Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2015.2073
Microsoft Security Bulletin MS15-088: Unsafe Command Line Parameter Passing
Could Allow Information Disclosure (3082458)
12 August 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
Publisher: Microsoft
Operating System: Windows
Impact/Access: Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2015-2423
Original Bulletin:
https://technet.microsoft.com/en-us/library/security/MS15-088
- --------------------------BEGIN INCLUDED TEXT--------------------
Microsoft Security Bulletin MS15-088: Unsafe Command Line Parameter Passing
Could Allow Information Disclosure (3082458)
Bulletin Number: MS15-088
Bulletin Title: Unsafe Command Line Parameter Passing Could Allow Information
Disclosure
Severity: Important
KB Article: 3082458
Version: 1.0
Published Date: August 11, 2015
Executive Summary
This security update helps to resolve an information disclosure vulnerability
in Microsoft Windows, Internet Explorer, and Microsoft Office. To exploit the
vulnerability an attacker would first have to use another vulnerability in
Internet Explorer to execute code in the sandboxed process. The attacker could
then execute Notepad, Visio, PowerPoint, Excel, or Word with an unsafe command
line parameter to effect information disclosure. To be protected from the
vulnerability, customers must apply the updates provided in this bulletin, as
well as the update for Internet Explorer provided in MS15-079. Likewise,
customers running an affected Microsoft Office product must also install the
applicable updates provided in MS15-081.
This security update is rated Important for all supported releases of
Microsoft Windows. For more information, see the Affected Software section.
Affected Software
Windows Vista
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8 and Windows 8.1
Windows 8 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012
Windows Server 2012 R2
Windows RT and Windows RT 8.1
Windows RT[1]
Windows RT 8.1[1]
Windows 10
Windows 10 for 32-bit Systems[2]
Windows 10 for x64-based Systems[2]
Server Core installation option
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core
installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
[1]This update is available via Windows Update only.
[2]The Windows 10 update is cumulative. In addition to containing non-security
updates, it also contains all of the security fixes for all of the Windows
10-affected vulnerabilities shipping with this months security release. The
update is available via the Windows Update Catalog only. See Microsoft
Knowledge Base Article 3081435 for more information and download links.
Vulnerability Information
Unsafe Command Line Parameter Passing Vulnerability - CVE-2015-2423
An information disclosure vulnerability exists in Microsoft Windows, Internet
Explorer, and Microsoft Office when files at a medium integrity level become
accessible to Internet Explorer running in Enhanced Protection Mode (EPM).
To exploit this vulnerability, an attacker would first need to leverage
another vulnerability and execute code in Internet Explorer with EPM, and then
execute Excel, Notepad, PowerPoint, Visio, or Word using an unsafe command
line parameter. The update addresses the vulnerability by improving how
Notepad and Microsoft Office programs are executed from Internet Explorer.
This vulnerability has been publicly disclosed. It has been assigned Common
Vulnerability and Exposure number CVE-2015-2423. When this bulletin was
originally released, Microsoft had not received any information to indicate
that this issue had been publicly used to attack customers.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVcqMVX6ZAP0PgtI9AQKb1xAAgTNDzwJgz7IY96woZsftFVjv2wedEKMN
V7MBXog0oPzImMog7pPYU7YvHsTfBBwQNBr9yS5Uh8CUSspeDrL9jBzXHz2975bW
Jy08YNw8a8rG0WAoRWnl1prPpTaWGNsPwV5vAecvtZvvwoh6Aid0ogyIfp/SQbjU
WNQA02zZ+jQW2zROk3B3+p0Vmtp1ZCtFM6x8lMeIWeOlZbXtXbLsgDsyURlOGKuI
m5Ehpt/0NbuaILo+LcoHoNEisbZCv+77WhdyRdDPyAvsTI6fpf56buiagVasoRjt
bwI9dFsepOqRb9TwcO/ZXx/qkC8BRJtd1BWwxaEj4r08MTRBiCJbXq6e1dmXjwYy
rWRnXa0HxVcwNrjnKzBNvPk8Jfws1heNIoKL+GiR25PjWXfJ6Wd4SlmsTIM2ckQE
5FiEK2LYtnOcFMYyBTS36zZFIwYGbweDGepMMK525EStqTHxnnqycirx4j8BFN3d
je4mrAkOsWn+nUShK/WRJfHWi+hsqJvkhXXfgPfE8RlP3YlTN1OrBDwfnKEifWRk
JmhJfNjX0YRKOvwi2ALBFs21/EPQLXGEM0IFkIoD76I1d+r8Ph9FQMP1h0B9902C
JYX6YgQ8gcTFu7rISnDKKz29dcQYeg3KEP0wq0WYNNk1Ck62jE9nDRfBeVFRct7S
EtpMxCnbrt8=
=8NgZ
-----END PGP SIGNATURE-----