JPCERT-AT-2015-0007
JPCERT/CC
2015-03-11
<<< JPCERT/CC Alert 2015-03-11 >>>
Microsoft Security Bulletin for March 2015
(including 5 critical patches)
https://www.jpcert.or.jp/english/at/2015/at150007.html
I. Overview
Microsoft has released its security bulletin for March, 2015.
This bulletin contains three (5) updates that are rated as "critical".
Remote attackers leveraging these vulnerabilities may be able to
execute arbitrary code.
Details on the vulnerabilities can be found at the following URL:
Microsoft Security Bulletin Summary for March 2015
https://technet.microsoft.com/en-us/library/security/ms15-mar
[Security update rated as "critical"]
MS15-018
Cumulative Security Update for Internet Explorer (3032359)
https://technet.microsoft.com/en-us/library/security/ms15-018
MS15-019
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3040297)
https://technet.microsoft.com/en-us/library/security/ms15-019
MS15-020
Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (3041836)
https://technet.microsoft.com/en-us/library/security/ms15-020
MS15-021
Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323)
https://technet.microsoft.com/en-us/library/security/ms15-021
MS15-022
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999)
https://technet.microsoft.com/en-us/library/security/ms15-022
In addition, if you wish to apply the update on a system where any
workaround for MS15-031(important) has been already placed, please
refer to the following URL and complete the cancellation of the
workaround.
If this security update is applied without cancelling the
workaround,it is possible that the majority of Internet service
becomes unavailable.
MS15-031
Vulnerability in Schannel Could Allow Security Feature Bypass (3046049)
https://technet.microsoft.com/en-us/library/security/ms15-031
II. Solution
Please apply the security update programs through Microsoft Update,
Windows Update, etc. as soon as possible.
Microsoft Update
http://www.update.microsoft.com/
Windows Update
http://windowsupdate.microsoft.com/
* With the April 2014 update, Microsoft has ended the support for
Windows XP and Office 2003. Concerns on security risk will rise
henceforth, and therefore please consider updating to a newer OS
and software.
III. References
Microsoft
Microsoft Security Bulletin Summary for March 2015
https://technet.microsoft.com/en-us/library/security/ms15-mar
Microsoft
Microsoft Security Information for March 2015 (Monthly) - MS15-018 - MS15-031 (Japanese)
http://blogs.technet.com/b/jpsecurity/archive/2015/03/11/201503-security-bulletin.aspx
If you have any information regarding this alert, please contact
JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top