{"id": "SMB_NT_MS15-083.NASL", "bulletinFamily": "scanner", "title": "MS15-083: Vulnerability in Server Message Block Could Allow Remote Code Execution (3073921)", "description": "A remote code execution vulnerability exists in Windows due to\nimproper handling of Server Message Block (SMB) logging activities. An\nauthenticated, remote attacker can exploit this vulnerability to cause\na memory corruption issue, resulting in the execution of arbitrary\ncode in the context of the current user.", "published": "2015-08-11T00:00:00", "modified": "2021-03-02T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/85321", "reporter": "This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.", "references": ["https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-083", "https://www.tenable.com/security/research/tra-2015-01"], "cvelist": ["CVE-2015-2474"], "type": "nessus", "lastseen": "2021-03-01T06:18:47", "edition": 27, "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-2474"]}, {"type": "symantec", "idList": ["SMNTC-76220"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310805079"]}, {"type": "mskb", "idList": ["KB3073921"]}, {"type": "kaspersky", "idList": ["KLA10646"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14626"]}], "modified": "2021-03-01T06:18:47", "rev": 2}, "score": {"value": 8.1, "vector": "NONE", "modified": "2021-03-01T06:18:47", "rev": 2}, "vulnersScore": 8.1}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85321);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n script_cve_id(\"CVE-2015-2474\");\n script_bugtraq_id(76220);\n script_xref(name:\"TRA\", value:\"TRA-2015-01\");\n script_xref(name:\"MSFT\", value:\"MS15-083\");\n script_xref(name:\"MSKB\", value:\"3073921\");\n\n script_name(english:\"MS15-083: Vulnerability in Server Message Block Could Allow Remote Code Execution (3073921)\");\n script_summary(english:\"Checks the version of srv.sys.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"A remote code execution vulnerability exists in Windows due to\nimproper handling of Server Message Block (SMB) logging activities. An\nauthenticated, remote attacker can exploit this vulnerability to cause\na memory corruption issue, resulting in the execution of arbitrary\ncode in the context of the current user.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/research/tra-2015-01\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-083\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Windows Vista and 2008.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS15-083';\nkbs = '3073921';\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:make_list(kbs), severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Vista / Windows Server 2008\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"srv.sys\", version:\"6.0.6002.23788\", min_version:\"6.0.6002.20000\", dir:\"\\system32\\drivers\", bulletin:bulletin, kb:3073921) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"srv.sys\", version:\"6.0.6002.19478\", min_version:\"6.0.6002.18000\", dir:\"\\system32\\drivers\", bulletin:bulletin, kb:3073921)\n)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n\n", "naslFamily": "Windows : Microsoft Bulletins", "pluginID": "85321", "cpe": ["cpe:/o:microsoft:windows"], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T06:21:23", "description": "Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka \"Server Message Block Memory Corruption Vulnerability.\"", "edition": 4, "cvss3": {}, "published": "2015-08-15T00:59:00", "title": "CVE-2015-2474", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2474"], "modified": "2018-10-12T22:09:00", "cpe": ["cpe:/o:microsoft:windows_vista:-", "cpe:/o:microsoft:windows_server_2008:*"], "id": "CVE-2015-2474", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2474", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*"]}], "symantec": [{"lastseen": "2018-03-12T06:25:04", "bulletinFamily": "software", "cvelist": ["CVE-2015-2474"], "description": "### Description\n\nMicrosoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Vista SP2 \n * Microsoft Windows Vista x64 Edition SP2 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nMemory-protection schemes (such as nonexecutable stack and heap configurations and randomly mapped memory segments) will complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2015-08-11T00:00:00", "published": "2015-08-11T00:00:00", "id": "SMNTC-76220", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/76220", "type": "symantec", "title": "Microsoft Windows Server Message Block CVE-2015-2474 Memory Corruption Vulnerability", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2020-01-08T14:00:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2474"], "description": "This host is missing an important security\n update according to Microsoft Bulletin MS15-083.", "modified": "2019-12-20T00:00:00", "published": "2015-08-12T00:00:00", "id": "OPENVAS:1361412562310805079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805079", "type": "openvas", "title": "MS