Microsoft Security Bulletin Coverage (November 10, 2015)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of November 10, 2015. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS15-112 Cumulative Security Update for Internet Explorer

• CVE-2015-2427 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
  
• CVE-2015-6064 Microsoft Browser Memory Corruption Vulnerability
  IPS: 11260 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 5”
• CVE-2015-6065 Internet Explorer Memory Corruption Vulnerability
  IPS: 6041 “IInternet Explorer Memory Corruption Vulnerability (MS10-071) 1”
• CVE-2015-6066 Internet Explorer Memory Corruption Vulnerability
  IPS: 11261 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 6”
• CVE-2015-6068 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2015-6069 Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2015-6070 Internet Explorer Memory Corruption Vulnerability
  IPS: 11262 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 7”
• CVE-2015-6071 Internet Explorer Memory Corruption Vulnerability
  IPS: 11263 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 8”
• CVE-2015-6072 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
  
• CVE-2015-6073 Microsoft Browser Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2015-6074 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2015-6075 Internet Explorer Memory Corruption Vulnerability
  IPS: 11264 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 9”
• CVE-2015-6076 Internet Explorer Memory Corruption Vulnerability
  IPS: 11265 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 10”
• CVE-2015-6077 Internet Explorer Memory Corruption Vulnerability
  IPS: 6395 “Client Application Shellcode Exploit 23”
• CVE-2015-6078 Microsoft Browser Memory Corruption Vulnerability
  IPS: 11266 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 11”
• CVE-2015-6079 Internet Explorer Memory Corruption Vulnerability
  IPS: 11267 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 12”
• CVE-2015-6080 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2015-6081 Internet Explorer Memory Corruption Vulnerability
  IPS: 11243 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 1”
• CVE-2015-6082 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2015-6084 Internet Explorer Memory Corruption Vulnerability
  IPS: 11244 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 2”
• CVE-2015-6085 Internet Explorer Memory Corruption Vulnerability
  IPS: 11245 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 3”
• CVE-2015-6086 Internet Explorer Information Disclosure Vulnerability
  IPS: 11256 “Internet Explorer Information Disclosure Vulnerability (MS15-112) 1”
• CVE-2015-6087 Internet Explorer Memory Corruption Vulnerability
  IPS: 11255 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 4”
• CVE-2015-6088 Microsoft Browser ASLR Bypass
  There are no known exploits in the wild.
• CVE-2015-6089 Scripting Engine Memory Corruption Vulnerability
  IPS: 11257 “Scripting Engine Memory Corruption Vulnerability (MS15-112) 1”

MS15-113 Cumulative Security Update for Microsoft Edge

• CVE-2015-6064 Microsoft Browser Memory Corruption Vulnerability
  IPS: 11260 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 5”
• CVE-2015-6073 Microsoft Browser Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2015-6078 Microsoft Browser Memory Corruption Vulnerabi
  lity
  IPS: 11266 “Internet Explorer Memory Corruption Vulnerability (MS15-112) 11”
• CVE-2015-6088 Microsoft Browser ASLR Bypass
  There are no known exploits in the wild.

MS15-114 Security Update for Windows Journal to Address Remote Code Execution

• CVE-2015-6097 Windows Journal Heap Overflow Vulnerability
  SPY: 3215 “Malformed-File jnt.MP.8”

MS15-115 Security Update for Microsoft Windows to Address Remote Code Execution

• CVE-2015-6100 Windows Kernel Memory Elevation of Privilege Vulnerability
  This is a local Vulnerability
  
• CVE-2015-6101 Windows Kernel Memory Elevation of Privilege Vulnerability
  This is a local Vulnerability
  
• CVE-2015-6102 Windows Kernel Memory Information Disclosure Vulnerability
  This is a local Vulnerability
  
• CVE-2015-6103 Windows Graphics Memory Remote Code Execution Vulnerability
  IPS: 3218 “HP Data Protector Remote Code Execution 3”
• CVE-2015-6104 Windows Graphics Memory Remote Code Execution Vulnerability
  IPS: 3219 “Active WebCam — Remote Camera Request”
• CVE-2015-6109 Windows Kernel Memory Information Disclosure Vulnerability
  This is a local Vulnerability
  
• CVE-2015-6113 Windows Kernel Security Feature Bypass Vulnerability
  This is a local Vulnerability
  

MS15-116 Security Updates for Microsoft Office to Address Remote Code Execution

• CVE-2015-2503 Microsoft Office Elevation of Privilege Vulnerability
  This is a local Vulnerability
  
• CVE-2015-6038 Microsoft Office Memory Corruption Vulnerability
  IPS: 11258 “Malformed Excel Document 1”
• CVE-2015-6091 Microsoft Office Memory Corruption Vulnerability
  SPY: 3213 “Malformed-File doc.MP.31”
• CVE-2015-6092 Microsoft Office Memory Corruption Vulnerability
  SPY: 3214 “Malformed-File doc.MP.32”
• CVE-2015-6093 Microsoft Office Memory Corruption Vulnerability
  SPY: 3216 “Malformed-File docx.MP.8”
• CVE-2015-6094 Microsoft Office Memory Corruption Vulnerability
  SPY: 3217 “Malformed-File xlsb.MP.1”

MS15-117 Security Update for NDIS to Address Elevation of Privilege

• CVE-2015-6098 Windows Kernel Memory Corruption Vulnerability
  This is a local Vulnerability
  

MS15-118 Security Update for .NET Framework to Address Elevation of Privilege

• CVE-2015-6096 .NET Information Disclosure Vulnerability
  GAV “Malformed.svg.MP.1”
• CVE-2015-6099 .NET Elevation of Privilege Vulnerability
  IPS “Cross-Site Scripting (XSS) Attack signatures”
• CVE-2015-6115 .NET ASLR Bypass
  This is a local Vulnerability
  

MS15-119 Security Update for Winsock to Address Elevation of Privilege

• CVE-2015-2478 Winsock Elevation of Privilege Vulnerability
  This is a local Vulnerability
  

MS15-120 Security Update for IPSec to Address Denial of Service

• CVE-2015-6111 Windows IPSec Denial of Service Vulnerability
  There are no known exploits in the wild.

MS15-121 Security Update for Schannel to Address Spoofing

• CVE-2015-6112 Schannel TLS Triple Handshake Vulnerability
  There are no known exploits in the wild.

MS15-122 Security Update for Kerberos to Address Security Feature Bypass

• CVE-2015-6095 Windows Kerberos Security Feature Bypass
  There are no known exploits in the wild.

MS15-123 Security Update for Skype for Business and Microsoft Lync to Address Information Disclosure

• CVE-2015-6061 Server Input Validation Security Feature Bypass Vulnerability
  There are no known exploits in the wild.

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.