July 2015 Microsoft Patch Tuesday
Overview of the July 2015 Microsoft patches and their status.
# | Affected | Contra Indications - KB | Known Exploits | Microsoft rating(**) | ISC rating(*) | |
---|---|---|---|---|---|---|
clients | servers | |||||
MS15-058 | Remote Code Execution Vulnerabilities in SQL Server (This bulletin was supposed to be part of the June 2015 patch Tuesday, but got delayed until today) |
|||||
SQL Server CVE-2015-1761 CVE-2015-1762 CVE-2015-1763 |
KB 3065718 | no. | Severity:Important Exploitability: 2 |
N/A | Important | |
MS15-065 | Internet Explorer Rollup Patch (Replaces MS15-056 ) | |||||
Internet Explorer CVE-2015-1729 CVE-2015-1733 CVE-2015-1738 CVE-2015-1767 CVE-2015-2372 CVE-2015-2383 CVE-2015-2384 CVE-2015-2385 CVE-2015-2388 CVE-2015-2389 CVE-2015-2390 CVE-2015-2391 CVE-2015-2397 CVE-2015-2398 CVE-2015-2401 CVE-2015-2403 CVE-2015-2404 CVE-2015-2405 CVE-2015-2406 CVE-2015-2408 CVE-2015-2410 CVE-2015-2411 CVE-2015-2412 CVE-2015-2413 CVE-2015-2414 CVE-2015-2419 CVE-2015-2421 CVE-2015-2422 CVE-2015-2425 |
KB 3076321 | CVE-2015-2398 has been publicly disclosed.. | Severity:Critical Exploitability: 0 |
Critical | Important | |
MS15-066 | Remote Code Execution Vulnerability in VBScript Scripting Engine (Replaces MS15-019 ) | |||||
VBScript CVE-2015-2372 |
KB 3072604 | no. | Severity:Critical Exploitability: 1 |
Critical | Important | |
MS15-067 | Remote Code Execution Vulnerability in RDP (Replaces MS15-030 ) | |||||
RDP CVE-2015-2373 |
KB 3073094 | no. | Severity:Critical Exploitability: 3 |
Critical | Critical | |
MS15-068 | Remote Code Execution Vulnerabilities in Hyper-V | |||||
Hyper-V CVE-2015-2361 CVE-2015-2362 |
KB 3072000 | no. | Severity:Critical Exploitability: 2 |
N/A | Critical | |
MS15-069 | Remote Code Execution Vulnerabilities in Windows | |||||
Windows and Windows Media Device Manager CVE-2015-2368 CVE-2015-2369 |
KB 3072631 | unauthorized DLL loading is an ongoing issue. | Severity:Important Exploitability: 1 |
Critical | Important | |
MS15-070 | Remote Code Execution Vulnerabilities in Office (Replaces MS13-084 MS15-022 MS15-033 MS15-046 ) | |||||
Microsoft Office (including Mac and Sharepoint) CVE-2015-2376 CVE-2015-2377 CVE-2015-2379 CVE-2015-2380 CVE-2015-2415 CVE-2015-2424 CVE-2015-2375 CVE-2015-2378 |
KB 3072620 | CVE-2015-2424 has been used in exploits.. | Severity:Important Exploitability: 1 |
Critical | Important | |
MS15-071 | Spoofing Vulnerability in Netlogon (Replaces MS15-027 ) | |||||
Netlogon CVE-2015-2374 |
KB 3068457 | no. | Severity:Important Exploitability: 3 |
Important | Important | |
MS15-072 | Elevation of Privilege Vulnerability in Windows Graphics Component (Replaces MS15-035 ) | |||||
Windows Graphics component CVE-2015-2364 |
KB 3069392 | no. | Severity:Important Exploitability: 1 |
Important | Important | |
MS15-073 | Elevation of Privilege Vulnerability in Kernel Mode Drivers (Replaces MS15-061 ) | |||||
Kernel Mode Drivers CVE-2015-2363 CVE-2015-2365 CVE-2015-2366 CVE-2015-2367 CVE-2015-2381 CVE-2015-2382 |
KB 3070102 | no. | Severity:Important Exploitability: 2 |
Important | Important | |
MS15-074 | Elevation of Privilege Vulnerability in Windows Installer Service (Replaces MS49-049 ) | |||||
Windows Installer Service CVE-2015-2371 |
KB 3072630 | no. | Severity:Important Exploitability: 1 |
Important | Important | |
MS15-075 | Elevation of Privilege Vulnerability in OLE (Replaces MS13-070 ) | |||||
OLE CVE-2015-2416 CVE-2015-2417 |
KB 3072633 | no. | Severity:Important Exploitability: 1 |
Critical | Important | |
MS15-076 | Elevation of Privilege in Windows RPC (Replaces MS15-055 ) | |||||
Windows RPC CVE-2015-2370 |
KB 3067505 | no. | Severity:Important Exploitability: 2 |
Important | Important | |
MS15-077 | Elevationof Privilege Vulnerability in ATM Font Driver (Replaces MS15-021 ) | |||||
ATM Font Driver (ATMFD.DLL) CVE-2015-2387 |
KB 3077657 | Exploits Detected. | Severity:Important Exploitability: 0 |
Important | Important |
We will update issues on this page for about a week or so as they evolve.
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
- We use 4 levels:
- PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
- Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
- Important: Things where more testing and other measures can help.
- Less Important patches for servers that do not use outlook, MSIE, word etc. to do traditional office or leisure work.
- The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threats.
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
×
Diary Archives
Comments
Anonymous
Jul 14th 2015
9 years ago
Anonymous
Jul 14th 2015
9 years ago
Anonymous
Jul 14th 2015
9 years ago
Anonymous
Jul 15th 2015
9 years ago
In my case, setting the system-wide CWDillegalinDLLsearch to its strictest setting, FFFFFFFF, did break one app, an old image editor, which I had to make an exemption for in the Registry. So test carefully if you decide to use this.
Anonymous
Jul 15th 2015
9 years ago
Anonymous
Jul 16th 2015
9 years ago
Anonymous
Jul 23rd 2015
9 years ago