Windows Server Message Block (SMB) Remote Code Execution Vulnerability (3073921)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# MS Windows Server Message Block (SMB) Remote Code Execution Vulnerability (3073921)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Updated By:\n# Deependra Bapna <bdeependra@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805079\");\n script_version(\"2019-12-20T10:24:46+0000\");\n script_cve_id(\"CVE-2015-2474\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 10:24:46 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-08-12 09:25:26 +0530 (Wed, 12 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"MS Windows Server Message Block (SMB) Remote Code Execution Vulnerability (3073921)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft Bulletin MS15-083.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An authenticated remote code execution\n vulnerability exists in Windows that is caused when Server Message Block\n (SMB) improperly handles certain logging activities, resulting in memory\n corruption.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to take complete control of an affected system. An attacker could then install,\n programs, view, change, or delete data or create new accounts with full user\n rights.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior\n\n - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/kb/3073921\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/library/security/MS15-083\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(winVista:3, win2008:3) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath ){\n exit(0);\n}\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"System32\\drivers\\Srv.sys\");\nif(!sysVer){\n exit(0);\n}\n\n## Currently not supporting for Vista and Windows Server 2008 64 bit\nif(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"6.0.6002.19478\"))\n {\n Vulnerable_range = \"Less Than 6.0.6002.19478\";\n VULN = TRUE ;\n\n }\n else if(version_in_range(version:sysVer, test_version:\"6.0.6002.23000\", test_version2:\"6.0.6002.23787\"))\n {\n Vulnerable_range = \"6.0.6002.23000 - 6.0.6002.23787\";\n VULN = TRUE ;\n }\n}\n\nif(VULN)\n{\n report = 'File checked: ' + sysPath + \"System32\\drivers\\Srv.sys\" + '\\n' +\n 'File version: ' + sysVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range + '\\n' ;\n security_message(data:report);\n exit(0);\n}\n\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "mskb": [{"lastseen": "2021-01-01T22:49:12", "bulletinFamily": "microsoft", "cvelist": ["CVE-2015-2474"], "description": "<html><body><p>Resolves a vulnerability in Windows that could allow remote code execution if an attacker sends a specially crafted string to SMB server error logging.</p><h2></h2><div class=\"kb-notice-section section\"><span class=\"text-base\">Note</span> On September 8 2015, Microsoft re-released MS15-083 to comprehensively address issues with Security Update KB3073921. Customers running Windows Vista or Windows Server 2008 who installed the 3073921 update before the September 8 2015 re-release should reapply the update.<br/><br/><br/></div><h2>Summary</h2><div class=\"kb-summary-section section\">This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted string to SMB server error logging.<br/><br/>To learn more about the vulnerability, see <a href=\"https://technet.microsoft.com/library/security/ms15-083\" id=\"kb-link-2\" target=\"_self\">Microsoft Security Bulletin MS15-083</a>. </div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><span class=\"text-base\">Important </span><ul class=\"sbody-free_list\"><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a href=\"https://technet.microsoft.com/en-us/library/hh825699\" id=\"kb-link-3\" target=\"_self\">Add language packs to Windows</a>.<br/></li></ul></div><h2>How to obtain and install the update</h2><div class=\"kb-resolution-section section\"><a class=\"bookmark\" id=\"obtaintheupdate\"></a><h3 class=\"sbody-h3\">Method 1: Windows Update</h3><div class=\"kb-collapsible kb-collapsible-expanded\">This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see<br/><a href=\"https://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-5\" target=\"_self\">Get security updates automatically</a>.<br/></div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">Method 2: Microsoft Download Center</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\">You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.<br/><br/>Click the download link in <a href=\"https://technet.microsoft.com/library/security/ms15-083\" id=\"kb-link-6\" target=\"_self\">Microsoft Security Bulletin MS15-083</a> that corresponds to the version of Windows that you are running.