Home / vulnerabilitiesPDF  

Microsoft Security Bulletin Re-Release For March, 2015

Posted on 18 March 2015
Source : packetstormsecurity.org Link

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

********************************************************************
Title: Microsoft Security Bulletin Releases
Issued: March 16, 2015
********************************************************************

Summary
=======

The following bulletins have undergone a major revision increment.

* MS15-025 - Important
* MS15-027 - Important

Bulletin Information:
=====================

MS15-025 - Important

- Title: Vulnerabilities in Windows Kernel Could Allow Elevation of
Privilege (3038680)
- https://technet.microsoft.com/library/security/ms15-025
- Reason for Revision: V2.0 (March 16, 2015): To address a packaging
issue for customers who are repeatedly reoffered security update
3033395 when installed on systems running supported editions of
Windows Server 2003, Microsoft released update 3033395-v2 for all
supported editions of Windows Server 2003. Customers who have not
already installed the 3033395 update should install update
3033395-v2 to be fully protected from this vulnerability. To
avoid the possibility of future detection logic problems, Microsoft
recommends that customers running Windows Server 2003 who have
already successfully installed the 3033395 update also apply update
3033395-v2 even though they are already protected from this
vulnerability. Customers running other Microsoft operating systems
are not affected by this rerelease and do not need to take any
action. See Microsoft Knowledge Base Article 3033395 for more
information.
- Originally posted: March 10, 2015
- Updated: March 16, 2015
- Bulletin Severity Rating: Important
- Version: 2.0

MS15-027 - Important

- Title: Vulnerability in NETLOGON Could Allow Spoofing (3002657)
- https://technet.microsoft.com/library/security/ms15-027
- Reason for Revision: V2.0 (March 16, 2015): To address a
connectivity issue with update 3002657 when installed on
supported editions of Windows Server 2003, Microsoft released
update 3002657-v2 for all supported editions of Windows Server
2003. Customers who have not already installed the 3002657 update
should install update 3002657-v2 to be fully protected from this
vulnerability. To avoid the possibility of future detection logic
problems, Microsoft recommends that customers running Windows
Server 2003 who have already successfully installed the 3002657
update also apply update 3002657-v2 even though they are already
protected from this vulnerability. Customers running other
Microsoft operating systems are not affected by this rerelease
and do not need to take any action. See Microsoft Knowledge Base
Article 3002657 for more information.
- Originally posted: March 10, 2015
- Updated: March 16, 2015
- Bulletin Severity Rating: Important
- Version: 2.0

Other Information
=================

Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious websites. Microsoft does
not distribute security updates via email.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.

********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.

If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
<https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar
d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033>.

These settings will not affect any newsletters you’ve requested or
any mandatory service communications that are considered part of
certain Microsoft services.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950)
Charset: utf-8

wsFVAwUBVQdjxb8Fv/Q6pUnlAQiyCg//ZdeB6ZP+LEoGOAOvhmpqPwSYn27Gzlv8
dvE6tCD/veTvVocLuEk9ycuQaMw+V3SCGt4beVBRG68TqxtmiX5izTTw4a3o5coq
g5/oRuAk8W2lxAuqweb0TRggpW3w9tcOA4PTrmkHxwgQn+CAqweH5Z4GKSEmWLRN
3N8+6AT1GtgSSdUYNtdOiI5Lf9BzcHwHIZhqT9Zd1G+VqYWdFAegkZMMLNF0FFb9
09FwYr4dPKdY2cn5+asLE6z1jQO9jz8iTgqqxeUuXPSJtgz76Ojl8IE16tkJOrVw
aNY7r8rehmpWqcqCGs24HUkESEjoeNR65gw6Mokz1gE9eLO3tWDKhriHQhIdgL17
EFxv8NwBpdQcuLBrgqnsZf0B9YXtvIDdtA2C7FW6+uswj5MppFjuReXW6z0udv/I
3KzkP0YB8LaJgbgwZ/aSkGjpdsS+FeaIWjZquJrsDtWwOKPY9b2raL2fr6gbcrrI
8hN0bStkEqtCoENoFVSN8aRj/YQKBxp7l6Yb07VJsJ7+NG//DVk37cYjFvxQtCAl
LemaXY3IJwDnE0ijfY7gyyA29ek+5Khzqf6a4RUizvPmpXQooeUD4jnWVFqbiKjQ
YhM/jW0U7wiCEtIlJGqK+6e5Z05JdkeJlUBA6D5Is6QO9dQ0C/b6JHuArF6QUE5E
E19tK/fRi7A=
=TdND
-----END PGP SIGNATURE-----

 

TOP