It’s Microsoft Patch Tuesday! In the March edition there are 14 updates; five are marked "Critical" and nine are rated "Important". A total of 45 vulnerabilities were fixed over 14 bulletins this month. One of the Critical update MS15-018 is an all version Internet Explorer (IE 6 to 11) patch. This single update resolves 12 CVE's (Common Vulnerability and Exposure) and is the highest profile bulletin of the month.
Here is a list of Security bulletins which were rolled out in today's Patch Tuesday release.
Bulletin ID |
Bulletin Title |
Bulletin Severity |
MS15-018 |
Cumulative Security Update for Internet Explorer |
Critical |
MS15-019 |
Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution |
Critical |
MS15-020 |
Vulnerability in Windows Shell Could Allow Remote Code Execution |
Critical |
MS15-021 |
Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution |
Critical |
MS15-022 |
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution |
Critical |
MS15-023 |
Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege |
Important |
MS15-024 |
Vulnerability in PNG Processing Could Allow Information Disclosure |
Important |
MS15-025 |
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege |
Important |
MS15-026 |
Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege |
Important |
MS15-027 |
Vulnerability in NETLOGON Could Allow Spoofing |
Important |
MS15-028 |
Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass |
Important |
MS15-029 |
Vulnerability in Windows Photo Decoder Component Could Allow Information Disclosure |
Important |
MS15-030 |
Vulnerability in Remote Desktop Protocol Could Allow Denial of Service |
Important |
MS15-031 |
Vulnerability in Schannel Could Allow Security Feature Bypass |
Important |
Tracking Microsoft Vulnerability Patches 2015
As shown in the chart above, number of vulnerabilities which were patched this month is slightly lower than that of February release where 56 vulnerabilities were patched. As we do every month, we’ve released a signature update #2473 to address vulnerabilities fixed in this month's patches. Happy patching!
For additional information on how you can protect your network from emerging threats, please visit http://www.juniper.net/as/en/security/