<br/></div><br/></span></div></div></div></div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">Security update deployment information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><h4 class=\"sbody-h4\">Windows Vista (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file names</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows Vista:<br/><span class=\"text-base\">Windows6.0-KB3073921-v2-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><br/></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Vista:<br/><span class=\"text-base\">Windows6.0-KB3073921-v2-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-7\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">You must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">WUSA.exe does not support the removal of updates. To uninstall an update that was installed by WUSA, click <span class=\"text-base\">Control Panel</span>, and then click <span class=\"text-base\">Security</span>. Under <strong class=\"uiterm\">Windows Update</strong>, click <span class=\"text-base\">View installed updates</span>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div><h4 class=\"sbody-h4\">Windows Server 2008 (all editions)</h4><span class=\"text-base\">Reference Table</span><br/><br/>The following table contains the security update information for this software.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file names</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3073921-v2-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><br/></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3073921-v2-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><br/></td><td class=\"sbody-td\">For all supported Itanium-based editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3073921-v2-ia64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-8\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">You must restart your system after you apply this security update.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">WUSA.exe does not support the removal of updates. To uninstall an update that was installed by WUSA, click <span class=\"text-base\">Control Panel</span>, and then click <span class=\"text-base\">Security</span>. Under <strong class=\"uiterm\">Windows Update</strong>, click <span class=\"text-base\">View installed updates</span>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update.</td></tr></table></div>See the <a bookmark-id=\"fileinfo\" href=\"#fileinfo\" managed-link=\"\" target=\"\">file information</a> section.<br/><a class=\"bookmark\" id=\"fileinfo\"></a></div><br/></span></div></div></div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">Package Name</th><th class=\"sbody-th\">Package Hash SHA 1</th><th class=\"sbody-th\">Package Hash SHA 2</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB3073921-v2-ia64.msu</td><td class=\"sbody-td\">05F214D4B19EFEB2353CF029DAA4D5DFBD5B2DF6</td><td class=\"sbody-td\">D58FCB5A194D01D6DAC7F727AC22B79A628F6AAF82F3775B66B3B3D1FD03BBD6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB3073921-v2-x64.msu</td><td class=\"sbody-td\">88FBB1258180959445DFCF65F6738933E6A58555</td><td class=\"sbody-td\">5806B2E578C0F3CC336B4C32E143F1E99EFF386FF5141A33152F0AEE0F7218D3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB3073921-v2-x86.msu</td><td class=\"sbody-td\">BEC5FA1DBF93C2B552143DEAE5F954B7C0D86A64</td><td class=\"sbody-td\">BE69BB76E2F8BA91E477CFF1632E1B49F102AAFA61C39C751F751D09EAB9ABD7</td></tr></table></div></div><br/></span></div></div></div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\">The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.<br/><br/><br/><h3 class=\"sbody-h3\">Windows Vista and Windows Server 2008 file information</h3><div class=\"kb-collapsible kb-collapsible-collapsed\"><ul class=\"sbody-free_list\"><li>The files that apply to a specific product, milestone (SP<strong class=\"sbody-strong\">n</strong>), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\"><span class=\"text-base\">Version</span></th><th class=\"sbody-th\"><span class=\"text-base\">Product</span></th><th class=\"sbody-th\"><span class=\"text-base\">Milestone</span></th><th class=\"sbody-th\"><span class=\"text-base\">Service branch</span></th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.0.600<span class=\"text-base\">2</span>.<span class=\"text-base\">19</span><strong class=\"sbody-strong\">xxx</strong></td><td class=\"sbody-td\">Windows Vista SP2 and Windows Server 2008 SP2</td><td class=\"sbody-td\">SP2</td><td class=\"sbody-td\">GDR</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">6.0.600<span class=\"text-base\">2</span>.<span class=\"text-base\">23</span><strong class=\"sbody-strong\">xxx</strong></td><td class=\"sbody-td\">Windows Vista SP2 and Windows Server 2008 SP2</td><td class=\"sbody-td\">SP2</td><td class=\"sbody-td\">LDR</td></tr></table></div></li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.</li></ul><span class=\"text-base\">Note</span> The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.