Security News

Microsoft Security Bulletin Coverage (April 14, 2015)

By

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of April, 2015. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS15-032 Cumulative Security Update for Internet Explorer (3038314)

  • CVE-2015-1652 Internet Explorer Memory Corruption Vulnerability
    IPS: 10861 “Internet Explorer Memory Corruption Vulnerability (MS15-032) 1 “
  • CVE-2015-1657 Internet Explorer Memory Corruption Vulnerability
    IPS: 10862 “Internet Explorer Memory Corruption Vulnerability(MS15-032) 2 “
  • CVE-2015-1659 Internet Explorer Memory Corruption Vulnerability
    “There are no known exploits in the wild.”
  • CVE-2015-1660 Internet Explorer Memory Corruption Vulnerability
    IPS: 10864 “Internet Explorer Memory Corruption Vulnerability (MS15-032) 3 “
  • CVE-2015-1661 Internet Explorer ASLR Bypass Vulnerability
    IPS: 10865 “Internet Explorer ASLR Bypass Vulnerability (MS15-032)”
  • CVE-2015-1662 Internet Explorer Memory Corruption Vulnerability
    IPS: 5690 “Internet Explorer Memory Corruption Vulnerability (MS14-056) 1”
  • CVE-2015-1665 Internet Explorer Memory Corruption Vulnerability
    IPS: 10866 “Internet Explorer Memory Corruption Vulnerability(MS15-032) 5”
  • CVE-2015-1666 Internet Explorer Memory Corruption Vulnerability
    IPS: 10867 “Internet Explorer Memory Corruption Vulnerability(MS15-032) 6”
  • CVE-2015-1667 Internet Explorer Memory Corruption Vulnerability
    IPS: 10868 “Internet Explorer Memory Corruption Vulnerability(MS15-032) 7”
  • CVE-2015-1668 Internet Explorer Memory Corruption Vulnerability
    IPS: 10869 “Internet Explorer Memory Corruption Vulnerability(MS15-032) 8”

MS15-033 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3048019)

  • CVE-2015-1641 Internet Explorer Memory Corruption Vulnerability
    “There are no known exploits in the wild.”
  • CVE-2015-1650 Microsoft Office Component Use After Free Vulnerability
    SPY: 4363“Malformed-File docx.MP.4”
  • CVE-2015-1651 Microsoft Office Component Use After Free Vulnerability
    SPY: 4364“Malformed-File rtf.MP.4”
  • CVE-2015-1649 Microsoft Office Component Use After Free Vulnerability
    SPY: 4364“Malformed-File rtf.MP.3”

MS15-034 Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)

  • CVE-2015-1635 HTTP.sys Remote Code Execution Vulnerability
    IPS: 10885“Microsoft HTTP.sys Remote Code Execution”

MS15-035 Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (3046306)

  • CVE-2015-1645 EMF Processing Remote Code Execution Vulnerability
    “There are no known exploits in the wild.”

MS15-036 Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege (3052044)

  • CVE-2015-1640 Mcrosoft SharePoint XSS Vulnerability
    IPS: 6753“Cross-Site Scripting (XSS) Attack 8”
  • CVE-2015-1653 Mcrosoft SharePoint XSS Vulnerability
    IPS: 2087“Cross-Site Scripting (XSS) Attack 47”

MS15-037 Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (3046269)

  • CVE-2015-0098 Task Scheduler Elevation of Privilege Vulnerability
    “There are no known exploits in the wild.”

MS15-038 Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege (3049576)

  • CVE-2015-1643 NtCreateTransactionManager Type Confusion Vulnerability
    “There are no known exploits in the wild.”
  • CVE-2015-1644 Windows MS-DOS device name Vulnerability
    “There are no known exploits in the wild.>

MS15-039 Vulnerability in XML Core Services Could Allow Security Feature Bypass (3046482)

  • CVE-2015-1646 MSXML3 Same Origin Policy SFB Vulnerability
    IPS:10877 “Microsoft MSXML3 Same Origin Policy Bypass.”

MS15-040 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3045711)

  • CVE-2015-1638 Active Directory Federation Services Information Disclosure Vulnerability
    “There are no known exploits in the wild.”

MS15-041 Vulnerability in .NET Framework Could Allow Information Disclosure (3048010)

  • CVE-2015-1648 ASP.NET Information Disclosure Vulnerability
    IPS:10860 “Suspicious Request URI 22”

MS15-042 Vulnerability in Windows Hyper-V Could Allow Denial of Service (3047234)

  • CVE-2015-1647 Windows Hyper-V DoS Vulnerability
    IPS:10860 “Suspicious Request URI 22”
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
Rise in Tepfer spam campaigns leading to P2P Zeus (Feb 1, 2013)
PoSeidon: a new malware program targets point-of-sale systems
Shade Ransomware (Oct 7th, 2016)
Current State of CoronaVirus related threats
New GPU Bitcoin Miner Trojan spotted in the wild (Oct 6, 2011)
Robbinhood Ransomware left city government crippled for weeks
VMware Workspace ONE Access & Identity Manager (vIDM) RCE Vulnerability
Fake Pokemon GO apps tuck away dangerous malware (August 1, 2016)