Kaspersky Threats

Detect date

?

12/08/2015

Severity

?

High

Description

Improper fonts handling was found in Microsoft Graphics Component used in Multiple Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content.

Affected products

Microsoft Windows Vista Service Pack 2
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows 7 Service Pack 1
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows 10 version 1511
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Word Viewer
Microsoft .NET Framework versions 3.0 SP2, 4, 4.5, 4.5.1, 4.5.2, 4.6
Microsoft Skype for Business 2016
Microsoft Lync 2013 Service Pack 1
Microsoft Lync 2010
Microsoft Live Meeting 2007 Console
Microsoft Silverlight 5

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2015-6108
CVE-2015-6107
CVE-2015-6106

Impacts

?

ACE

[?]

Detect date ?	12/08/2015
Severity ?	High
Description	Improper fonts handling was found in Microsoft Graphics Component used in Multiple Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content.
Affected products	Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2008 Service Pack 2 Microsoft Windows 7 Service Pack 1 Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows RT Microsoft Windows RT 8.1 Microsoft Windows 10 Microsoft Windows 10 version 1511 Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 Microsoft Word Viewer Microsoft .NET Framework versions 3.0 SP2, 4, 4.5, 4.5.1, 4.5.2, 4.6 Microsoft Skype for Business 2016 Microsoft Lync 2013 Service Pack 1 Microsoft Lync 2010 Microsoft Live Meeting 2007 Console Microsoft Silverlight 5
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2015-6108 CVE-2015-6107 CVE-2015-6106
Impacts ?	ACE [?]
Related products	Microsoft Silverlight Microsoft Office Live Meeting 2007 Microsoft Lync Microsoft Office Skype for Windows Microsoft Windows Vista Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Windows 10
CVE-IDS ?	CVE-2015-61089.3Critical CVE-2015-61079.3Critical CVE-2015-61069.3Critical
Microsoft official advisories	Microsoft Security Update Guide
KB list	3109094 3116900 3116869 3106614 3114478 3114372 3085616 3114351 3085612 3099863 3099862 3099860 3099866 3099864 3099869 3115873 3115872 3115871 3115870 3115875 3104503 3099874
	Find out the statistics of the vulnerabilities spreading in your region

KLA10718Code execution vulnerabilities in Microsoft Graphics Component

KLA10718
Code execution vulnerabilities in Microsoft Graphics Component