KLA10718
Code execution vulnerabilities in Microsoft Graphics Component
Обновлено: 17/06/2019
Дата обнаружения
08/12/2015
Уровень угрозы
High
Описание

Improper fonts handling was found in Microsoft Graphics Component used in Multiple Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content.

Пораженные продукты

Microsoft Windows Vista Service Pack 2
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows 7 Service Pack 1
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows 10 version 1511
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Word Viewer
Microsoft .NET Framework versions 3.0 SP2, 4, 4.5, 4.5.1, 4.5.2, 4.6
Microsoft Skype for Business 2016
Microsoft Lync 2013 Service Pack 1
Microsoft Lync 2010
Microsoft Live Meeting 2007 Console
Microsoft Silverlight 5

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2015-6108
CVE-2015-6107
CVE-2015-6106
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft Silverlight
Microsoft Office Live Meeting 2007
Microsoft Lync
Microsoft Office
Skype for Windows
Microsoft Windows Vista
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Server 2008
Windows RT
Microsoft Windows 10
CVE-IDS
CVE-2015-61089.3Critical
CVE-2015-61079.3Critical
CVE-2015-61069.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3109094
3116900
3116869
3106614
3114478
3114372
3085616
3114351
3085612
3099863
3099862
3099860
3099866
3099864
3099869
3115873
3115872
3115871
3115870
3115875
3104503
3099874