Microsoft veröffentlicht neun Security Bulletins für den Februar 2015 Patchday

Microsoft veröffentlicht neun Security Bulletins für den Februar 2015 Patchday

Microsoft hat soeben neun Security Bulletins für den Februar Patchday veröffentlicht. Neben dem üblichen Updates wurden Sicherheitsupdates für verschiedene Komponenten des Windows-Betriebssystems, den Internet Explorer und Microsoft Office veröffentlicht und zum Download freigegeben. Drei Bulletins werden als kritisch eingestuft, die restlichen sechs stuft Microsoft als wichtig ein. Die neuen Updates beheben 56 Sicherheitslücken und betreffen mit Windows Vista, 7, 8 und 8.1 sowie Windows Server 2003, 2008, 2008 R2, 2012 und Windows Server 2012 R2 alle unterstützten Windows-Editionen, den Internet Explorer sowie Microsoft Office. Benutzer, die das automatische Update von Windows aktiviert haben, müssen nichts tun, da alle Sicherheitsupdates automatisch geladen und installiert werden. Benutzer, die das automatische Update nicht aktiviert haben, sollten auf Updates prüfen und diese Updates manuell installieren. Weitere Informationen über die Sicherheitsupdates finden sich im Microsoft Security Bulletin für Februar 2015.

Microsoft Update

Download -> Microsoft Sicherheitsupdates für Februar 2015

This bulletin summary lists security bulletins released for February 2015.

  • MS15-009 - Security Update for Internet Explorer - This security update resolves Forty-one vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user.
  • MS15-010 - Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution - This security update resolves six vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or visit an untrusted website that contains embedded TrueType fonts.
  • MS15-011 - Vulnerability in Group Policy Could Allow Remote Code Execution - This security update resolves one vulnerability in Windows. The vulnerability could allow remote code execution if an attacker convinces a user with a domain-configured system to connect to an attacker-controlled network.
  • MS15-012 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - This security update resolves three vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.
  • MS15-013 - Vulnerability in Microsoft Office Could Allow Security Feature Bypass - This security update resolves one vulnerability in Microsoft Office. The vulnerability could allow security feature bypass if a user opens a specially crafted Microsoft Office file. The security feature bypass by itself does not allow arbitrary code execution.
  • MS15-014 - Vulnerability in Group Policy Could Allow Security Feature Bypass - This security update resolves one vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker, by way of a man-in-the-middle attack, causes the Group Policy Security Configuration Engine policy file on a targeted system to become corrupted or otherwise unreadable.
  • MS15-015 - Vulnerability in Microsoft Windows Could Allow Elevation of Privilege - This security update resolves one  vulnerability in Microsoft Windows. The vulnerability could allow an attacker to leverage the lack of impersonation-level security checks to elevate privileges during process creation.
  • MS15-016 - Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure - This security update resolves one vulnerability in Windows. The vulnerability could allow information disclosure if a user browses to a website containing a specially crafted TIFF image. This vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.
  • MS15-017 - Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege - This security update resolves one vulnerability in Virtual Machine Manager (VMM). The vulnerability could allow elevation of privilege if an attacker logs on an affected system.

Microsoft Patch Day für Februar 2015 -> Weitere Infos

Alle Benutzer werden aufgefordert die verfügbaren Updates so schnell wie möglich zu installieren!

Kommentare sind geschlossen
it-blogger.net
Copyright © 2017 Valdet Beqiraj it-blogger.net