Microsoft Update Advisory for February 2015

Published: 2015-02-10
Last Updated: 2015-02-10 18:59:03 UTC
by Mark Baggett (Version: 1)
13 comment(s)

Overview of the February 2015 Microsoft patches and their status.

# Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*)
clients servers
MS15-009 Security Update for Internet Explorer
(ReplacesMS14-080 )

Microsoft Windows,Internet Explorer

 

(39 CVEs. Too many to list here)

 KB 3034682 . Severity:Critical
Exploitability: 0		 Critical Critical
MS15-010 Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution
(ReplacesMS13-006 MS14-066 MS14-074 MS14-079 )
Microsoft Windows

CVE-2015-0003
CVE-2015-0010
CVE-2015-0057
CVE-2015-0058
CVE-2015-0059
CVE-2015-0060		 KB 3036220 vuln. public. Severity:Critical
Exploitability: 2		 Critical Critical
MS15-011 Vulnerability in Group Policy Could Allow Remote Code Execution
(ReplacesMS13-031 MS13-048 MS15-001 )
Microsoft Windows

CVE-2015-0008		 KB 3000483 . Severity:Critical
Exploitability: 1		 Critical Critical
MS15-012 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
(ReplacesMS13-085 MS14-023 MS14-081 MS14-083 )
Microsoft Office

CVE-2015-0063
CVE-2015-0064
CVE-2015-0065		 KB 3032328 . Severity:Important
Exploitability: 1		 Critical Important
MS15-013 Vulnerability in Microsoft Office Could Allow Security Feature Bypass
Microsoft Office

CVE-2014-6362		 KB 3033857 vuln. public. Severity:Important
Exploitability: 1		 Important Important
MS15-014 Vulnerability in Group Policy Could Allow Security Feature Bypass
Microsoft Windows

CVE-2015-0009		 KB 3004361 . Severity:Important
Exploitability: 2		 Important Important
MS15-015 Vulnerability in Microsoft Windows Could Allow Elevation of Privilege
(ReplacesMS15-001 )
Microsoft Windows

CVE-2015-0062		 KB 3031432 . Severity:Important
Exploitability: 2		 Important Important
MS15-016 Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure
(ReplacesMS14-085 )
Microsoft Windows

CVE-2015-0061		 KB 3029944 . Severity:Important
Exploitability: 2		 Important Important
MS15-017 Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege
Microsoft Server Software

CVE-2015-0012		 KB 3035898 . Severity:Important
Exploitability:		 Important Important
We will update issues on this page for about a week or so as they evolve.
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
  • We use 4 levels:
    • PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
    • Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
    • Important: Things where more testing and other measures can help.
    • Less Urt practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.

 

Mark Baggett      Follow me on Twitter:@markbaggett

 Join me in Orlando Florida April 13th   Attackers and Defender will learn the essentials of Python, networking, regular expressions, interacting with websites, threading and much more.   Sign up soon for discounted pricing.

 

Keywords: mspatchday
13 comment(s)
Join us at SANS! Attend with Mark Baggett in starting

Comments

A good TechNet article explaining MS15-011 and MS15-014:

http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx

Anonymous

Feb 10th 2015
7 years ago

KB3001652 Visual Studio 2010 Tools patch from today's 'Patch Tuesday' set is not installing.

It hangs up the computer and cannot be stopped by choosing 'cancel'; WIndows 7 x64 and likely Win 8 according to various other reports.


You can find the active svchost.exe and kill it to regain control.


If a user tries to 'reboot' out of the hung install, they will get stuck at logoff; requiring a 'power cycle' ungraceful shutdown.


Microsoft, PLEASE PULL THIS PATCH!

Anonymous

Feb 10th 2015
7 years ago

[quote=comment#33327]KB3001652 Visual Studio 2010 Tools patch from today's 'Patch Tuesday' set is not installing.
...[/quote]

KB3001652 is from October 2014:

https://support.microsoft.com/kb/3001652

Anonymous

Feb 10th 2015
7 years ago

It might have been 'published' in October but until about 30 minutes ago, it was being pushed out with this AM's updates and hanging up machines.

