Posts

Microsoft Security Bulletin Coverage (October 13, 2015)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of October 13, 2015. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS15-106 Cumulative Security Update for Internet Explorer

  • CVE-2015-2482 Scripting Engine Memory Corruption Vulnerability
    IPS: 11189 “Windows Scripting Engine Memory Corruption Vulnerability (MS15-108)”
  • CVE-2015-6042 Memory Corruption Vulnerability
    IPS: 11191 “Internet Explorer Memory Corruption Vulnerability (MS15-106) 3”
  • CVE-2015-6044 Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-6046 Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-6047 Elevation of Privilege Vulnerability
    This is a local vulnerability.
  • CVE-2015-6048 Memory Corruption Vulnerability
    IPS: 11192 “Internet Explorer Memory Corruption Vulnerability (MS15-106) 4”
  • CVE-2015-6049 Memory Corruption Vulnerability
    IPS: 11193 “Internet Explorer Memory Corruption Vulnerability (MS15-106) 5”
  • CVE-2015-6050 Memory Corruption Vulnerability
    IPS: 11194 “Internet Explorer Memory Corruption Vulnerability (MS15-106) 6”
  • CVE-2015-6051 Elevation of Privilege
    This is a local vulnerability.
  • CVE-2015-6052 VBScript and JScript ASLR Bypass
    IPS: 11185 “Internet Explorer ASLR Bypass Vulnerability (MS15-106) 1”
  • CVE-2015-6053 Information Disclosure Vulnerability
    IPS: 11186 “Internet Explorer Information Disclosure Vulnerability (MS15-106) 1”
  • CVE-2015-6055 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-6056 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-6059 Information Disclosure Vulnerability
    IPS: 11187 “Windows Scripting Engine Information Disclosure Vulnerability (MS15-106)”

MS15-107 Cumulative Security Update for Microsoft Edge

  • CVE-2015-6057 Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-6058 XSS Filter Bypass in Microsoft Edge
    IPS: 9592 “Cross-Site Scripting (XSS) Attack 42”

MS15-108 Security Update for Jscript and VBScript to Address Remote Code Execution

  • CVE-2015-2482 Scripting Engine Memory Corruption Vulnerability
    IPS: 11189 “Windows Scripting Engine Memory Corruption Vulnerability (MS15-108)”
  • CVE-2015-6052 VBScript and JScript ASLR Bypass
    IPS: 11185 “Internet Explorer ASLR Bypass Vulnerability (MS15-106) 1”
  • CVE-2015-6055 Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-6059 Information Disclosure Vulnerability
    IPS: 11187 “Windows Scripting Engine Information Disclosure Vulnerability (MS15-106)”

MS15-109 Security Update for Windows Shell to Address Remote Code Execution

  • CVE-2015-2515 Toolbar Use After Free Vulnerability
    IPS: 11188 “Internet Explorer Toolbar Use-After-Free (MS15-109)”
  • CVE-2015-2548 Microsoft Tablet Input Band Use After Free Vulnerabiilty
    IPS: 11190 “Microsoft Tablet Input Band Use-After-Free (MS15-109)”

MS15-110 Security Updates for Microsoft Office to Address Remote Code Execution

  • CVE-2015-2555 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-2556 Microsoft SharePoint Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2015-2557 Microsoft Office Memory Corruption Vulnerability
    IPS: 3209 “MS WSDAPI Memory Corruption Attempt (MS09-063)”
  • CVE-2015-2558 Microsoft Office Memory Corruption Vulnerability
    IPS: 3210 “Titan FTP Server Information Disclosure”
  • CVE-2015-6037 Microsoft Office Web Apps XSS Spoofing Vulnerability
    There are no known exploits in the wi
    ld.
  • CVE-2015-6039 Microsoft SharePoint Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

MS15-111 Security Update for Windows Kernel to Address Elevation of Privilege

  • CVE-2015-2549 Windows Kernel Memory Corruption Vulnerability
    This is a local Vulnerability
  • CVE-2015-2550 Windows Elevation of Privilege Vulnerability
    This is a local Vulnerability
  • CVE-2015-2552 Trusted Boot Security Feature Bypass Vulnerability
    This is a local Vulnerability
  • CVE-2015-2553 Windows Mount Point Elevation of Privilege Vulnerability
    This is a local Vulnerability
  • CVE-2015-2554 Windows Object Reference Elevation of Privilege Vulnerability
    This is a local Vulnerability