Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if an attacker sends specially crafted data to a WinForms application running in partial trust.
Monthly Archives: May 2015
MS15-052 – Important: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (3050514) – Version: 1.0
Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker can log on to an affected system and run a specially crafted application.
MS15-044 – Critical: Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution (3057110) – Version: 1.0
Severity Rating: Critical
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, and Microsoft Silverlight. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded TrueType fonts.
MS15-045 – Critical: Vulnerability in Windows Journal Could Allow Remote Code Execution (3046002) – Version: 1.0
Severity Rating: Critical
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS15-049 – Important: Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985) – Version: 1.0
Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system. To exploit the vulnerability an attacker would first have to log on to the system or convince a logged on user to execute the specially crafted application.
MS15-050 – Important: Vulnerability in Service Control Manager Could Allow Elevation of Privilege (3055642) – Version: 1.0
Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves a vulnerability in Windows Service Control Manager (SCM), which is caused when SCM improperly verifies impersonation levels. The vulnerability could allow elevation of privilege if an attacker can first log on to the system and then run a specially crafted application designed to increase privileges.
RHSA-2015:0957-1: Moderate: spacewalk-java security update
RHN Satellite and Proxy: Updated spacewalk packages that fix one security issue are now available
for Red Hat Satellite 5.7.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
CVE-2014-8162
RHBA-2015:0956-1: Red Hat Enterprise Virtualization Manager 3.5.1-1 Async update
Red Hat Enterprise Linux: Red Hat Enterprise Virtualization Manager 3.5.1-1 is now available.
RHBA-2015:0954-1: selinux-policy bug fix update
Red Hat Enterprise Linux: An updated selinux-policy package that fixes several bugs is now available for
Red Hat Enterprise Linux 6.5 Extended Update Support.
RHBA-2015:0953-1: selinux-policy bug fix update
Red Hat Enterprise Linux: An updated selinux-policy package that fixes several bugs is now available for
Red Hat Enterprise Linux 6.