September 2015 Microsoft Patch Tuesday
Overview of the September 2015 Microsoft patches and their status.
| # | Affected | Contra Indications - KB | Known Exploits | Microsoft rating(**) | ISC rating(*) | |
|---|---|---|---|---|---|---|
| clients | servers | |||||
| MS15-094 | Cumulative Security Update for Internet Explorer (Replaces MS15-093) |
|||||
| CVE-2015-2483 , CVE-2015-2484, CVE-2015-2485, CVE-2015-2486, CVE-2015-2487, CVE-2015-2489, CVE-2015-2490, CVE-2015-2491, CVE-2015-2492, CVE-2015-2493, CVE-2015-2494, CVE-2015-2498, CVE-2015-2499, CVE-2015-2500, CVE-2015-2501, CVE-2015-2541, CVE-2015-2542 | KB 3089548 | . | Severity:Critical Exploitability: 1 |
Critical | Critical | |
| MS15-095 | Cumulative Security Update for Microsoft Edge | |||||
| CVE-2015-2485 CVE-2015-2486 CVE-2015-2484 CVE-2015-2542 |
KB 3089665 | . | Severity:Critical Exploitability: 1 |
Critical | Critical | |
| MS15-096 | Vulnerability in Active Directory Service Could Allow Denial of Service (Replaces MS14-016) |
|||||
| CVE-2015-2535 | KB 3072595 | . | Severity:Important Exploitability: 3 |
Important | Important | |
| MS15-097 | Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution | |||||
| CVE-2015-2506 CVE-2015-2507 CVE-2015-2508 CVE-2015-2510 CVE-2015-2511 CVE-2015-2512 CVE-2015-2517 CVE-2015-2518 CVE-2015-2527 CVE-2015-2529 CVE-2015-2546 | KB 3089656 | exploit detected for CVE-2015-2546 | Severity:Critical Exploitability: 0 |
Critical | Critical | |
| MS15-098 | Vulnerabilities in Windows Journal Could Allow Remote Code Execution (Replaces MS15-045) |
|||||
| CVE-2015-2513 CVE-2015-2514 CVE-2015-2516 CVE-2015-2519 CVE-2015-2530 |
KB 3089669 | . | Severity:Critical Exploitability: 3 |
Critical | Critical | |
| MS15-099 | Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (Replaces MS15-059 MS15-070 MS15-081) |
|||||
| CVE-2015-2520 CVE-2015-2521 CVE-2015-2522 CVE-2015-2523 CVE-2015-2545 |
KB 3089664 | exploit in the wild | Severity:Critical Exploitability: 0 |
Critical | Important | |
| MS15-100 | Vulnerability in Windows Media Center Could Allow Remote Code Execution | |||||
| CVE-2015-2509 | KB 3087918 | no | Severity:Important Exploitability: 2 |
Critical | Important | |
| MS15-101 | Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (Replaces MS12-025 ) |
|||||
| CVE-2015-2504 CVE-2015-2526 |
KB 3089662 | Severity:Important Exploitability: 1 |
Important | Important | ||
| MS15-102 | Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege (Replaces MS14-054) |
|||||
| CVE-2015-2524 CVE-2015-2525 CVE-2015-2528 |
KB 3089657 | . | Severity:Important Exploitability: 1 |
Important | Important | |
| MS15-103 | Vulnerabilities in Microsoft Exchange Server Could Allow Information Disclosure (Replaces MS15-064) |
|||||
| CVE-2015-2505 CVE-2015-2543 CVE-2015-2544 |
KB 3089250 | . | Severity:Important Exploitability: 3 |
N/A | Important | |
| MS15-104 | Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege (Replaces MS14-055) |
|||||
| CVE-2015-2531 CVE-2015-2532 CVE-2015-2536 |
KB 3089952 | . | Severity:Important Exploitability: 3 |
N/A | Important | |
| MS15-105 | Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass | |||||
| CVE-2015-2534 | KB 3091287 | . | Severity:Important Exploitability: 2 |
N/A | Important | |
We will update issues on this page for about a week or so as they evolve.
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
- We use 4 levels:
- PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
- Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
- Important: Things where more testing and other measures can help.
- Less Urt practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
- The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threatatches.
Keywords: mspatchday
14 comment(s)
My next class:
| Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
×
![modal content]()
Diary Archives
Comments
Anonymous
Sep 8th 2015
9 years ago
Anonymous
Sep 8th 2015
9 years ago
Anonymous
Sep 9th 2015
9 years ago
Anonymous
Sep 9th 2015
9 years ago
Anonymous
Sep 9th 2015
9 years ago
According to https://support.microsoft.com/en-us/kb/3083992 this is:
Microsoft security advisory: Update to improve AppLocker certificate handling: September 8, 2015
Currently the section "Additional information about this security update" of the webpage is empty, so it's not clear what was wrong.
@Visi: KB3075249 and KB3080149 were distributed earlier (end of August), see for example http://www.ghacks.net/2015/08/28/microsoft-intensifies-data-collection-on-windows-7-and-8-systems/
Anonymous
Sep 9th 2015
9 years ago
From what I have deduced from this site and others, you are correct. MS nazi attempt to run talk back to MS. No interest here, though a PITA, I go through each update as needed. The greasy haired mongrel (BG) has more than enough data.... IMHO.
Regards.
Anonymous
Sep 9th 2015
9 years ago
http://www.infoworld.com/article/2981947/microsoft-windows/the-truth-about-windows-7-and-81-spy-patches-kb-3068708-3022345-3075249-and-3080149.html
I think the "backporting Windows 10 spying to Win7/8.1" argument is way overblown - or did I miss something?
- Woody Leonhard
Anonymous
Sep 9th 2015
9 years ago
argument is way overblown - or did I miss something?
- Woody Leonhard[/quote]
Well, maybe? I am sure you meant IMHO or some other acronym? Does not one decide their next move like a game of chess? I can find NO, repeat NO legit reason why MS or some other "puffing" software wishes to track my data that benefits me. Choice is a grand thing! And for the record, no I do not have a "smart phone" BYODesruction and move away for the "virtual world". But that is me!
I will concede putting links up to reference is a lack of security judgement. Hopefully those reading this tested and opened each link by protocol, I know I did.
Cheers...
IC
Anonymous
Sep 9th 2015
9 years ago
MS15-097: Description of the security update for the graphics component in Windows
- https://support.microsoft.com/en-us/kb/3086255
Last Review: 09/08/2015 17:38:00 - Rev: 2.0
"... Known issues in this security update:
After you install this security update, some programs may not run. (For example, some video games may not run.) To work around this issue, you can temporarily turn on the service for the secdrv.sys driver by running certain commands, or by editing the registry.
Note: When you no longer require the service to be running, we recommend that you turn off the service again.
Warning: This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk..."
___
Another candidate for 'HIDE' ... :-(
Anonymous
Sep 9th 2015
9 years ago