Дата обнаружения
|
08/12/2015 |
Уровень угрозы
|
Critical |
Описание
|
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges. Below is a complete list of vulnerabilities
Technical details Vulnerability (1) is relevant for Windows servers configured as DNS servers. Exploitation of this vulnerability can lead to arbitrary code execution in the context of Local System Account. Vulnerability (3) caused by improper input validation before libraries loading. Vulnerability (4) related to situation when attacker-induced race condition results in references to memory contents that have already been freed. This vulnerability id relevant only for systems with installed Microsoft Message Queuing and specifically enabled PGM which isn’t default configuration. |
Пораженные продукты
|
Microsoft Windows Vista Service Pack 2 |
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Первичный источник обнаружения
|
CVE-2015-6127 CVE-2015-6131 CVE-2015-6130 CVE-2015-6133 CVE-2015-6132 CVE-2015-6126 CVE-2015-6125 CVE-2015-6175 CVE-2015-6174 CVE-2015-6128 CVE-2015-6171 CVE-2015-6173 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
DoS
[?]
PE
[?]
|
Связанные продукты
|
Microsoft Windows Vista Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Windows 10 Microsoft Windows Media Center |
CVE-IDS
|
CVE-2015-61274.3Warning
CVE-2015-61319.3Critical CVE-2015-61309.3Critical CVE-2015-61337.2High CVE-2015-61327.2High CVE-2015-61267.2High CVE-2015-61259.3Critical CVE-2015-61757.2High CVE-2015-61747.2High CVE-2015-61287.2High CVE-2015-61717.2High CVE-2015-61737.2High |