Microsoft Security Bulletin Summary for September 8, 2015

  • 8 September 2015
  • 9 replies
  • 2 views

Userlevel 7
Badge +56
There is quite a few feel free to read: https://technet.microsoft.com/library/security/ms15-sep
 
Thanks,
 
Daniel 😉

9 replies

Userlevel 7
Badge +62
Thanks Daniel,
 
Where do I start there is so many! LOL::@
Userlevel 7
Badge +56


 
http://blogs.technet.com/b/msrc/archive/2015/09/08/september-2015-security-update-release-summary.aspx
Userlevel 7
Badge +56
More info from another place: https://isc.sans.edu/diary/September+2015+Microsoft+Patch+Tuesday/20129
 
Daniel
Userlevel 7
Badge +56
Finely I get the emails! LOL
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
********************************************************************
Title: Microsoft Security Bulletin Releases
Issued: September 8, 2015
********************************************************************
Summary
=======
The following bulletins have undergone a major revision increment.
* MS15-083 - Important
Bulletin Information:
=====================
MS15-083 - Important
- Title: Vulnerability in Server Message Block Could Allow Remote
Code Execution (3073921)
- https://technet.microsoft.com/library/security/ms15-083
- Reason for Revision: V2.0 (September 8, 2015): To comprehensively
address CVE-2015-2472, Microsoft re-released security update
3073921 for affected editions of Windows Vista and Windows Server
2008. Customers running Windows Vista or Windows Server 2008 who
previously installed the update should reinstall the update to be
fully protected from the vulnerability. See Microsoft Knowledge
Base Article 3073921 for more information.
- Originally posted: August 11, 2015
- Updated: September 8, 2015
- Bulletin Severity Rating: Important
- Version: 2.0

Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.
Userlevel 7
Badge +56
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: September 8, 2015
********************************************************************
Security Advisories Updated or Released Today ==============================================
* Microsoft Security Advisory (3083992)
- Title: Update to Improve AppLocker Publisher Rule Enforcement
- https://technet.microsoft.com/library/security/3083992
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.
Userlevel 7
Badge +56
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: September 8, 2015
********************************************************************
Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
* MS15-080 - Critical
Bulletin Information:
=====================
MS15-080 - Critical
- Title: Vulnerabilities in Microsoft Graphics Component Could
Allow Remote Code Execution (3078662)
- https://technet.microsoft.com/library/security/ms15-080.aspx
- Reason for Revision: V2.1 (September 8, 2015) Revised bulletin
to add an Update FAQ that explains why customers running Office
2010 on Windows Vista and later versions of Windows are not
being offered the 3054846 update.
- Originally posted: August 11, 2015
- Updated: September 8, 2015
- Bulletin Severity Rating: Critical
- Version: 2.1

Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.
Userlevel 7
Badge +56
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
********************************************************************
Microsoft Security Bulletin Summary for September 2015
Issued: September 8, 2015
********************************************************************
This bulletin summary lists security bulletins released for September 2015.
The full version of the Microsoft Security Bulletin Summary for September 2015 can be found at <https://technet.microsoft.com/library/security/ms15-sep>.
Critical Security Bulletins
============================
MS15-094
- Affected Software:
- Windows Vista Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Windows Vista x64 Edition Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Windows Server 2008 for 32-bit Systems Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2:
- Internet Explorer 7
- Windows 7 for 32-bit Systems Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Windows 7 for x64-based Systems Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Windows Server 2008 R2 for x64-based Systems
Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
(Windows Server 2008 R2 Server Core installation
not affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1:
- Internet Explorer 8
- Windows 8 for 32-bit Systems:
- Internet Explorer 10
- Windows 8 for x64-based Systems:
- Internet Explorer 10
- Windows Server 2012:
- Internet Explorer 10
(Windows Server 2012 Server Core installation not affected)
- Windows RT:
- Internet Explorer 10
- Windows 8.1 for 32-bit Systems:
- Internet Explorer 11
- Windows 8.1 for x64-based Systems:
- Internet Explorer 11
- Windows Server 2012 R2:
- Internet Explorer 11
(Windows Server 2012 R2 Server Core installation not affected)
- Windows RT 8.1:
- Internet Explorer 11
- Windows 10 for 32-bit Systems
- Internet Explorer 11
- Windows 10 for x64-based Systems
- Internet Explorer 11
- Impact: Remote Code Execution
- Version Number: 1.0
MS15-095
- Affected Software:
- Windows 10 for 32-bit Systems
- Microsoft Edge
- Windows 10 for x64-based Systems
- Microsoft Edge
- Impact: Remote Code Execution
- Version Number: 1.0
MS15-097
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Microsoft Office 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 2010 Service Pack 2 (64-bit editions)
- Microsoft Live Meeting 2007 Console
- Microsoft Lync 2010 (32-bit)
- Microsoft Lync 2010 (64-bit)
- Microsoft Lync 2010 Attendee (user level install)
- Microsoft Lync 2010 Attendee (admin level install)
- Microsoft Lync 2013 Service Pack 1 (32-bit) (Skype for
Business)
- Microsoft Lync 2013 Service Pack 1 (64-bit)(Skype for
Business)
- Microsoft Lync Basic 2013 Service Pack 1 (32-bit) (Skype
for Business Basic)
- Microsoft Lync Basic 2013 Service Pack 1 (64-bit) (Skype
for Business Basic)
- Impact: Remote Code Execution
- Version Number: 1.0
MS15-098
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation not affected)
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation not affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation not affected)
- Windows RT
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
MS15-099
- Affected Software:
- Microsoft Office 2007 Service Pack 3
- Microsoft Excel 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 2010 Service Pack 2 (64-bit editions)
- Microsoft Excel 2010 Service Pack 2 (32-bit editions)
- Microsoft Excel 2010 Service Pack 2 (64-bit editions)
- Microsoft Office 2013 Service Pack 1 (32-bit editions)
- Microsoft Office 2013 Service Pack 1 (64-bit editions)
- Microsoft Excel 2013 Service Pack 1 (32-bit editions)
- Microsoft Excel 2013 Service Pack 1 (64-bit editions)
- Microsoft Office 2013 RT Service Pack 1
- Microsoft Excel 2013 RT Service Pack 1
- Microsoft Excel for Mac 2011
- Microsoft Office Compatibility Pack Service Pack 3
- Microsoft Excel Viewer
- Microsoft SharePoint Foundation 2013 Service Pack 1
- Impact: Remote Code Execution
- Version Number: 1.0

