Cyber Defense

Biggest Patch Tuesday In Recent History For March

By, Paul A. Henry
MCP+I, MCSE, CCSA, CCSE, CISSP-ISSAP, CISM, CISA, CIFI, CCE, ACE, GCFE, GCFA, GSEC, GICSP, GCED, GPPA, VCP4/5, VCP-DCV (5.5), vExpert
Senior SANS Instructor - phenry@sans.org
microsoft_patch-tuesday
March Patch Tuesday brings 5 Critical and 9 important patches — including 2 issues that have been publicly disclosed.

Lets look at the details:

? MS15-018 Is a Cumulative Update for Windows IE that is rated as Critical — It mitigates a single CVE related issue that could provide Remote Code Execution
? MS15-019 Mitigates a Critical VBScripting Engine issue (single CVE related) that could allow Remote Code Execution
? MS15-020 Mitigates a Critical Windows issue (single CVE related) that could allow Remote Code Execution
? MS15-021 Mitigates a Critical Adobe Font Driver issue (single CVE related) that could allow Remote Code Execution
? MS15-022 Mitigates a Critical MS Office issue (single CVE related) that could allow Remote Code Execution
? MS15-023 Mitigates an Important Kernel Mode Driver issue (single CVE related) that could provide an Escalation of Privilege
? MS15-024 Mitigates an Important PNG Processing issue (single CVE related) that could allow information disclosure
? MS15-025 Mitigates an Important Windows Kernel issue (single CVE related) that could provide an Escalation of Privilege
? MS15-026 Mitigates an Important Exchange issue (single CVE related) that could provide an Escalation of Privilege
? MS15-027 Mitigates an Important NETLOGON issue (single CVE related) that could allow spoofing
? MS15-028 Mitigates an Important Windows Task Scheduler issue (Single CVE related) that could allow an Security Feature Bypass
? MS15-029 Mitigates an Important Windows Photo Decoder issue (single CVE related) that could provide Information Disclosure
? MS15-030 Mitigates an Important RDP issue (single CVE related) that could facilitate a Denial of Service
? MS15-031 Mitigates an Important Schannel issue (single CVE related) that could allow a Security Feature Bypass

Priorities would of course begin with; Critical issues in MS15-18, MS15-19, MS15-20, MS15-21 and MS15-22 followed by the remaining important issues based on usage.

Post a Comment






Captcha


* Indicates a required field.