KLA10718
Code execution vulnerabilities in Microsoft Graphics Component

Обновлено: 03/06/2020
Дата обнаружения
08/12/2015
Уровень угрозы
High
Описание

Improper fonts handling was found in Microsoft Graphics Component used in Multiple Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content.

Пораженные продукты

Microsoft Windows Vista Service Pack 2
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows 7 Service Pack 1
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows 10 version 1511
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Word Viewer
Microsoft .NET Framework versions 3.0 SP2, 4, 4.5, 4.5.1, 4.5.2, 4.6
Microsoft Skype for Business 2016
Microsoft Lync 2013 Service Pack 1
Microsoft Lync 2010
Microsoft Live Meeting 2007 Console
Microsoft Silverlight 5

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2015-6108
CVE-2015-6107
CVE-2015-6106
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft Silverlight
Microsoft Office Live Meeting 2007
Microsoft Lync
Microsoft Office
Skype for Windows
Microsoft Windows Vista
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Server 2008
Windows RT
Microsoft Windows 10
CVE-IDS
CVE-2015-61089.3Critical
CVE-2015-61079.3Critical
CVE-2015-61069.3Critical