<br/><br/><h4 class=\"sbody-h4\">For all supported x86-based versions of Windows Vista and Windows Server 2008</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srvnet.sys</td><td class=\"sbody-td\">6.0.6002.19478</td><td class=\"sbody-td\">102,912</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:15</td><td class=\"sbody-td\">x86</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srvnet.sys</td><td class=\"sbody-td\">6.0.6002.23788</td><td class=\"sbody-td\">102,912</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:17</td><td class=\"sbody-td\">x86</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srv.sys</td><td class=\"sbody-td\">6.0.6002.19478</td><td class=\"sbody-td\">304,640</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:15</td><td class=\"sbody-td\">x86</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srv.sys</td><td class=\"sbody-td\">6.0.6002.23788</td><td class=\"sbody-td\">305,152</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:18</td><td class=\"sbody-td\">x86</td></tr></table></div><h4 class=\"sbody-h4\">For all supported x64-based versions of Windows Vista and Windows Server 2008</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srvnet.sys</td><td class=\"sbody-td\">6.0.6002.19478</td><td class=\"sbody-td\">294,912</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:21</td><td class=\"sbody-td\">IA-64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srvnet.sys</td><td class=\"sbody-td\">6.0.6002.23788</td><td class=\"sbody-td\">295,424</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:19</td><td class=\"sbody-td\">IA-64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srv.sys</td><td class=\"sbody-td\">6.0.6002.19478</td><td class=\"sbody-td\">966,144</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:21</td><td class=\"sbody-td\">IA-64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srv.sys</td><td class=\"sbody-td\">6.0.6002.23788</td><td class=\"sbody-td\">967,168</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:19</td><td class=\"sbody-td\">IA-64</td></tr></table></div><h4 class=\"sbody-h4\">For all supported IA-64-based versions of Windows Server 2008</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">File version</th><th class=\"sbody-th\">File size</th><th class=\"sbody-th\">Date</th><th class=\"sbody-th\">Time</th><th class=\"sbody-th\">Platform</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srvnet.sys</td><td class=\"sbody-td\">6.0.6002.19478</td><td class=\"sbody-td\">145,920</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:36</td><td class=\"sbody-td\">x64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srvnet.sys</td><td class=\"sbody-td\">6.0.6002.23788</td><td class=\"sbody-td\">146,944</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:42</td><td class=\"sbody-td\">x64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srv.sys</td><td class=\"sbody-td\">6.0.6002.19478</td><td class=\"sbody-td\">450,560</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:36</td><td class=\"sbody-td\">x64</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Srv.sys</td><td class=\"sbody-td\">6.0.6002.23788</td><td class=\"sbody-td\">449,536</td><td class=\"sbody-td\">13-Aug-2015</td><td class=\"sbody-td\">14:43</td><td class=\"sbody-td\">x64</td></tr></table></div></div><br/></div></span></div></div></div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">How to obtain help and support for this security update</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\">Help for installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-9\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <a href=\"https://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-10\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help for protecting your Windows-based computer from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-11\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-12\" target=\"_self\">International Support</a></div><br/></span></div></div></div></div></body></html>", "edition": 16, "modified": "2015-09-08T17:43:13", "id": "KB3073921", "href": "https://support.microsoft.com/en-us/help/3073921/", "published": "2015-08-11T00:00:00", "title": "MS15-083: Vulnerability in Server Message Block could allow remote code execution: August 11, 2015", "type": "mskb", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T11:45:03", "bulletinFamily": "info", "cvelist": ["CVE-2015-2456", "CVE-2015-2475", "CVE-2015-2433", "CVE-2015-2441", "CVE-2015-1769", "CVE-2015-2455", "CVE-2015-2429", "CVE-2015-2476", "CVE-2015-2472", "CVE-2015-2471", "CVE-2015-2446", "CVE-2015-2460", "CVE-2015-2442", "CVE-2015-2431", "CVE-2015-2423", "CVE-2015-2435", "CVE-2015-2465", "CVE-2015-2459", "CVE-2015-2434", "CVE-2015-2462", "CVE-2015-2461", "CVE-2015-2440", "CVE-2015-2454", "CVE-2015-2432", "CVE-2015-2473", "CVE-2015-2430", "CVE-2015-2474", "CVE-2015-2449", "CVE-2015-2464", "CVE-2015-2428", "CVE-2015-2463", "CVE-2015-2453", "CVE-2015-2458"], "description": "### *Detect date*:\n08/11/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code or obtain sensitive information.