MS15-053: Description of the security update for VBScript and JScript 5.7: May 12, 2015

2017-01-07T22:22:04
ID KB3050945
Type mskb
Reporter Microsoft
Modified 2015-05-12T16:58:55

Description

<html><body><p>This security update resolves ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows.</p><h2>Summary</h2><div class="kb-summary-section section">This security update resolves address space layout randomization (ASLR) security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows. An attacker could use one of these ASLR bypasses together with another vulnerability, such as a remote code execution vulnerability, to more reliably run arbitrary code on a target system. <br/><br/>The update addresses the ASLR bypasses by helping to make sure that affected versions of JScript and VBScript correctly implement the ASLR security feature. </div><h2>Introduction</h2><div class="kb-summary-section section">Microsoft has released security bulletin MS15-053. To learn more about this security bulletin:<br/><ul class="sbody-free_list"><li>Home users:<br/><div class="indent"><a href="https://www.microsoft.com/security/pc-security/updates.aspx" id="kb-link-2" target="_self">https://www.microsoft.com/security/pc-security/updates.aspx</a></div><span class="text-base">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class="indent"><a href="https://update.microsoft.com/microsoftupdate/" id="kb-link-3" target="_self">https://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br/><div class="indent"><a href="https://technet.microsoft.com/library/security/ms15-053" id="kb-link-4" target="_self">https://technet.microsoft.com/library/security/MS15-053</a></div></li></ul><h3 class="sbody-h3">How to obtain help and support for this security update</h3>Help installing updates:<br/><a href="https://support.microsoft.com/ph/6527" id="kb-link-5" target="_self">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals:<br/><a href="https://technet.microsoft.com/security/bb980617.aspx" id="kb-link-6" target="_self">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your Windows-based computer from viruses and malware:<br/><a href="https://support.microsoft.com/contactus/cu_sc_virsec_master" id="kb-link-7" target="_self">Virus Solution and Security Center</a><br/><br/>Local support according to your country:<br/><a href="https://support.microsoft.com/common/international.aspx" id="kb-link-8" target="_self">International Support</a><br/><br/></div><h2>More Information</h2><div class="kb-moreinformation-section section"><a class="bookmark" id="fileinfo"></a></div><h2>File information</h2><div class="kb-summary-section section">The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.<br/><br/><br/><div class="faq-section" faq-section=""><div class="faq-panel"><div class="faq-panel-heading" faq-panel-heading=""><span class="link-expand-image"><span class="faq-chevron win-icon win-icon-ChevronUpSmall"></span></span><span class="bold btn-link link-expand-text"><span class="bold btn-link">Windows Server 2003 file information<br/></span></span></div><div class="faq-panel-body" faq-panel-body=""><span><div class="kb-collapsible kb-collapsible-collapsed"><ul class="sbody-free_list"><li>The files that apply to a specific milestone (SP<strong class="sbody-strong">n</strong>) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.</li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.</li><li>In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KB<strong class="sbody-strong">number</strong>.cat) that is signed with a Microsoft digital signature.</li></ul><h4 class="sbody-h4">For all supported x64-based versions of Windows Server 2003</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File name</th><th class="sbody-th">File version</th><th class="sbody-th">File size</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Platform</th><th class="sbody-th">SP requirement</th><th class="sbody-th">Service branch</th></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">755,200</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x64</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">603,136</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x64</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE</td></tr><tr class="sbody-tr"><td class="sbody-td">Wjscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">512,000</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x86</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE\WOW</td></tr><tr class="sbody-tr"><td class="sbody-td">Wvbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">434,176</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x86</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE\WOW</td></tr></table></div><h4 class="sbody-h4">For all supported x86-based versions of Windows Server 2003</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File name</th><th class="sbody-th">File version</th><th class="sbody-th">File size</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Platform</th><th class="sbody-th">SP requirement</th><th class="sbody-th">Service branch</th></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">512,000</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">00:52</td><td class="sbody-td">x86</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">434,176</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">00:52</td><td class="sbody-td">x86</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE</td></tr></table></div><h4 class="sbody-h4">For all supported IA-64-based versions of Windows Server 2003</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File name</th><th class="sbody-th">File version</th><th class="sbody-th">File size</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Platform</th><th class="sbody-th">SP requirement</th><th class="sbody-th">Service branch</th></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">1,378,304</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">00:58</td><td class="sbody-td">IA-64</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">1,155,072</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">00:58</td><td