1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

July 2015 Patch Tuesday: Microsoft closes holes being exploited in the wild

Discussion in 'Network World' started by RSS, Jul 14, 2015.

  1. RSS

    RSS New Member Member

    For July 2015, Microsoft released 14 security bulletins, with four patches rated as “critical” remote code execution (RCE) fixes. At least one of the fixes rated “critical” and some rated as “important” are currently being exploited in the wild.

    Patches rated Critical

    MS15-065 resolves 28 flaws in Internet Explorer that could otherwise “modify how IE, VBScript and Jscript handle objects in memory.” Qualys CTO Wolfgang Kandek pointed out that three of these were previously known (CVE-2051-2413, CVE-2015-2419 and CVE-2015-2421 ). “CVE-2015-2425 seems to come from the data dump at Hacking Team as well and I am impressed by the fix speed that Microsoft showed here. Of the other vulnerabilities a full 19 are of type RCE and allow the attacker to take over the targeted machine simply by browsing to a malicious, or infected site.”

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page