\n\n### *Affected products*:\nWindows Vista Service Pack 2 \nWindows Server 2008 Service Pack 2 \nWindows 7 Service Pack 1 \nWindows Server 2008 R2 \nWindows 8 \nWindows 8.1 \nWindows Server 2012 \nWindows Server 2012 R2 \nWindows RT \nWindows RT 8.1 \nWindows 10 \n.NET framework versions 3.0 SP2, 4, 4.5, 4.5.1, 4.5.2, 4.6 \nOffice 2007 Service Pack 3 \nOffice 2010 Service Pack 2 \nLive Meeting 2007 Console \nLync 2010 \nLync 2013 Service Pack 1 \nSilverlight 5 \nBizTalk Server 2010, 2013, 2013 R2\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2015-2423](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2423>) \n[CVE-2015-2431](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2431>) \n[CVE-2015-2430](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2430>) \n[CVE-2015-2456](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2456>) \n[CVE-2015-2458](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2458>) \n[CVE-2015-2433](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2433>) \n[CVE-2015-2432](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2432>) \n[CVE-2015-2471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2471>) \n[CVE-2015-2472](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2472>) \n[CVE-2015-2473](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2473>) \n[CVE-2015-2474](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2474>) \n[CVE-2015-2475](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2475>) \n[CVE-2015-2476](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2476>) \n[CVE-2015-1769](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1769>) \n[CVE-2015-2449](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2449>) \n[CVE-2015-2455](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2455>) \n[CVE-2015-2460](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2460>) \n[CVE-2015-2459](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2459>) \n[CVE-2015-2462](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2462>) \n[CVE-2015-2461](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2461>) \n[CVE-2015-2464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2464>) \n[CVE-2015-2463](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2463>) \n[CVE-2015-2465](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2465>) \n[CVE-2015-2454](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2454>) \n[CVE-2015-2453](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2453>) \n[CVE-2015-2434](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2434>) \n[CVE-2015-2435](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2435>) \n[CVE-2015-2428](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2428>) \n[CVE-2015-2441](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2441>) \n[CVE-2015-2446](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2446>) \n[CVE-2015-2429](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2429>) \n[CVE-2015-2440](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2440>) \n[CVE-2015-2442](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2442>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *CVE-IDS*:\n[CVE-2015-2423](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2423>)4.3Warning \n[CVE-2015-2431](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2431>)9.3Critical \n[CVE-2015-2430](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2430>)9.3Critical \n[CVE-2015-2456](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2456>)9.3Critical \n[CVE-2015-2458](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2458>)9.3Critical \n[CVE-2015-2433](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2433>)2.1Warning \n[CVE-2015-2432](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2432>)9.3Critical \n[CVE-2015-2471](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2471>)4.3Warning \n[CVE-2015-2472](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2472>)4.3Warning \n[CVE-2015-2473](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2473>)9.3Critical \n[CVE-2015-2474](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2474>)9.0Critical \n[CVE-2015-2475](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2475>)4.3Warning \n[CVE-2015-2476](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2476>)2.6Warning \n[CVE-2015-1769](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1769>)7.2High \n[CVE-2015-2449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2449>)4.3Warning \n[CVE-2015-2455](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2455>)9.3Critical \n[CVE-2015-2460](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2460>)9.3Critical \n[CVE-2015-2459](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2459>)9.3Critical \n[CVE-2015-2462](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2462>)9.3Critical \n[CVE-2015-2461](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2461>)9.3Critical \n[CVE-2015-2464](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2464>)9.3Critical \n[CVE-2015-2463](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2463>)9.3Critical \n[CVE-2015-2465](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2465>)2.1Warning \n[CVE-2015-2454](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2454>)2.1Warning \n[CVE-2015-2453](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2453>)4.7Warning \n[CVE-2015-2434](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2434>)4.3Warning \n[CVE-2015-2435](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2435>)9.3Critical \n[CVE-2015-2428](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2428>)2.1Warning \n[CVE-2015-2441](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2441>)9.3Critical \n[CVE-2015-2446](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2446>)9.3Critical \n[CVE-2015-2429](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2429>)9.3Critical \n[CVE-2015-2440](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2440>)4.3Warning \n[CVE-2015-2442](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2442>)9.3Critical\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[3081436](<http://support.microsoft.com/kb/3081436>) \n[3080790](<http://support.microsoft.com/kb/3080790>) \n[3072305](<http://support.microsoft.com/kb/3072305>) \n[3071756](<http://support.microsoft.com/kb/3071756>) \n[3072307](<http://support.microsoft.com/kb/3072307>) \n[3072306](<http://support.microsoft.com/kb/3072306>) \n[3072303](<http://support.microsoft.com/kb/3072303>) \n[3072309](<http://support.microsoft.com/kb/3072309>) \n[3080129](<http://support.microsoft.com/kb/3080129>) \n[3082458](<http://support.microsoft.com/kb/3082458>) \n[3082459](<http://support.microsoft.com/kb/3082459>) \n[3079743](<http://support.microsoft.com/kb/3079743>) \n[3080348](<http://support.microsoft.com/kb/3080348>) \n[3073893](<http://support.microsoft.com/kb/3073893>) \n[3075591](<http://support.microsoft.com/kb/3075591>) \n[3075590](<http://support.microsoft.com/kb/3075590>) \n[3075593](<http://support.microsoft.com/kb/3075593>) \n[3075592](<http://support.microsoft.com/kb/3075592>) \n[3084525](<http://support.microsoft.com/kb/3084525>) \n[3076895](<http://support.microsoft.com/kb/3076895>) \n[3087119](<http://support.microsoft.com/kb/3087119>) \n[3055014](<http://support.microsoft.com/kb/3055014>) \n[2825645](<http://support.microsoft.com/kb/2825645>) \n[3075222](<http://support.microsoft.com/kb/3075222>) \n[3075221](<http://support.microsoft.com/kb/3075221>) \n[3075220](<http://support.microsoft.com/kb/3075220>) \n[3075226](<http://support.microsoft.com/kb/3075226>) \n[3072310](<http://support.microsoft.com/kb/3072310>) \n[3072311](<http://support.microsoft.com/kb/3072311>) \n[3076949](<http://support.microsoft.com/kb/3076949>) \n[3073921](<http://support.microsoft.com/kb/3073921>) \n[3054890](<http://support.microsoft.com/kb/3054890>) \n[3060716](<http://support.microsoft.com/kb/3060716>) \n[3078662](<http://support.microsoft.com/kb/3078662>) \n[3079757](<http://support.microsoft.com/kb/3079757>) \n[3078601](<http://support.microsoft.com/kb/3078601>) \n[3078071](<http://support.microsoft.com/kb/3078071>) \n[3046017](<http://support.microsoft.com/kb/3046017>) \n[3054846](<http://support.microsoft.com/kb/3054846>) \n[3080333](<http://support.microsoft.com/kb/3080333>) \n[3082487](<http://support.microsoft.com/kb/3082487>)\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "edition": 41, "modified": "2020-06-18T00:00:00", "published": "2015-08-11T00:00:00", "id": "KLA10646", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10646", "title": "\r KLA10646Multiple vulnerabilities in Microsoft Windows ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:01", "bulletinFamily": "software", "cvelist": ["CVE-2015-2456", "CVE-2015-2475", "CVE-2015-2433", "CVE-2015-2441", "CVE-2015-1769", "CVE-2015-2455", "CVE-2015-2445", "CVE-2015-2447", "CVE-2015-2429", "CVE-2015-2476", "CVE-2015-2472", "CVE-2015-2444", "CVE-2015-2471", "CVE-2015-2446", "CVE-2015-2452", "CVE-2015-2448", "CVE-2015-2460", "CVE-2015-2481", "CVE-2015-2442", "CVE-2015-2423", "CVE-2015-2435", "CVE-2015-2465", "CVE-2015-2480", "CVE-2015-2459", "CVE-2015-2434", "CVE-2015-2462", "CVE-2015-2461", "CVE-2015-2426", "CVE-2015-2450", "CVE-2015-2479", "CVE-2015-2440", "CVE-2015-2454", "CVE-2015-2432", "CVE-2015-2473", "CVE-2015-2451", "CVE-2015-2430", "CVE-2015-2474", "CVE-2015-2443", "CVE-2015-2449", "CVE-2015-2464", "CVE-2015-2428", "CVE-2015-2463", "CVE-2015-2453", "CVE-2015-2458"], "description": "OpenType fonts parsing code execution, multiple Internet Explorer and Edge vulnerabilities, code execution and information disclosure in system libraries, code execution via RDP and AMB, privilege escalation, information disclosure via WebDAV.", "edition": 1, "modified": "2015-08-24T00:00:00", "published": "2015-08-24T00:00:00", "id": "SECURITYVULNS:VULN:14626", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14626", "title": "Microsoft Windows multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}