
Severity ?	Critical
Description	Multiple critical vulnerabilities have been found in Internet Explorer. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities An unknwon vulnerabilities can be exploited remotely via a specially designed web site; Use-after-free vulnerability can be exploited remotely via a specially edsigned HTML document.
Affected products	Internet Explorer versions from 6 to 11
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	MS advisory CVE-2015-0043 CVE-2015-0042 CVE-2015-0041 CVE-2015-0040 CVE-2015-0048 CVE-2015-0046 CVE-2015-0045 CVE-2015-0044 CVE-2015-0017 CVE-2015-0038 CVE-2015-0029 CVE-2015-0028 CVE-2015-0050 CVE-2015-0055 CVE-2015-0070 CVE-2015-0053 CVE-2014-8967 CVE-2015-0049 CVE-2015-0051 CVE-2015-0020 CVE-2015-0021 CVE-2015-0026 CVE-2015-0027 CVE-2015-0054 CVE-2015-0025 CVE-2015-0066 CVE-2015-0067 CVE-2015-0019 CVE-2015-0018 CVE-2015-0031 CVE-2015-0030 CVE-2015-0036 CVE-2015-0039 CVE-2015-0022 CVE-2015-0023 CVE-2015-0035 CVE-2015-0052 CVE-2015-0037 CVE-2015-0068 CVE-2015-0069 CVE-2015-0071
Impacts ?	ACE [?] OSI [?] DoS [?] SB [?]
Related products	Microsoft Internet Explorer
CVE-IDS ?	CVE-2015-00439.3Critical CVE-2015-00429.3Critical CVE-2015-00419.3Critical CVE-2015-00409.3Critical CVE-2015-00489.3Critical CVE-2015-00469.3Critical CVE-2015-00459.3Critical CVE-2015-00449.3Critical CVE-2015-00179.3Critical CVE-2015-00389.3Critical CVE-2015-00299.3Critical CVE-2015-00289.3Critical CVE-2015-00509.3Critical CVE-2015-00554.3Warning CVE-2015-00704.3Warning CVE-2015-00539.3Critical CVE-2014-89676.8High CVE-2015-00499.3Critical CVE-2015-00514.3Warning CVE-2015-00209.3Critical CVE-2015-00219.3Critical CVE-2015-00269.3Critical CVE-2015-00279.3Critical CVE-2015-00544.3Warning CVE-2015-00259.3Critical CVE-2015-00669.3Critical CVE-2015-00679.3Critical CVE-2015-00199.3Critical CVE-2015-00189.3Critical CVE-2015-00319.3Critical CVE-2015-00309.3Critical CVE-2015-00369.3Critical CVE-2015-00399.3Critical CVE-2015-00229.3Critical CVE-2015-00239.3Critical CVE-2015-00359.3Critical CVE-2015-00529.3Critical CVE-2015-00379.3Critical CVE-2015-00689.3Critical CVE-2015-00694.3Warning CVE-2015-00714.3Warning
Microsoft official advisories	Microsoft Security Update Guide
KB list	3034682 3034196 3021952
Exploitation	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/40757 https://www.exploit-db.com/exploits/40841