Microsoft Security Bulletin Coverage (Feb 10, 2015)

By

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of February, 2015. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS15-009 Security Update for Internet Explorer (3034682)

  • CVE-2014-8967 Internet Explorer Memory Corruption Vulnerability
    IPS: 6108 “Internet Explorer HTML Use-After-Free 6”
  • CVE-2015-0017 Internet Explorer Memory Corruption Vulnerability
    IPS: 3480 “DOM Object Use-After-Free Attack 3a”
  • CVE-2015-0018 Internet Explorer Memory Corruption Vulnerability
    IPS: 6329 “Microsoft Internet Explorer HTML Use After Free 6”
  • CVE-2015-0019 Internet Explorer Memory Corruption Vulnerability
    IPS: 6331 “Microsoft Internet Explorer Use After Free 2”
  • CVE-2015-0020 Internet Explorer Memory Corruption Vulnerability
    IPS: 6333 “Microsoft Internet Explorer Use After Free 3”
  • CVE-2015-0021 Internet Explorer Memory Corruption Vulnerability
    IPS: 6340 “Microsoft Internet Explorer Use After Free 4”
  • CVE-2015-0022 Internet Explorer Memory Corruption Vulnerability
    IPS: 9961 “Microsoft Internet Explorer Use After Free 10”
  • CVE-2015-0023 Internet Explorer Memory Corruption Vulnerability
    IPS: 9961 “HTTP Client Shellcode Exploit 15”
  • CVE-2015-0025 Internet Explorer Memory Corruption Vulnerability
    IPS: 6344 “Microsoft Internet Explorer Use After Free 6”
  • CVE-2015-0026 Internet Explorer Memory Corruption Vulnerability
    IPS: 6346 “Microsoft Internet Explorer HTML Use After Free 7”
  • CVE-2015-0027 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0028 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0029 Internet Explorer Memory Corruption Vulnerability
    IPS: 7645 “HTTP Client Shellcode Exploit 11c”
  • CVE-2015-0030 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0031 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0035 Internet Explorer Memory Corruption Vulnerability
    IPS: 9836 “Microsoft Internet Explorer Use After Free 9”
  • CVE-2015-0036 Internet Explorer Memory Corruption Vulnerability
    IPS: 6347 “Microsoft Internet Explorer Out of Bound index array (MS15-009)”
  • CVE-2015-0037 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0038 Internet Explorer Memory Corruption Vulnerability
    IPS: 9944 “Microsoft Internet Explorer HTML Use After Free 10”
  • CVE-2015-0039 Internet Explorer Memory Corruption Vulnerability
    IPS: 6350 “Microsoft Internet Explorer HTML Use After Free 8”
  • CVE-2015-0040 Internet Explorer Memory Corruption Vulnerability
    IPS: 6351 “Microsoft Internet Explorer Use After Free 7”
  • CVE-2015-0041 Internet Explorer Memory Corruption Vulnerability
    IPS: 5097 “Microsoft Internet Explorer Use After Free 8”
  • CVE-2015-0042 Internet Explorer Memory Corruption Vulnerability
    IPS: 6320 “Microsoft Internet Explorer HTML Use After Free 9”
  • CVE-2015-0043 Internet Explorer Memory Corruption Vulnerability
    IPS: 10726 “Microsoft Internet Explorer Use After Free 11”
    IPS: 10727 “Microsoft Internet Explorer Use After Free 12”
  • CVE-2015-0044 Internet Explorer Memory Corruption Vulnerability
    IPS: 10728 “Microsoft Internet Explorer Remote Code Execution 4”
  • CVE-2015-0045 Internet Explorer Memory Corruption Vulnerability
    IPS: 10729 “Microsoft Internet Explorer Use After Free 14”
  • CVE-2015-0046 Internet Explorer Memory Corruption Vulnerability
    IPS: 10730 “Microsoft Internet Explorer Remote Code Execution 3”
  • CVE-2015-0048 Internet Explorer Memory Corruption Vulnerability
    IPS: 10731 “Microsoft Internet Explorer Use After Free 16”
  • CVE-2015-0049 Internet Explorer Memory Corruption Vulnerability
    IPS: 10732 “Microsoft Internet Explorer Use After Free 17”
  • CVE-2015-0050 Internet Explorer Memory Corruption Vulnerability
    IPS: 3310 “HTTP Client Shellcode Exploit 82”
  • CVE-2015-0051 Internet Explorer ASLR Bypass Vulnerability
    IPS: 10733 “Microsoft Internet Explorer Memory Access”
  • CVE-2015-0052 Internet Explorer Memory Corruption Vulnerability
    IPS: 10734 “Microsoft Internet Explorer Remote Code Execution 2”
  • CVE-2015-0053 Internet Explorer Memory Corruption Vulnerability
    IPS: 2067 “Microsoft Internet Explorer 7 Uninitialized Pointer (MS15-009)”
  • CVE-2015-0054 Internet Explorer Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0055 Internet Explorer Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0066 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0067 Internet Explorer Memory Corruption Vulnerability
    IPS: 9948 “Microsoft Internet Explorer Uninitialized Pointer (MS15-009)”
  • CVE-2015-0068 Internet Explorer Memory Corruption Vulnerability
    IPS: 9926 “Microsoft Internet Explorer Remote Code Execution (MS15-009)”
  • CVE-2015-0069 Internet Explorer ASLR Bypass Vulnerability
    IPS: 9988 “HP Data Protector Remote Code Execution”
  • CVE-2015-0070 Internet Explorer Cross-domain Information Disclosure Vulnerability
    IPS: 9925 “Microsoft Internet Explorer Information Disclosure (MS15-009)”
  • CVE-2015-0071 Internet Explorer ASLR Bypass Vulnerability
    IPS: 9949 “Internet Explorer Memory Corruption Vulnerability (MS13-047) 12”

MS15-010 Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (3036220)

  • CVE-2015-0003 Win32k Elevation of Privilege Vulnerability
    This is a local vulnerability.
  • CVE-2015-0010 CNG Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0057 Win32k Elevation of Privilege Vulnerability
    This is a local vulnerability.
  • CVE-2015-0058 Windows Cursor Object Double Free Vulnerability
    This is a local vulnerability.
  • CVE-2015-0059 TrueType Font Parsing Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0060 Windows Font Driver Denial of Service Vulnerability
    There are no known exploits in the wild.

MS15-011 Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)

  • CVE-2015-0008 Group Policy Remote Code Execution Vulnerability
    IPS: 10735 “Group Policy Remote Code Execution Vulnerability”

MS15-012 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3032328)

  • CVE-2015-0063 Excel Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0064 Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-0065 OneTableDocumentStream Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS15-013 Vulnerability in Microsoft Office Could Allow Security Feature Bypass (3033857)

  • CVE-2014-6362 Microsoft Office Component Use After Free Vulnerability
    There are no known exploits in the wild.

MS15-014 Vulnerability in Group Policy Could Allow Security Feature Bypass (3004361)

  • CVE-2015-0009 Group Policy Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

MS15-015 Vulnerability in Microsoft Windows Could Allow Elevation of Privilege (3031432)

  • CVE-2015-0062 Windows Create Process Elevation of Privilege Vulnerability
    This is a local vulnerability.

MS15-016 Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3029944)

  • CVE-2015-0061 TIFF Processing Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS15-017 Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege (3035898)

  • CVE-2015-0012 Virtual Machine Manager Elevation of Privilege Vulnerability
    This is a local vulnerability.
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.