| VID |
26696 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix (MS15-021, 3032323) for 'Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution' has not been applied.
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted file or website. An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Adobe Font Driver Denial of Service Vulnerability(CVE-2015-0074)
A denial of service vulnerability exists in how the Adobe Font Driver manages memory when parsing fonts. A user who visited a specially crafted website or opened a specially crafted file could be affected by this vulnerability. The update addresses this vulnerability by correcting how the font parser allocates memory.
- Multiple Adobe Font Driver Information Disclosure Vulnerabilities
Information disclosure vulnerabilities exist in the Adobe Font Driver that could allow the disclosure of memory contents to an attacker. These vulnerabilities are caused when the Adobe Font Driver tries to read or display certain fonts. An attacker could use the vulnerabilities to gain information about the system that could then be combined with other attacks to compromise the system. The information disclosure vulnerabilities by themselves do not allow arbitrary code execution. However, an attacker could use these vulnerabilities in conjunction with another vulnerability to bypass security features such as Kernel Address Space Layout Randomization (KASLR). The update addresses the vulnerabilities by correcting how objects in memory are handled.
- Multiple Adobe Font Driver Remote Code Execution Vulnerabilities
Vulnerabilities exist in the Adobe Font Driver that could allow remote code execution if a user views a specially crafted file or website. The vulnerabilities are caused when the Adobe Font Driver improperly overwrites objects in memory. The vulnerabilities could allow an attacker to run code in kernel-mode and then install programs; view, change, or delete data; or create new accounts with full administrative rights. The update addresses these vulnerabilities by correcting how the Adobe Font Driver handles objects in memory.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://technet.microsoft.com/en-us/library/security/ms15-021
* Platforms Affected:
Windows Server 2003 SP2
Windows Server 2003 x64 SP2
Windows Server 2003 SP2 for Itanium
Windows Vista SP2
Windows Vista x64 SP2
Windows Server 2008 SP2
Windows Server 2008 x64 SP2
Windows 7 SP1
Windows 7 x64 SP1
Windows Server 2008 R2 SP1
Windows Server 2008 R2 x64 SP1
Windows 8
Windows 8.1
Windows Server 2012
Windows Server 2012 R2 |
| Recommendation |
Apply the appropriate patch(3032323) for your system, as listed in Microsoft Security Bulletin MS15-021 at https://technet.microsoft.com/en-us/library/security/ms15-021
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2015-0074,CVE-2015-0087,CVE-2015-0088,CVE-2015-0089,CVE-2015-0090,CVE-2015-0091,CVE-2015-0092,CVE-2015-0093 (CVE) |
| Related URL |
72892,72893,72896,72898,72904,72905,72906,72907 (SecurityFocus) |
| Related URL |
(ISS) |
|