MS has pulled KB3001652 from current Windows Update.

KB3034196 for IE11 appeared after KB3001652 was pulled by MS.


-------------
Links to others reporting this AM's 'horror':
-------------

http://stackoverflow.com/questions/9188447/visual-studio-2010-service-pack-1-is-not-installing

http://forums.overclockers.co.uk/showthread.php?p=27612025

http://www.eightforums.com/installation-setup/61425-update-failure-kb3001652.html

http://boards.4chan.org/g/thread/46506369

Anonymous

Feb 10th 2015
7 years ago

Odd. KB 3001652 does not appear on the current WU/WSUS release list, https://support2.microsoft.com/kb/894199/en-us

Anonymous

Feb 10th 2015
7 years ago

If it is from October why did it wait to install until today on my fully patched 7 & 8.1 machines?

It does this on both Windows 7 and 8.1 machines. The 8.1 machine tried to continue the install when it was shut down normally and had to be powered down the hard way. It took longer to reboot. When the 7 machine was rebooted normally it immediately restarted the installation again during the reboot process.

Anonymous

Feb 10th 2015
7 years ago

[quote=comment#33327]KB3001652 Visual Studio 2010 Tools patch from today's 'Patch Tuesday' set is not installing.

It hangs up the computer and cannot be stopped by choosing 'cancel'; WIndows 7 x64 and likely Win 8 according to various other reports.


You can find the active svchost.exe and kill it to regain control.


If a user tries to 'reboot' out of the hung install, they will get stuck at logoff; requiring a 'power cycle' ungraceful shutdown.


Microsoft, PLEASE PULL THIS PATCH![/quote]


Same here on Win7/64bit... waited for an hour for this patch to install. during reboot of the hung install it got stuck on "Configuring Windows updates 30% complete Do not turn off your computer."

Anonymous

Feb 10th 2015
7 years ago

Hey guys, MS15-011 lists Server 2003 as affected, but no patch due to the magnitude of changes required. Since WinXP is so similar, I'm guessing that Windows XP is affected as well. My current employer has a bunch of XP laptops and we pay royally for support. I've asked our MSFT rep to find out of there's going to be a WinXP patch. There's no answer yet. Has anyone else heard?

As far as mitigating controls, I'm thinking that we only allow use of those laptops at our own facilities; no use on hostile networks (coffee shops, bakeries, fast food joints, hotels, etc).

What are other people doing?

MJ

Anonymous

Feb 11th 2015
7 years ago

After installing all but one patch -- the one patch I "hid" had something to do with whether I would be upgrading to Windows 8 or something like that; it was unchecked by default -- I rebooted a Windows Vista Home Premium PC. I panicked when I loaded Mathematica (which is running 24/7 on this PC, and is used very heavily, and is part of the normal post-reboot sequence) and the fonts were goofed up. All text in any Mathematica notebook looked like grayed-out text in a disabled Windows control. All the text and graphics in the whole screen looked like that. I tried looking around for relevant support options -- found none. I started browsing "just what was fixed" in the Windows Update -- nothing that jumped out. So I did a System Restore. That fixed the problem! Now, I realize I probably should have at least tried rebooting first. But like I said, I was panicking. Next time (if) I'll try a reboot, but I have to wonder why that would "fix" this problem: what happened on the first reboot?

Now 16 updates are available to install. Frankly, I don't know what to install. I already know to steer clear of the C++ update, at least for now. I'll muddle through this somewhere along the line. The last thing I want to do is lose the use of Mathematica! What if I do an install and System Restore doesn't fix it?

See also post below.

Anonymous

Feb 11th 2015
7 years ago

Microsoft update KB3013455 part of Security bulletin MS15-10 is causing font rendering issues on Server 2003 SP2.

See attached screenshot for a comparison: http://snag.gy/263Zf.jpg

Anonymous

Feb 11th 2015
7 years ago

Login here to join the discussion.


Top of page
Diary Archives