MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015

MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015 Important This article contains information that shows how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific...

Microsoft Windows Kernel - Use-After-Free with Cursor Object (MS15-097)

Microsoft Windows Kernel - Use-After-Free with Cursor Object MS15-097 Source: https://code.google.com/p/google-security-research/issues/detail?id=457 --- The attached testcase crashes Win 7 with Special Pool enabled while accessing the freed global cursor object gpqCursor​. See poc.cpp for...

Microsoft Windows Kernel - 'FlashWindowEx​' Memory Corruption (MS15-097)

Source: https://code.google.com/p/google-security-research/issues/detail?id=475 --- The attached PoC triggers a wild write on Win 7 32-bit with Special Pool enabled on win32k.sys. --- Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38276.zip...

Microsoft Windows Kernel - 'bGetRealizedBrush' Use-After-Free (MS15-097)

Source: https://code.google.com/p/google-security-research/issues/detail?id=458 --- The attached testcase crashes Win 7 with Special Pool on win32k while accessing freed memory in bGetRealizedBrush​​. --- Proof of Concept:...

Microsoft Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)

Source: https://code.google.com/p/google-security-research/issues/detail?id=433 --- The attached PoC demonstrates a UAF condition with printer device contexts. The PoC will trigger on Win 7 32-bit with Special Pool enabled. --- Proof of Concept:...

Microsoft Windows Kernel - 'NtGdiStretchBlt' Pool Buffer Overflow (MS15-097)

Source: https://code.google.com/p/google-security-research/issues/detail?id=415 --- Tested on Win 7 32-bit with Special Pool enabled. Multiple pool buffer overflows can be triggered through the NtGdiStretchBlt system call. The attached PoC demonstrates a write overflow and another read over flow...

Microsoft Windows Graphics Component Remote Code Execution Vulnerability (3089656)

This host is missing a critical security update according to Microsoft Bulletin MS15-097. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Lync Attendee Buffer Overflow Vulnerability (3089656)

This host is missing a critical security update according to Microsoft Bulletin MS15-097. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS15-097: Vulnerabilities in the Microsoft graphics component could allow remote code execution: September 8, 2015

Resolves vulnerabilities in Windows, Office, and Lync that could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded OpenType fonts.SummaryThis security update resolves vulnerabilities in Windows, Microsoft Office, and...