Microsoft released six patches this month, which included three rated as critical and the remaining as important. The vulnerabilities found in October’s patch update targeted computer accounts with higher access rights and was done in multiple online and offline platforms. This means computers or laptops with overlapping users or have multiple access to admin accounts are susceptible to attacks leveraging these vulnerabilities.
MS15-106, MS15-108, and MS15-109 addressed bugs that may allow remote code execution when a user views a well-crafted webpage, site, or online content. On the other hand, vulnerabilities found in Windows Edge (MS15-107) could allow information disclosure once successfully exploited. Trend Micro security researcher Jack Tang reported one of the CVEs (CVE-2015-6044) patched in MS15-106, which Microsoft acknowledged. While this vulnerability leads to a NULL pointer deference, it is difficult to exploit.
While exploiting browsers and office tools never seem to go out of style, attackers are finding more convincing ways to get into systems. MS15-108 addresses potential attacks that involve embedding an Active X control marked “safe for initialization” in an application that uses MS Office or the IE rendering engine that diverts users to a malicious website.
Updating software and systems with the latest patches from Microsoft is strongly advised. For additional information on these security bulletins, visit our Threat Encyclopedia page.
Trend Micro Solutions
Trend Micro Deep Security and Vulnerability Protection defend systems from threats that anchor on vulnerabilities with the following DPI rules:
- 1007103-Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-6055)
- 1007101-Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6050)
- 1007111-Microsoft Office Memory Corruption Vulnerability (CVE-2015-2557)
- 1007104-Microsoft Windows Shell Toolbar Use After Free Vulnerability (CVE-2015-2515)
- 1007112-Microsoft Office Memory Corruption Vulnerability (CVE-2015-2558)
- 1007110-Microsoft Office Memory Corruption Vulnerability (CVE-2015-2555)
- 1007097-Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6042)
- 1007105-Microsoft Windows Shell Tablet Input Band Use After Free Vulnerability (CVE-2015-2548)
- 1007108-Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-6059)
- 1007107-Microsoft Internet Explorer VBScript And JScript ASLR Bypass Vulnerability (CVE-2015-6052)
- 1007106-Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-6046)
- 1007099-Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6048)
- 1007102-Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-6053)
- 1007096-Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-2482)
- 1007100-Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6049)
Updated on October 14, 2015 11:00 P.M. PDT (UTC-7) to add more details about the MS15-106 vulnerability.
Updated as of October 18, 2015 12:03 A.M. PDT (UTC-7) to modify details on MS15-107 and to include the credit by Microsoft.