Detect date
?
|
09/08/2015 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in Microsoft Windows and related products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities
Technical details (2) can be exploited via creating multiple machine accounts. Denial of service caused by exploitation of (9) can lead to data loss. Exploitation of vulnerability (12) can cause allowance of unintended network traffic. Customers with disabled Hyper-V role are not affected to this vulnerability. To exploit vulnerabilities (2, 4, 6, 7, 10, 11) attacker must be logged in and specially for vulnerability (2) have sufficient permissions to create accounts. |
Affected products
|
Windows 10 |
Solution
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Original advisories
|
CVE-2015-2494 |
Impacts
?
|
ACE [?] OSI [?] DoS [?] SB [?] WLF [?] PE [?] |
Related products
|
Microsoft Lync Microsoft Office Microsoft Windows Vista Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Windows 10 Microsoft Windows Media Center |
CVE-IDS
?
|
CVE-2015-24949.3Critical
CVE-2015-25429.3Critical CVE-2015-24869.3Critical CVE-2015-24859.3Critical CVE-2015-25466.9High CVE-2015-25354.0Warning CVE-2015-25341.9Warning CVE-2015-25309.3Critical CVE-2015-25292.1Warning CVE-2015-25287.2High CVE-2015-25277.2High CVE-2015-25257.2High CVE-2015-25247.2High CVE-2015-25099.3Critical CVE-2015-25176.9High CVE-2015-25164.3Warning CVE-2015-25149.3Critical CVE-2015-25139.3Critical CVE-2015-25127.2High CVE-2015-25116.9High CVE-2015-25109.3Critical CVE-2015-25199.3Critical CVE-2015-25186.9High CVE-2015-25069.3Critical CVE-2015-25077.2High CVE-2015-25087.2High |
Microsoft official advisories
|
Microsoft Security Update Guide |
KB list
|
3089657 |
Exploitation
|
The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/38201 https://www.exploit-db.com/exploits/38199 https://www.exploit-db.com/exploits/38200 https://www.exploit-db.com/exploits/38202 https://www.exploit-db.com/exploits/38195 https://www.exploit-db.com/exploits/38151 https://www.exploit-db.com/exploits/38278 https://www.exploit-db.com/exploits/38280 https://www.exploit-db.com/exploits/38276 https://www.exploit-db.com/exploits/38217 https://www.exploit-db.com/exploits/38277 https://www.exploit-db.com/exploits/38279 https://www.exploit-db.com/exploits/38198 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. |
Find out the statistics of the vulnerabilities spreading in your region |