Microsoft Security Bulletin Coverage (Jan 13, 2015)
Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of January, 2015. A list of issues reported, along with Dell SonicWALL coverage information are as follows:
MS15-001 Vulnerability in Windows Application Compatibility Cache Could Allow Elevation of Privilege (3023266)
- CVE-2015-0002 Microsoft Application Compatibility Infrastructure Elevation of Privilege Vulnerability
This is a local vulnerability.
MS15-002 Vulnerability in Windows Telnet Service Could Allow Remote Code Execution (3020393)
- CVE-2015-0014 Windows Telnet Service Buffer Overflow Vulnerability
IPS: 10696 “Suspicious Telnet Traffic 1”.
MS15-003 Vulnerability in Windows User Profile Service Could Allow Elevation of Privilege (3021674)
- CVE-2015-0004 Microsoft User Profile Service Elevation of Privilege Vulnerability
This is a local vulnerability.
MS15-004 Vulnerability in Windows Components Could Allow Elevation of Privilege (3025421)
- CVE-2015-0016 Directory Traversal Elevation of Privilege Vulnerability
IPS: 6218 “Microsoft CTSWebProxy ActiveX Elevation of Priviledge”.
MS15-005 Vulnerability in Network Location Awareness Service Could Allow Security Feature Bypass (3022777)
- CVE-2015-0006 NLA Security Feature Bypass Vulnerability
There are no known exploits in the wild.
MS15-006 Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)
- CVE-2015-0001 Windows Error Reporting Security Feature Bypass Vulnerability
This is a local vulnerability.
MS15-007 Vulnerability in Network Policy Server RADIUS Implementation Could Cause Denial of Service (3014029)
- CVE-2015-0015 Network Policy Server RADIUS Implementation Denial of Service Vulnerability
There are no known exploits in the wild.
MS15-008 Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3019215)
- CVE-2015-0011 WebDAV Elevation of Privilege Vulnerability
IPS: 6212 “WebdavRedirector Handle”.