class="sbody-td">IA-64</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE</td></tr><tr class="sbody-tr"><td class="sbody-td">Wjscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">512,000</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">00:58</td><td class="sbody-td">x86</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE\WOW</td></tr><tr class="sbody-tr"><td class="sbody-td">Wvbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">434,176</td><td class="sbody-td">01-Apr-2015</td><td class="sbody-td">00:58</td><td class="sbody-td">x86</td><td class="sbody-td">SP2</td><td class="sbody-td">SP2QFE\WOW</td></tr></table></div></div><br/></span></div></div></div><div class="faq-section" faq-section=""><div class="faq-panel"><div class="faq-panel-heading" faq-panel-heading=""><span class="link-expand-image"><span class="faq-chevron win-icon win-icon-ChevronUpSmall"></span></span><span class="bold btn-link link-expand-text"><span class="bold btn-link">Windows Vista and Windows Server 2008 file information<br/></span></span></div><div class="faq-panel-body" faq-panel-body=""><span><div class="kb-collapsible kb-collapsible-collapsed"><ul class="sbody-free_list"><li>The files that apply to a specific product, milestone (SP<strong class="sbody-strong">n</strong>), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:<br/><br/><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th"><span class="text-base">Version</span></th><th class="sbody-th"><span class="text-base">Product</span></th><th class="sbody-th"><span class="text-base">Milestone</span></th><th class="sbody-th"><span class="text-base">Service branch</span></th></tr><tr class="sbody-tr"><td class="sbody-td">6.0.600<span class="text-base">2</span>.<span class="text-base">18</span><strong class="sbody-strong">xxx</strong></td><td class="sbody-td">Windows Vista SP2 and Windows Server 2008 SP2</td><td class="sbody-td">SP2</td><td class="sbody-td">GDR</td></tr><tr class="sbody-tr"><td class="sbody-td">6.0.600<span class="text-base">2</span>.<span class="text-base">23</span><strong class="sbody-strong">xxx</strong></td><td class="sbody-td">Windows Vista SP2 and Windows Server 2008 SP2</td><td class="sbody-td">SP2</td><td class="sbody-td">LDR</td></tr></table></div></li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.</li></ul><span class="text-base">Note</span> The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.<br/><br/><h4 class="sbody-h4">For all supported x86-based versions of Windows Vista and Windows Server 2008</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File name</th><th class="sbody-th">File version</th><th class="sbody-th">File size</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Platform</th></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">512,000</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">512,000</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:30</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">430,080</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">434,176</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:31</td><td class="sbody-td">x86</td></tr></table></div><h4 class="sbody-h4">For all supported x64-based versions of Windows Vista and Windows Server 2008</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File name</th><th class="sbody-th">File version</th><th class="sbody-th">File size</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Platform</th></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">754,688</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:39</td><td class="sbody-td">x64</td></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">755,200</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:31</td><td class="sbody-td">x64</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">603,648</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:40</td><td class="sbody-td">x64</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">603,136</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:32</td><td class="sbody-td">x64</td></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">512,000</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">512,000</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:30</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">430,080</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">434,176</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:31</td><td class="sbody-td">x86</td></tr></table></div><h4 class="sbody-h4">For all supported IA-64-based versions of Windows Server 2008</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File name</th><th class="sbody-th">File version</th><th class="sbody-th">File size</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Platform</th></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">1,378,304</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:20</td><td class="sbody-td">IA-64</td></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">1,378,304</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:01</td><td class="sbody-td">IA-64</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">1,153,536</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:21</td><td class="sbody-td">IA-64</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">1,155,072</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:02</td><td class="sbody-td">IA-64</td></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">512,000</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Jscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">512,000</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:30</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.19351</td><td class="sbody-td">430,080</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">01:00</td><td class="sbody-td">x86</td></tr><tr class="sbody-tr"><td class="sbody-td">Vbscript.dll</td><td class="sbody-td">5.7.6002.23659</td><td class="sbody-td">434,176</td><td class="sbody-td">30-Mar-2015</td><td class="sbody-td">00:31</td><td class="sbody-td">x86</td></tr></table></div></div><br/></span></div></div></div></div></body></html>