Guest

Cisco Event Response: Microsoft Security Bulletin Release for April 2015

April 14, 2015

Microsoft published its monthly security bulletin release on April 14, 2015. Microsoft published its monthly security bulletin release on April 14, 2015. Microsoft released 11 bulletins that addressed 26 vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft SharePoint Server, Microsoft .NET, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, access sensitive information, conduct cross-site scripting attacks, or cause a denial of service condition.


Event Intelligence

The following table identifies Cisco Security content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin Cisco IntelliShield Alert
CVE ID
Search CVEs
Cisco Mitigations
CVSS
Base Score
CVSS Q&A

Microsoft Security Bulletin MS15-032

Cumulative Security Update for Internet Explorer

Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1652
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1657
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1659
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1660
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1661
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1662
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1665
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1666
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1667
9.3
Microsoft Internet Explorer Memory Corruption Vulnerability
CVE-2015-1668
9.3

Microsoft Security Bulletin MS15-034

Vulnerability in HTTP.sys Could Allow Remote Code Execution

Microsoft Windows HTTP.sys Arbitrary Code Execution Vulnerability
CVE-2015-1635
10.0

Microsoft Security Bulletin MS15-040

Vulnerability in Active Directory Federation Services Could Allow Information Disclosure

Microsoft Windows Active Directory Federation Services Information Disclosure Vulnerability
CVE-2015-1638
1.9

Microsoft Security Bulletin MS15-037

Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
CVE-2015-0098
6.9

Microsoft Security Bulletin MS15-038

Vulnerabilities in Microsoft Windows Could Allow Elevation of Privilege

Microsoft Windows NtCreateTransactionManager Impersonation Privilege Escalation Vulnerability
CVE-2015-1643
7.2
Microsoft Windows Account Impersonation Validation Privilege Escalation Vulnerability
CVE-2015-1644
7.2

Microsoft Security Bulletin MS15-035

Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution

Microsoft Windows Enhanced Metafile Image Processing Arbitrary Code Execution Vulnerability
CVE-2015-1645
9.3

Microsoft Security Bulletin MS15-039

Vulnerability in XML Core Services Could Allow Security Feature Bypass

Microsoft XML Core Services Domain Origin Bypass Information Disclosure Vulnerability
CVE-2015-1646
4.3

Microsoft Security Bulletin MS15-042

Vulnerability in Windows Hyper-V Could Allow Denial of Service

Microsoft Windows Hyper-V Denial of Service Vulnerability
CVE-2015-1647
2.7

Microsoft Security Bulletin MS15-041

Vulnerability in .NET Framework Could Allow Information Disclosure

Microsoft ASP.NET Custom Error Message Information Disclosure Vulnerability
CVE-2015-1648
2.6

Microsoft Security Bulletin MS15-033

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution

Microsoft Outlook App for Mac Cross-Site Scripting Vulnerability
CVE-2015-1639
4.3
Microsoft Word Rich Text Document Processing Memory Corruption Vulnerability
CVE-2015-1641
9.3
Microsoft Office Use-After-Free Vulnerability
CVE-2015-1649
9.3
Microsoft Office Use-After-Free Vulnerability
CVE-2015-1650
9.3
Microsoft Office Use-After-Free Vulnerability
CVE-2015-1651
9.3

Microsoft Security Bulletin MS15-036

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution

Microsoft Project Server Cross-Site Scripting Vulnerability
CVE-2015-1640
4.3
Microsoft SharePoint Cross-Site Scripting Vulnerability
CVE-2015-1653
4.3

Cisco Security

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco ASA, Cisco ASASM, and Cisco FWSM Firewalls; Cisco ACE Application Control Engine Appliance and Module; Cisco Intrusion Prevention System (IPS) signatures; Cisco Web and Email Security Appliance; and Cisco Cloud Web Security are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for April 2015

Cisco Security Manager helps enable enterprises to manage and scale security operations efficiently and accurately. Its end-to-end tools provide consistent policy enforcement, quick troubleshooting of security events, and summarized reports from across the security deployment.

Cisco NAC Appliance (formerly Cisco Clean Access) uses your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access.

Cisco Identity Services Engine gathers information from users, devices, infrastructure, and network services to enable organizations to enforce contextual-based business policies across the network. It provides network visibility for advanced discovery and troubleshooting and combines authentication, authorization, and accounting (AAA), posture, profiling, and guest management.

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.