Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Microsoft Patches Graphics Component Flaw Under Attack

Microsoft Patches Graphics Component Flaw Under Attack


Microsoft patched a vulnerability in its graphics component present in Windows, Office and Lync that has been publicly attacked, and is one of five vulnerabilities patched this month that have been publicly disclosed. Microsoft released a dozen bulletins this month, five of them it rates critical, including separate updates for Internet Explorer and the new Edge browser in Windows 10, the second month in a row Edge has been patched since it was released. The Microsoft Graphics Component bulletin, MS15-097, patches 11 vulnerabilities. The highest priority should be CVE-2015-2546, a memory corruption bug that leads to elevation of privilege that is under attack. Microsoft rated the bug “Important”, likely because this vulnerability can allow an attacker to log on to a vulnerable Windows machine and run code; it provided no further details on the attacks or where the vulnerability was disclosed.

Source:
Threatpost
 
Microsoft Security Bulletin
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis