JPCERT-AT-2015-0006
JPCERT/CC
2015-02-12
<<< JPCERT/CC Alert 2015-02-12 >>>
Microsoft Security Bulletin for February 2015
(including 3 critical patches)
https://www.jpcert.or.jp/english/at/2015/at150006.html
I. Overview
Microsoft has released its security bulletin for February, 2015.
This bulletin contains three (3) updates that is rated as "critical".
Remote attackers leveraging these vulnerabilities may be able to
execute arbitrary code.
Details on the vulnerabilities can be found at the following URL:
Microsoft Security Bulletin Summary for February 2015
https://technet.microsoft.com/en-us/library/security/ms15-feb
[Security update rated as "critical"]
MS15-009
Security Update for Internet Explorer (3034682)
https://technet.microsoft.com/en-us/library/security/ms15-009
MS15-010
Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (3036220)
https://technet.microsoft.com/en-us/library/security/ms15-010
MS15-011
Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)
https://technet.microsoft.com/en-us/library/security/ms15-011
For MS15-011, in addition to the application of security updates,
additional configuration by the system administrator is required.
For more information, please refer to the following Knowledge Base.
Microsoft Knowledge Base Article 3000483
MS15-011: Vulnerability in Group Policy could allow remote code execution
https://support.microsoft.com/kb/3000483/
Also, according to Microsoft, attacks leveraging MS15-009 (critical)
have been observed in the wild.
II. Solution
Please apply the security update programs through Microsoft Update,
Windows Update, etc. as soon as possible.
Microsoft Update
http://www.update.microsoft.com/
Windows Update
http://windowsupdate.microsoft.com/
* With the April 2014 update, Microsoft has ended the support for
Windows XP and Office 2003. Concerns on security risk will rise
henceforth, and therefore please consider updating to a newer OS
and software.
III. References
Microsoft
Microsoft Security Bulletin Summary for February 2015
https://technet.microsoft.com/en-us/library/security/ms15-feb
Microsoft
Microsoft Security Information for February 2015 (Monthly) - MS15-009 - MS15-017 (Japanese)
http://blogs.technet.com/b/jpsecurity/archive/2015/02/11/201502-security-bulletin.aspx
If you have any information regarding this alert, please contact
JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top