Spyware, Viruses, & Security forum

Alert

Microsoft Security Bulletin Summary for March 2015

by Carol~ Moderator / March 10, 2015 3:58 AM PDT

Published : March 10, 2015

Microsoft released 14 new security updates today. Five (5) are rated Critical and Nine (9) are rated Important. They address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Exchange, and Internet Explorer..

Microsoft also released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Critical: 5

MS15-018 - Cumulative Security Update for Internet Explorer (3032359)
MS15-019 - Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3040297)
MS15-020 - Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (3041836)
MS15-021 - Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323)
MS15-022 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999)

Important: 9

MS15-23 - Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege (3034344)
MS15-24 - Vulnerability in PNG Processing Could Allow Information Disclosure (3035132)
MS15-25 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680)
MS15-26 - Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3040856)
MS15-27 - Vulnerability in NETLOGON Could Allow Spoofing (3002657)
MS15-28 - Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass (3030377)
MS15-29 - Vulnerability in Windows Photo Decoder Component Could Allow Information Disclosure (3035126)
MS15-30 - Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (3039976)
MS15-31 - Vulnerability in Schannel Could Allow Security Feature Bypass (3046049)

Security Bulletin: https://technet.microsoft.com/library/security/ms15-mar

Discussion is locked
You are posting a reply to: Microsoft Security Bulletin Summary for March 2015
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Microsoft Security Bulletin Summary for March 2015
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Security Advisories Updated or Released Today
by Carol~ Moderator / March 10, 2015 4:06 AM PDT
* Microsoft Security Advisory (3033929)
- Title: Availability of SHA-2 Code Signing Support for Windows 7 and Windows Server 2008 R2
- https://technet.microsoft.com/library/security/3033929
- Revision Note: V1.0 (March 10, 2015): Advisory published.

* Microsoft Security Advisory (3046015)
- Title: Vulnerability in Schannel Could Allow Security Feature Bypass
- https://technet.microsoft.com/library/security/3046015
- Revision Note: V2.0 (March 10, 2015): Advisory updated to reflect publication of security bulletin.

* Microsoft Security Advisory (2755801)
- Title: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- https://technet.microsoft.com/library/security/2755801
- Revision Note: V38.0 (March 10, 2015): Added the 3044132 update to the Current Update section.
Collapse -
MSRT March: Superfish cleanup
by Carol~ Moderator / March 11, 2015 3:40 AM PDT

Geoff McDonald @ the Microsoft Malware Protection Center (MMPC) blog:

10 Mar 2015

This month we added two new families to the Microsoft Malicious Software Removal Tool: Win32/CompromisedCert and Win32/Alinaos.

The Alinaos trojan family targets point-of-sale terminals to steal credit card information. This blog will discuss the security risk presented by Superfish, an ad-injecting application that we detect as CompromisedCert.

Some new Lenovo consumer notebooks sold between September 2014 and February 2015 had Superfish pre-installed. In February, it was discovered that this application exposes a machine to man-in-the-middle (MiTM) attacks because of a security vulnerability involving a self-signed root certificate used by Superfish. Lenovo customers concerned about pre-installed versions of Superfish should refer to Lenovo's security advisory.

Additional Information : http://blogs.technet.com/b/mmpc/archive/2015/03/10/msrt-march-superfish-cleanup.aspx

Collapse -
Interesting: The Newest Removal Tool Isn't Available Yet
by Grif Thomas Forum moderator / March 11, 2015 7:46 AM PDT

Although Windows Updates will download it and run it, the newest manual tool available for download is the 5.21 version available in February.. Visiting the normal download site at the link below shows the older version plus text that says: "The Malicious software removal tool currently available for download is the February 2015 version. The March 2015 version will be available in the next couple of weeks."

http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx?id=16

Usually, the downloadable tool is available on the same days it's released. Although most folks don't care about this, I usually keep the manual tool available for running on remote computers which don't have internet access. Not a big deal, but it is a curious thing.

Hope this helps.

Grif

Collapse -
The Newest MSRT Offline Version Is Now Available
by Grif Thomas Forum moderator / March 17, 2015 6:32 AM PDT
Collapse -
Microsoft Security Advisory 3046310
by Carol~ Moderator / March 17, 2015 3:50 AM PDT
Improperly Issued Digital Certificates Could Allow Spoofing

Published: March 16, 2015

Version: 1.0

Executive Summary:

Microsoft is aware of an improperly issued SSL certificate for the domain "live.fi" that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

To help protect customers from potentially fraudulent use of this digital certificate, it has been revoked by the issuing CA and Microsoft is updating the Certificate Trust list (CTL) for all supported releases of Microsoft Windows to remove the trust of certificates that are causing this issue. For more information about these certificates, see the Frequently Asked Questions section of this advisory.

Advisory continued : https://technet.microsoft.com/library/security/3046310
Collapse -
Microsoft Security Advisory 3046310 - Version 2.0
by Carol~ Moderator / March 20, 2015 6:56 AM PDT
* Microsoft Security Advisory (3046310)
- Title: Improperly Issued Digital Certificates Could Allow Spoofing
- https://technet.microsoft.com/library/security/3046310
- Revision Note: V2.0 (March 19, 2015): Advisory rereleased to announce that the update for supported editions of Windows Server 2003 is now available. See Knowledge Base Article 3046310 for more information and download links.
Collapse -
Microsoft Security Advisory 3050995
by Carol~ Moderator / March 25, 2015 12:56 AM PDT
Improperly Issued Digital Certificates Could Allow Spoofing

Published: March 24, 2015

Version: 1.0

Executive Summary

Microsoft is aware of digital certificates that were improperly issued from the subordinate CA, MCS Holdings, which could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The improperly issued certificates cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows.

To help protect customers from the potentially fraudulent use of these improperly issued certificates, Microsoft is updating the Certificate Trust list (CTL) to remove the trust of the subordinate CA certificate. The trusted root Certificate Authority, the China Internet Network Information Center (CNNIC), has also revoked the certificate of the subordinate CA. Microsoft is working on an update for Windows Server 2003 customers and will release it once fully tested. For more information about these certificates, see the Frequently Asked Questions section of this advisory.

Advisory continued : https://technet.microsoft.com/library/security/3050995

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!