As we near the end of the year, we here at Skybox find ourselves once again wondering where the year went. And by the numbers, Microsoft has rounded out 2015 with a total of 135 security bulletins issued–the most ever for the company.
Here are (ironically) the 12 bulletins of Christmas (ahem, December) from Microsoft. You can sing along if you’d like. The first eight are all listed as critical and have to deal with remote code execution, and the last four are classified as important. Let’s take a look at the important vulnerabilities.
MS15-124 is a cumulative update to Microsoft Internet Explorer. The main vulnerability here deals with remote code execution on websites that could give an attacker the same rights as the current user. This is more critical in the event that the user is an administrator.
MS15-126 is an update for VBScript and JScript in Microsoft Windows. This deals with the same vulnerabilities that can be exploited in MS15-124 through Internet Explorer. MS15-124 resolves this, as well.
MS15-128 addresses vulnerabilities in several Microsoft communications products that can allow remote code execution using specially crafted documents or embedded fonts. This affects users of all supported releases of Windows, Microsoft .NET Framework on all supported releases of Windows, Skype for Business 2016, Microsoft Lync 2013, and Microsoft Lync 2010 and affected editions of Microsoft Office 2007 and Office 2010.
MS15-129 resolves a Microsoft Silverlight vulnerability that could allow remote code execution if Silverlight incorrectly handles certain open and close requests that could result in access violations. To exploit the vulnerability, an attacker could host a website that contains a specially crafted Silverlight application and then convince a user to visit a compromised website to execute the code.
MS15-130 resolves a vulnerability in Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted fonts.
MS15-131 resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. This is more critical if the user has administrator rights.
Here at Skybox, we update our Vulnerability Center as soon as new vulnerabilities and patches are available to provide the most up-to-date intelligence to our followers and our customers. Take advantage of our free 30 day trial of our Vulnerability and Threat Management products to apply this intelligence and get total visibility of your attack surface.