9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.2 High
AI Score
Confidence
High
0.847 High
EPSS
Percentile
98.5%
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities
Technical details
Vulnerability (4) can lead to Kernel ASLR bypass.
Vulnerability (7) caused by not checking buffer size prior to copy memory into it.
Vulnerability (8) caused by not checking memory address validity before call.
To exploit (10) remote attacker must cause man-in-the-middle attack between client and legitimate server. By exploiting this vulnerability attacker can impersonate victim on any other server that uses credentials same with attacked.
Vulnerability (11) caused by failing to check the password change of a user signing into a workstation. By exploiting this vulnerability attacker can bypass Kerberos authentication and decrypt drives protected by BitLocker.
Vulnerability (12) has multiple described mitigations designed to prevent opening malicious log file. Short list placed further, for full description look at MS15-115 advisory. Mitigations: do not open suspicious .jnt files; remove .jnt file association; remove Windows Journal; deny access to Journal.exe.
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2015-6064 critical
CVE-2015-6113 warning
CVE-2015-6078 critical
CVE-2015-2478 high
CVE-2015-6088 warning
CVE-2015-6098 high
CVE-2015-6097 critical
CVE-2015-6073 critical
CVE-2015-6100 high
CVE-2015-6112 high
CVE-2015-6111 high
CVE-2015-6109 warning
CVE-2015-6104 critical
CVE-2015-6103 critical
CVE-2015-6102 warning
CVE-2015-6101 high
CVE-2015-6095 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/3081320
support.microsoft.com/kb/3092601
support.microsoft.com/kb/3097877
support.microsoft.com/kb/3100213
support.microsoft.com/kb/3101246
support.microsoft.com/kb/3101722
support.microsoft.com/kb/3101746
support.microsoft.com/kb/3102939
support.microsoft.com/kb/3104519
support.microsoft.com/kb/3104521
support.microsoft.com/kb/3105211
support.microsoft.com/kb/3105213
support.microsoft.com/kb/3105256
support.microsoft.com/kb/3105864
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2478
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6064
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6073
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6078
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6088
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6095
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6097
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6098
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6100
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6101
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6102
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6103
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6104
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6109
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6111
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6112
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6113
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Windows-RT/