Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 8 vulnerabilities that were fixed in 8 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Microsoft has released 8 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
Microsoft has released a security update that addresses the vulnerability by changing how Windows Application Compatibility Infrastructure processes impersonation token usage.
This security update is rated Important for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1.
Note: Previously, this was a zero day reported on Windows 8.1 systems. Refer to Elevation of Privilege in ahcache.sys/NtApphelpCacheControl for more details.
Workaround:
Using the EMET toolkit could help reduce the ease of exploitation.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-001 Windows 7 for 32-bit Systems Service Pack 1
MS15-001 Windows 7 for x64-based Systems Service Pack 1
MS15-001 Windows 8 for 32-bit Systems
MS15-001 Windows 8 for x64-based Systems
MS15-001 Windows 8.1 for 32-bit Systems
MS15-001 Windows 8.1 for x64-based Systems
MS15-001 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-001 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-001 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-001 Windows Server 2012
MS15-001 Windows Server 2012
MS15-001 Windows Server 2012 R2
MS15-001 Windows Server 2012 R2
The security update addresses the vulnerability by correcting how Telnet validates user input.
This security update is rated Critical for all supported releases of Microsoft Windows.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-002 Windows Server 2003
MS15-002 Windows 7
MS15-002 Windows 7 for x64-based Systems
MS15-002 Windows 8
MS15-002 Windows 8 for x64-based Systems
MS15-002 Windows 8.1
MS15-002 Windows 8.1 for x64-based Systems
MS15-002 Windows Embedded Standard 7
MS15-002 Windows Embedded Standard 7 for x64-based Systems
MS15-002 Windows Server 2003 for Itanium-based Systems
MS15-002 Windows Server 2003 x64 Edition
MS15-002 Windows Server 2008
MS15-002 Windows Server 2008 R2 for Itanium-based Systems
MS15-002 Windows Server 2008 R2 x64 Edition
MS15-002 Windows Server 2008 for Itanium-based Systems
MS15-002 Windows Server 2008 x64 Edition
MS15-002 Windows Server 2012
MS15-002 Windows Server 2012 R2
MS15-002 Windows Vista
MS15-002 Windows Vista for x64-based Systems
MS15-002 Windows XP WEPOS and POSReady
The security update addresses the vulnerability by correcting how the Windows User Profile Service validates user privileges to load registry hives.
This security update is rated Important for all supported releases of Microsoft Windows.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-003 Windows 7 for 32-bit Systems Service Pack 1
MS15-003 Windows 7 for x64-based Systems Service Pack 1
MS15-003 Windows 8 for 32-bit Systems
MS15-003 Windows 8 for x64-based Systems
MS15-003 Windows 8.1 for 32-bit Systems
MS15-003 Windows 8.1 for x64-based Systems
MS15-003 Windows Server 2003 Service Pack 2
MS15-003 Windows Server 2003 with SP2 for Itanium-based Systems
MS15-003 Windows Server 2003 x64 Edition Service Pack 2
MS15-003 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-003 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-003 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-003 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-003 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-003 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-003 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-003 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-003 Windows Server 2012
MS15-003 Windows Server 2012
MS15-003 Windows Server 2012 R2
MS15-003 Windows Server 2012 R2
MS15-003 Windows Vista Service Pack 2
MS15-003 Windows Vista x64 Edition Service Pack 2
This security update is rated Important for all supported editions of Windows Vista, Windows 7, Windows 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2 and Windows RT 8.1.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-004 Windows 7 for 32-bit Systems Service Pack 1
MS15-004 Windows 7 for 32-bit Systems Service Pack 1
MS15-004 Windows 7 for 32-bit Systems Service Pack 1
MS15-004 Windows 7 for x64-based Systems Service Pack 1
MS15-004 Windows 7 for x64-based Systems Service Pack 1
MS15-004 Windows 7 for x64-based Systems Service Pack 1
MS15-004 Windows 8 for 32-bit Systems
MS15-004 Windows 8 for x64-based Systems
MS15-004 Windows 8.1 for 32-bit Systems
MS15-004 Windows 8.1 for x64-based Systems
MS15-004 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-004 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-004 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-004 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-004 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-004 Windows Server 2012
MS15-004 Windows Server 2012
MS15-004 Windows Server 2012 R2
MS15-004 Windows Server 2012 R2
MS15-004 Windows Vista Service Pack 2
MS15-004 Windows Vista x64 Edition Service Pack 2
Microsoft released an update that addresses the vulnerability by forcing mutual authentication via Kerberos. The vulnerability could allow security feature bypass by unintentionally relaxing the firewall policy and/or configuration of certain services when an attacker on the same network as the victim spoofs responses to DNS and LDAP traffic initiated by the victim.
