Zenith Live is coming to Europe in October. Join us! Learn More
Zenith Live is coming to Europe in October. Join us!
Learn More

Zero trust security

Make it possible

Your Mission

 

Security Advisory - February 10, 2015

Zscaler Protects against Multiple Internet Explorer, Kernel Mode Driver, and Microsoft Office Vulnerabilities

 

 

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 42 vulnerabilities included in the February 2015 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections as necessary.

MS15-009 - Security Update for Internet Explorer

Severity: Critical
Affected Software

  • Internet Explorer 6-11

CVE-2014-8967 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0017 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0018 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0019 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0020 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0021 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0023 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0025 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0026 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0028 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0029 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0035 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0036 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0038 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0039 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0040 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0041 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0042 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0043 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0044 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0045 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0046 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0047 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0048 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0049 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0050 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0051 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0052 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0053 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0054 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0055 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0067 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0068 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0069 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0070 - Internet Explorer Memory Corruption Vulnerability
CVE-2015-0071 - Internet Explorer Memory Corruption Vulnerability

Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.

MS15-010 - Vulnerabilities in Windows Kernel Mode Driver Could Allow Remote Code Execution

Severity: Important
Affected Software

  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1

CVE-2015-0057 - Win32k Elevation of Privilege Vulnerability
CVE-2015-0058 - Windows Cursor Object Double Free Vulnerability
CVE-2015-0059 - TrueType Font Parsing Remote Code Execution Vulnerability

Description: An elevation of privilege vulnerability exists in the Windows kernel-mode driver (win32k.sys) due to a double-free condition. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

MS15-012 - Vulnerability in Microsoft Office Could Allow Remote Code Execution

Severity: Important
Affected Software

  • Office 2007
  • Office 2010
  • Office 2013
  • Office Web Apps 2010

CVE-2015-0064 - Office Remote Code Execution Vulnerability
CVE-2015-0065 - OneTableDocumentStream Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in Microsoft Word that is caused when Word improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.

MS15-015 - Vulnerability in Microsoft Windows Could Allow Elevation of Privilege

Severity: Important
Affected Software

  • Windows 7
  • Windows Server 2008 R2
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1

CVE-2015-0062 - Windows Create Process Elevation of Privilege Vulnerability

Description: An elevation of privilege vulnerability exists in Microsoft Windows when it fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security checks and gain elevated privileges on a targeted system.

MS15-017 - Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege

Severity: Important
Affected Software

  • Microsoft System Center Virtual Machine Manager 2012

CVE-2015-0012 - Virtual Machine Manager Elevation of Privilege Vulnerability

Description: A vulnerability exists in Virtual Machine Manager (VMM) when the VMM improperly validates user roles. The vulnerability could allow elevation of privilege if an attacker logs on an affected system. An attacker must have valid Active Directory logon credentials and be able to log on with that credential to exploit the vulnerability.