SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows Kernel Vendors:   Microsoft
Windows Kernel Lets Local Users Obtain Potentially Sensitive Information and Gain Elevated Privileges
SecurityTracker Alert ID:  1032525
SecurityTracker URL:  http://securitytracker.com/id/1032525
CVE Reference:   CVE-2015-1719, CVE-2015-1720, CVE-2015-1721, CVE-2015-1722, CVE-2015-1723, CVE-2015-1724, CVE-2015-1725, CVE-2015-1726, CVE-2015-1727, CVE-2015-1768, CVE-2015-2360   (Links to External Site)
Date:  Jun 9 2015
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system, Root access via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2003 SP2, Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1, 8, 8.1, 2012, 2012 R2, RT, RT 8.1; and prior service packs
Description:   Multiple vulnerabilities were reported in the Windows Kernel. A local user can obtain elevated privileges on the target system. A local user can access potentially sensitive information on the target system.

A local user can exploit a flaw in the Windows kernel-mode driver in the handling of buffer elements in certain situations to obtain the contents of specific memory addresses [CVE-2015-1719].

A local user can execute arbitrary code on the target system with elevated privileges.

A use-after-free memory error may occur [CVE-2015-1720].

A null pointer dereference may occur [CVE-2015-1721].

A use-after-free memory error may occur in the handling of bitmaps [CVE-2015-1722].

A use-after-free memory error may occur in Microsoft Windows Station [CVE-2015-1723].

A use-after-free memory error may occur in the handling of object [CVE-2015-1724].

A use-after-free memory error may occur in the handling of brush objects [CVE-2015-1726].

A buffer overflow may occur in the Win32k.sys kernel driver [CVE-2015-1725, CVE-2015-1727].

A memory corruption error may occur in the Win32k.sys kernel driver [CVE-2015-1768, CVE-2015-2360].

Guo Pengfei of Qihoo 360, KK of Tencent's Xuanwu LAB, Nils Sommer of bytegeist (via Google Project Zero), Maxim Golovkin of Kaspersky Lab, and enSilo Research Team reported these vulnerabilities.

Impact:   A local user can obtain elevated privileges on the target system.

A local user can access potentially sensitive information on the target system.

Solution:   The vendor has issued a fix.

Windows Server 2003 Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=07c9f7b8-e885-4a47-b245-89ba480dcfac

Windows Server 2003 x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=9c85e926-e1ed-4548-9801-044d645a2a94

Windows Server 2003 with SP2 for Itanium-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=f560936a-17e8-46e4-b90d-f32b7dc3972c

Windows Server 2003 R2 Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=07c9f7b8-e885-4a47-b245-89ba480dcfac

Windows Server 2003 R2 x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=9c85e926-e1ed-4548-9801-044d645a2a94

Windows Vista Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=6af0a40b-d1ac-4da3-85ac-716742617ec6

Windows Vista x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=48416d6d-8181-4c00-b4c6-1415735581dd

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=f6cf0a57-2437-4228-a171-f25358686997

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=1aceac33-f833-4946-afbd-78b6230c439f

Windows Server 2008 for Itanium-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=690bdffb-3e8f-44b1-9d4d-1d3f5e5bb1e0

Windows 7 for 32-bit Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=1b5d4b1d-bd94-45f3-9501-15fc49144958

Windows 7 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=ac548bb2-bd91-4813-86eb-6416c53ea972

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=1dbd8d08-1e11-4e9a-be07-f7a0070b6e5c

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=fdedb169-2c6a-43f7-8356-af602622e25e

Windows 8 for 32-bit Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=5e1e586a-6b98-4fd9-aa63-745943664eb0

Windows 8 for x64-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=66db596a-e9bd-4585-8649-a92152790a5f

Windows 8.1 for 32-bit Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=18ec6a42-a7d9-441f-b884-92fdb479fe1e

Windows 8.1 for x64-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=d36b1ee1-89bc-435d-ad6d-baafb10e32c5

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=71d1ad8c-57ac-45fc-89df-86a234c94b49

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=13e0e5c6-f624-4abf-82e9-9f1733509e45

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=f6cf0a57-2437-4228-a171-f25358686997

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=1aceac33-f833-4946-afbd-78b6230c439f

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=1dbd8d08-1e11-4e9a-be07-f7a0070b6e5c

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=71d1ad8c-57ac-45fc-89df-86a234c94b49

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=13e0e5c6-f624-4abf-82e9-9f1733509e45

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms15-061

Vendor URL:  technet.microsoft.com/library/security/ms15-061 (Links to External Site)
Cause:   Access control error, Boundary error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC