Latest Security Advisories & Notable Vulnerabilities

Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-5560)
 Severity:    
 Advisory Date:  21 Sep 2015
Adobe Flash Player is prone to an unspecified integer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition.

A vulnerability exists in Windows Media Center that could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.

Trend Micro researchers Aaron Luo, Kenney Lu, and Ziv Chang discovered this zero-day exploit, which also emerged from the Hacking Team leak.

Microsoft addresses the following vulnerabilities in its batch of patches for September 2015:

  • (MS15-094) Cumulative Security Update for Internet Explorer (3089548)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.


  • (MS15-095) Cumulative Security Update for Microsoft Edge (3089665)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.


  • (MS15-096) Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)
    Risk Rating: Important

    This security update resolves a vulnerability in Active Directory. The vulnerability could allow denial of service if an authenticated attacker creates multiple machine accounts.


  • (MS15-097) Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.


  • (MS15-098) Vulnerabilities in Windows Journal Could Allow Remote Code Execution (3089669)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Journal file.


  • (MS15-099) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.


  • (MS15-100) Vulnerability in Windows Media Center Could Allow Remote Code Execution (3087918)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.


  • (MS15-101) Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application.


  • (MS15-102) Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege (3089657)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.


  • (MS15-103) Vulnerabilities in Microsoft Exchange Server Could Allow Information Disclosure (3089250)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow information disclosure if Outlook Web Access (OWA) fails to properly handle web requests, and sanitize user input and email content.


  • (MS15-104) Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege (3089952)
    Risk Rating: Important

    This security update resolves vulnerabilities in Skype for Business Server and Microsoft Lync Server. The most severe of the vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL. An attacker would have to convince users to click a link in an instant messenger or email message that directs them to an affected website by way of a specially crafted URL.


  • (MS15-105) Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker runs a specially crafted application that could cause Windows Hyper-V to incorrectly apply access control list (ACL) configuration settings. Customers who have not enabled the Hyper-V role are not affected.


iOS Sandbox_profiles Vulnerability (CVE-2015-5749)
 Severity:    
 Advisory Date:  20 Aug 2015

Apple addresses a vulnerability that exists in the way the iOS sandbox_profiles component handles third party apps. When abused, a malicious app may be allowed to read managed preferences of other apps' installed in the vulnerable iOS device.

Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2502)
 Severity:    
 Advisory Date:  18 Aug 2015

This vulnerability exists in several versions of the Windows browser Internet Explorer. The vulnerability lies in the way Internet Explorer accesses objects in memory. Attackers could exploit this vulnerability and allow remote code execution on the vulnerable machine. Attackers looking to take advantage of this vulnerability lures potential victims to click on malicious links in instant messages, email messages, and the like.

Affected versions of Internet Explorer are versions 7 to 11, installed in Windows operating systems from Windows Vista to Windows 10.

Android Mediaserver Vulnerability (CVE-2015-3842)
 Severity:    
 Advisory Date:  17 Aug 2015

This vulnerability assigned with CVE-2015-3842, affects the AudioEffect component found in the mediaserver program. Attackers can run arbitrary code on the device when successfully exploited thus compromising its security. However, attackers need to convince users first to install a malicious app that doesn't require any permission.The said vulnerability affects Android versions 2.3 to 5.1.1.

Trend Micro researcher Wish Wu disclosed details about this vulnerability to Google. The said company acknowledged Wu’s research contribution.

Android Vulnerability (CVE-2015-3840)
 Severity:    
 Advisory Date:  12 Aug 2015

Trend Micro researchers discovered this Android vulnerability that can modify MMS/SMS when exploited successfully. This bug came from “MessageStatusReceiver” service found in AndroidManifest.XML file. Attackers may exploit this via a malicious application to launch privilege escalation attack to the Android security model to change received status and date of SMS/MMS.

Other possible attack scenarios would be for attackers to leverage this vulnerability to modify the conversation or even have users send messages to a premium number without their knowledge.

Android Vulnerability (CVE-2015-3839)
 Severity:    
 Advisory Date:  12 Aug 2015

Trend Micro researchers discovered this Android vulnerability assigned with CVE-2015-3839 that could allow attackers to put malicious messages in the messaging app, thus causing it to crash. In addition, attackers can also perform denial-of-service (DoS) attacks on the messaging app only (and not the whole device). As such, users won’t be able to receive and send text messages to their contacts.

Attackers need to trick users into installing a malicious app in order to download the said bug on their devices.

Microsoft addresses the following vulnerabilities in its batch of patches for August 2015:

  • (MS15-079) Cumulative Security Update for Internet Explorer (3082442)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.


  • (MS15-080) Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, and Microsoft Silverlight. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded TrueType or OpenType fonts.


  • (MS15-081) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.


  • (MS15-082) Vulnerabilities in RDP Could Allow Remote Code Execution (3080348)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker first places a specially crafted dynamic link library (DLL) file in the target user’s current working directory and then convinces the user to open a Remote Desktop Protocol (RDP) file or to launch a program that is designed to load a trusted DLL file but instead loads the attacker’s specially crafted DLL file.


  • (MS15-083) Vulnerability in Server Message Block Could Allow Remote Code Execution (3073921)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted string to SMB server error logging.


  • (MS15-084) Vulnerabilities in XML Core Services Could Allow Information Disclosure (3080129)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft Windows and Microsoft Office. The vulnerabilities could allow information disclosure by either exposing memory addresses if a user clicks a specially crafted link or by explicitly allowing the use of Secure Sockets Layer (SSL) 2.0.


  • (MS15-085) Vulnerability in Mount Manager Could Allow Elevation of Privilege (3082487)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker inserts a malicious USB device into a target system.


  • (MS15-086) Vulnerability in System Center Operations Manager Could Allow Elevation of Privilege (3075158)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft System Center Operations Manager. The vulnerability could allow elevation of privilege if a user visits an affected website by way of a specially crafted URL.


  • (MS15-087) Vulnerability in UDDI Services Could Allow Elevation of Privilege (3082459)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker engineered a cross-site scripting (XSS) scenario by inserting a malicious script into a webpage search parameter.


  • (MS15-088) Unsafe Command Line Parameter Passing Could Allow Information Disclosure (3082458)
    Risk Rating: Important

    This security update helps to resolve an information disclosure vulnerability in Microsoft Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability an attacker would first have to use another vulnerability in Internet Explorer to execute code in the sandboxed process.


  • (MS15-089) Vulnerability in WebDAV Could Allow Information Disclosure (3076949)
    Risk Rating: Important

    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if an attacker forces an encrypted Secure Socket Layer (SSL) 2.0 session with a WebDAV server that has SSL 2.0 enabled and uses a man-in-the-middle (MiTM) attack to decrypt portions of the encrypted traffic.


  • (MS15-090) Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege (3060716)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application or convinces a user to open a specially crafted file that invokes a vulnerable sandboxed application, allowing an attacker to escape the sandbox.


  • (MS15-091) Cumulative Security Update for Microsoft Edge (3084525)
    Risk Rating: Critical

    This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.


  • (MS15-092) Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251)
    Risk Rating: Important

    This security update resolves vulnerabilities in Microsoft .NET Framework. The vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application.


Linux Kernel Ping_Unhash Function Vulnerability (CVE-2015-3636)
 Severity:    
 Advisory Date:  05 Aug 2015
This vulnerability involves the ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3, where it does not initialize a certain list data structure during an unhash operation. This allows attackers to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.