This security update is rated Important for all supported editions of Windows 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1 and Windows Server 2012 R2.
Note : Windows Server 2003 is listed as an affected product, however; Microsoft is not issuing an update for it because the comprehensive architectural changes required would jeopardize system stability and cause application compatibility problems. It is advisable to upgrade to a later operating system if you are running Windows Server 2003.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-005 Windows 7 for 32-bit Systems Service Pack 1
MS15-005 Windows 7 for x64-based Systems Service Pack 1
MS15-005 Windows 8 for 32-bit Systems
MS15-005 Windows 8 for x64-based Systems
MS15-005 Windows 8.1 for 32-bit Systems
MS15-005 Windows 8.1 for x64-based Systems
MS15-005 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS15-005 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-005 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-005 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-005 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-005 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS15-005 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-005 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-005 Windows Server 2012
MS15-005 Windows Server 2012
MS15-005 Windows Server 2012 R2
MS15-005 Windows Server 2012 R2
MS15-005 Windows Vista Service Pack 2
MS15-005 Windows Vista x64 Edition Service Pack 2
Affected Software:
Windows 8
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1
This security update is rated Important.
Workaround:
Microsoft has not identified any workarounds for this vulnerability.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-006 Windows 8 for 32-bit Systems
MS15-006 Windows 8 for x64-based Systems
MS15-006 Windows 8.1 for 32-bit Systems
MS15-006 Windows 8.1 for x64-based Systems
MS15-006 Windows Server 2012
MS15-006 Windows Server 2012
MS15-006 Windows Server 2012 R2
MS15-006 Windows Server 2012 R2
The security update addresses the vulnerability by changing how Network Policy Servers parse username queries when implementing RADIUS.
Affected Versions:
This security update is rated Important for all supported editions of Windows Server 2003, Windows Server 2008 (excluding Itanium), Windows Server 2008 R2 (excluding Itanium), Windows Server 2012 and Windows Server 2012 R2.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-007 Windows Server 2003 Service Pack 2
MS15-007 Windows Server 2003 with SP2 for Itanium-based Systems
MS15-007 Windows Server 2003 x64 Edition Service Pack 2
MS15-007 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-007 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-007 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-007 Windows Server 2012
MS15-007 Windows Server 2012 R2
This security update is rated Important for all supported releases of Microsoft Windows.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS15-008 Windows 7 for 32-bit Systems Service Pack 1
MS15-008 Windows 7 for x64-based Systems Service Pack 1
MS15-008 Windows 8 for 32-bit Systems
MS15-008 Windows 8 for x64-based Systems
MS15-008 Windows 8.1 for 32-bit Systems
MS15-008 Windows 8.1 for x64-based Systems
MS15-008 Windows Server 2003 Service Pack 2
MS15-008 Windows Server 2003 with SP2 for Itanium-based Systems
MS15-008 Windows Server 2003 x64 Edition Service Pack 2
MS15-008 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS15-008 Windows Server 2008 for 32-bit Systems Service Pack 2
MS15-008 Windows Server 2008 for x64-based Systems Service Pack 2
MS15-008 Windows Server 2012
MS15-008 Windows Server 2012 R2
MS15-008 Windows Vista Service Pack 2
MS15-008 Windows Vista x64 Edition Service Pack 2
These new vulnerability checks are included in Qualys vulnerability signature 2.2.911-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
To perform a selective vulnerability scan, configure a scan profile to use the following options:
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Platforms and Platform Identification
For more information, customers may contact Qualys Technical Support.
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.