Lucene search

Kaspersky LabKLA10656

HistorySep 08, 2015 - 12:00 a.m.

KLA10656 Multiple vulnerabilities in Microsoft Windows

2015-09-0800:00:00

Kaspersky Lab

threats.kaspersky.com

133

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Detect date:

09/08/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft Windows and related products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code.

Affected products:

Windows 10
Windows Server 2008 Service Pack 2
Windows Server 2008 R2 Service Pack 1
Windows Server 2012
Windows Server 2012 R2
Windows Vista Service Pack 2
Windows 7 Service Pack 1
Windows 8
Windows 8.1
Windows RT
Windows RT 8.1
Office 2007 Service Pack 3
Office 2010 Service Pack 2
Lync 2013 Service Pack 1
Lync Basic 2013 Service Pack 1
Lync 2010
Lync 2010 Attendee
Live Meeting 2007 Console
Windows Media Center

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2015-2494
CVE-2015-2542
CVE-2015-2486
CVE-2015-2485
CVE-2015-2546
CVE-2015-2535
CVE-2015-2534
CVE-2015-2530
CVE-2015-2529
CVE-2015-2528
CVE-2015-2527
CVE-2015-2525
CVE-2015-2524
CVE-2015-2509
CVE-2015-2517
CVE-2015-2516
CVE-2015-2514
CVE-2015-2513
CVE-2015-2512
CVE-2015-2511
CVE-2015-2510
CVE-2015-2519
CVE-2015-2518
CVE-2015-2506
CVE-2015-2507
CVE-2015-2508

Impacts:

ACE

Related products:

Microsoft Lync

CVE-IDS:

Microsoft official advisories:

KB list:

3089657
3087135
3081088
3085500
3084135
3087088
3072595
3081091
3081087
3081090
3081455
3085546
3085529
3089656
3069114
3089669
3082089
3089665
3091287
3087039
3081089
3087918

Exploitation:

Public exploits exist for this vulnerability.

References

support.microsoft.com/kb/3069114

support.microsoft.com/kb/3072595

support.microsoft.com/kb/3081087

support.microsoft.com/kb/3081088

support.microsoft.com/kb/3081089

support.microsoft.com/kb/3081090

support.microsoft.com/kb/3081091

support.microsoft.com/kb/3081455

support.microsoft.com/kb/3082089

support.microsoft.com/kb/3084135

support.microsoft.com/kb/3085500

support.microsoft.com/kb/3085529

support.microsoft.com/kb/3085546

support.microsoft.com/kb/3087039

support.microsoft.com/kb/3087088

support.microsoft.com/kb/3087135

support.microsoft.com/kb/3087918

support.microsoft.com/kb/3089656

support.microsoft.com/kb/3089657

support.microsoft.com/kb/3089665

support.microsoft.com/kb/3089669

support.microsoft.com/kb/3091287

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2485

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2486

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2494

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2506

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2507

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2508

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2509

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2510

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2511

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2512

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2513

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2514

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2516

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2517

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2518

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2519

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2524

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2525

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2527

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2528

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2529

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2530

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2534

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2535

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2542

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2546

portal.msrc.microsoft.com/en-us/security-guidance

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2485

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2486

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2494

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2506

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2507

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2508

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2509

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2510

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2511

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2512

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2513

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2514

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2516

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2517

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2518

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2519

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2524

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2525

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2527

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2528

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2529

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2530

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2534

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2535

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2542

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2546

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/class/Exploit/

threats.kaspersky.com/en/product/Microsoft-Lync/

threats.kaspersky.com/en/product/Microsoft-Office/

threats.kaspersky.com/en/product/Microsoft-Windows-10/

threats.kaspersky.com/en/product/Microsoft-Windows-7/

threats.kaspersky.com/en/product/Microsoft-Windows-8/

threats.kaspersky.com/en/product/Microsoft-Windows-Media-Center/

threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/

threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/

threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/

threats.kaspersky.com/en/product/Windows-RT/

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON