| VID |
26720 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix (MS15-080, 3078662) for 'Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution' has not been applied.
This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, and Microsoft Silverlight. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded TrueType or OpenType fonts.
Multiple OpenType Font Parsing Vulnerabilities
Remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. An attacker who successfully exploited these vulnerabilities could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Multiple TrueType Font Parsing Vulnerabilities
Remote code execution vulnerabilities exist when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts. An attacker who successfully exploited these vulnerabilities could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Office Graphics Component Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Microsoft Office fails to properly handle Office Graphics Library (OGL) fonts. An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Kernel ASLR Bypass Vulnerability
A security feature bypass vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. This issue affects all supported Windows operating systems and is considered to be an Important-class Security Feature Bypass (SFB).
Windows CSRSS Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the way that the Windows Client/Server Run-time Subsystem (CSRSS) terminates a process when a user logs off. An attacker who successfully exploited this vulnerability could run code that is designed to monitor the actions of a user who subsequently logs on to the system. This could allow the disclosure of sensitive information or access to data on the affected systems that was accessible to the logged-on user. This sensitive data could include the logon credentials of subsequent users, which an attacker might later use to elevate privilege or to execute code as a different user on the system. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly. It could be used to collect useful information to try to further compromise the affected system. If a user with administrative privileges subsequently logs on to the system, the attacker could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full system rights.
Windows KMD Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when the Windows kernel-mode driver fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security and gain elevated privileges on a targeted system.
Windows Shell Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when the Windows shell fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass i |
| Recommendation |
Apply the appropriate patch(3078662) for your system, as listed in Microsoft Security Bulletin MS15-080 at https://technet.microsoft.com/en-us/library/security/ms15-080
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2015-2432,CVE-2015-2458,CVE-2015-2459,CVE-2015-2460,CVE-2015-2461,CVE-2015-2462,CVE-2015-2435,CVE-2015-2455,CVE-2015-2456,CVE-2015-2463 (CVE) |
| Related URL |
76203,76207,76209,76210,76211,76213,76215,76216,76218,76223,76225,76235,76238,76239,76240,76241 (SecurityFocus) |
| Related URL |
(ISS) |
|