Important Security Bulletins
============================
MS15-096
- Affected Software:
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Impact: Denial of Service
- Version Number: 1.0
MS15-100
- Affected Software:
- Windows Vista Service Pack 2
- Windows Media Center
- Windows Vista x64 Edition Service Pack 2
- Windows Media Center
- Windows 7 for 32-bit Systems Service Pack 1
- Windows Media Center
- Windows 7 for x64-based Systems Service Pack 1
- Windows Media Center
- Windows 8 for 32-bit Systems
- Windows Media Center
- Windows 8 for x64-based Systems
- Windows Media Center
- Windows 8.1 for 32-bit Systems
- Windows Media Center
- Windows 8.1 for x64-based Systems
- Windows Media Center
- Impact: Remote Code Execution
- Version Number: 1.0
MS15-101
- Affected Software:
- Windows Vista Service Pack 2
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows Vista x64 Edition Service Pack 2
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 4
- Windows 7 for 32-bit Systems Service Pack 1
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows 7 for x64-based Systems Service Pack 1
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4
- Windows 8 for 32-bit Systems
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows 8 for x64-based Systems
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows 8.1 for 32-bit Systems
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows 8.1 for x64-based Systems
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows RT
- Microsoft .NET Framework 4.5/4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows RT 8.1
- Microsoft .NET Framework 4.5.1/4.5.2
- Microsoft .NET Framework 4.6
- Windows 10 for 32-bit Systems
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6
- Windows 10 for x64-based Systems
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 4.6
- Impact: Elevation of Privilege
- Version Number: 1.0
MS15-102
- Affected Software:
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows RT
- Windows RT 8.1
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Impact: Elevation of Privilege
- Version Number: 1.0
MS15-103
- Affected Software:
- Microsoft Exchange Server 2013 Cumulative Update 8
- Microsoft Exchange Server 2013 Cumulative Update 9
- Microsoft Exchange Server 2013 Service Pack 1
- Impact: Information Disclosure
- Version Number: 1.0
MS15-104
- Affected Software:
- Microsoft Lync Server 2013 (Web Components Server)
- Skype for Business Server 2015
- Impact: Elevation of Privilege
- Version Number: 1.0
MS15-105
- Affected Software:
- Windows 8.1 for x64-based Systems
- Windows Server 2012 R2
(Windows Server 2012 R2 Server Core installation affected)
- Windows 10 for x64-based Systems
- Impact: Security Feature Bypass
- Version Number: 1.0

Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious websites. Microsoft does
not distribute security updates via email.
Userlevel 7
Badge +54
One thing I have found regarding MS15-097
 
 
Posted on 8 September 2015 by dvk01
 
I am just going to mention one update which will almost certainly  cause  a lot of problems for a load of users, mainly gamers who play popular games from a few years ago.
MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015  KB3086255
This update basically disables secdrv.sys which is an anti-piracy copy protection that is used by many games developers and some other software companies. The driver, secdrv.sys, is used by games which use Macrovision SafeDisc. Without the driver, games with SafeDisc protection would be unable to play on Windows.
 
Full Article
Userlevel 7
Badge +34
Patched my Win 7 Pro this morning and for the first time ever it hung whilst updating. After waiting a hour, a restart (despite the warning not to) fortunately resolved the issue. I've no idea why it happened but all seems well now.

Reply