==================================================================== CERT-Renater Note d'Information No. 2015/VULN080 _____________________________________________________________________ DATE : 13/05/2015 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Windows version Vista, Server 2008, 7, 8, 8.1, RT, RT 8.1, Server 2012 running Microsoft Management Console. ====================================================================== KB3051768 https://technet.microsoft.com/en-us/library/security/MS15-054 ______________________________________________________________________ MS15-054: Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service (3051768) Bulletin Number: MS15-054 Bulletin Title: Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service Severity: Important KB Article: 3051768 Version: 1.0 Published Date: May 12, 2015 Executive Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote, unauthenticated attacker can convince a user to open a share containing a specially crafted .msc file. However, the attacker has no means to force a user to visit the share or view the file. This security update is rated Important for all supported editions of Microsoft Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. For more information, see the Affected Software section. Affected Software Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Windows 8 for 32-bit Systems Windows 8 for x64-based Systems Windows 8.1 for 32-bit Systems Windows 8.1 for x64-based Systems Windows Server 2012 Windows Server 2012 R2 Windows RT Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2012 R2 (Server Core installation) [1]This update is available via Windows Update only. Vulnerability Information Microsoft Management Console File Format Denial of Service Vulnerability - CVE-2015-1681 This vulnerability allows an unauthenticated attacker to create a denial of service condition if the attacker can convince a user to open a share containing a specially crafted .msc file. However, the attacker has no means to force a user to visit the share or view the file. The vulnerability exists when Windows attempts to access a specially crafted .msc file to retrieve the icon information, and then fails to properly validate a destination buffer resulting in a denial of service. Servers and workstations are most at risk from this vulnerability. The update addresses the vulnerability by correcting how Windows validates the destination buffers in certain scenarios. Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers. ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================