NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

January 2015 Patch Tuesday

January 15, 2015

  • Blog
  • Archive
Starting off the new year, Microsoft directs its focus more toward user rights and access. For the majority of bulletins, an attacker would need some form of authentication prior to elevating their privileges. Aside from these, the most notable vulnerability lies within an old friend named Telnet, which even the newer versions of windows are affected by. Also, Google’s security research team has offered up its fair share of findings this month with three vulnerabilities, two of which were publicly disclosed prior to this Patch Tuesday. MS15-001 – First up, we see a vulnerability in Microsoft’s Application Compatibility Infrastructure. This vulnerability was publicly disclosed by Google’s security research team, Project Zero, prior to the bulletin’s release. The issue involves an improper authorization check against a caller’s impersonation token, which can be used to elevate the privileges of an application. Successful exploitation requires the attacker to be authenticated. MS15-002 – Next, and certainly not least, Telnet makes a very interesting return which can allow remote code execution. An attacker can send specially crafted packets to the listening telnet server causing a buffer overflow. Telnet is not enabled by default, but this vulnerability serves as a reminder that it’s a good idea to enforce a GPO which does not allow a service such as this to run, as there are much more secure methods of remotely administering Windows systems. MS15-003 – This vulnerability, involving the User Profile Service, was also publicly released by Google’s Project Zero, prior to the bulletin. Successful exploitation can allow an authenticated attacker to load registry hives associated with other user accounts, and subsequently running an arbitrary application with elevated privileges. MS15-004 – Here we have another privilege elevation vulnerability, in which the victim must manually run a maliciously crafted application. Once exploited, an attacker can gain the same user rights as the victim. To prevent total system compromise, it’s good practice to avoid running as administrator as well as avoid running untrusted applications. MS15-005 – This bulletin involves the Network Location Awareness Service which fails to properly validate an untrusted network. An attacker can spoof DNS and LDAP responses tricking the system into thinking a network is part of a trusted domain. One thing to note here is that Microsoft did not supply a patch for Server 2003 systems and as we continue to approach the system’s end-of-life date (July 2015), we can expect to see more of these types of occurrences. MS15-006 - Windows Error Reporting (WER) contains a vulnerability that could allow an administrative user to view the memory of protected processes. This could allow the malicious user who already has administrative rights to possibly gain additional credentials which could be leveraged in lateral attacks against other systems. The update addresses this vulnerability by correcting the way in which the WER interacts with processes. MS15-007 - Another privately reported vulnerability in this group could lead to a Denial of Service on an Internet Authentication Service or Network Policy Server if a user sends certain username strings to either, thereby preventing RADIUS authentication. The update changes the way in which Network Policy Servers parse the username queries when RADIUS is implemented. MS15-008 - This single vulnerability update, also credited to Google’s Project Zero, addresses a WebDAV kernel-mode driver issue that allows an attacker with valid logon credentials to gain privilege elevation. The update, corrects the way in which impersonation levels are validated and enforced. As we have repeatedly pointed out in the past, a great method of reducing the attack surface is to disable the WebClient service, which is typically used to leverage attacks that utilize WebDav to transfer data. This is different as it is an issue with an underlying driver, so even if WebClient was disabled, you may still be vulnerable. The following vulnerability audits have been released in audits revision 2868: [MS15-001] - Vulnerability in Windows Application Compatibility Cache Could Allow Elevation of Privilege (3023266) 44404 - Microsoft Windows Application Compatibility Cache Privilege Elevation (3023266) 44406 - Microsoft Windows Application Compatibility Cache Privilege Elevation (3023266) 44412 - Microsoft Windows Application Compatibility Cache Privilege Elevation (3023266) [MS15-002] - Vulnerability in Windows Telnet Service Could Allow Remote Code Execution (3020393) 44411 - Microsoft Windows Telnet Service Remote Code Execution (3020393) [MS15-003] - Vulnerability in Windows User Profile Service Could Allow Elevation of Privilege (3021674) 44405 - Microsoft Profile Service Privilege Escalation (3021674) - 2003 44407 - Microsoft Profile Service Privilege Escalation (3021674) [MS15-004] - Vulnerability in Windows Components Could Allow Elevation of Privilege (3025421) 44398 - Microsoft Windows Components Elevation of Privileges (3025421) KB3019978 7/20082 44400 - Microsoft Windows Components Elevation of Privileges (3025421) - KB3023299 44401 - Microsoft Windows Components Elevation of Privileges (3025421) - KB3020387 44403 - Microsoft Windows Components Elevation of Privileges (3025421) - KB3020388 44431 - Microsoft Windows Components Elevation of Privileges (3025421) KB3019978 8/2012 44432 - Microsoft Windows Components Elevation of Privileges (3025421) KB3019978 81/R2 [MS15-005] - Vulnerability in Network Location Awareness Service Could Allow Security Feature Bypass (3022777) 44399 - Microsoft Network Location Awareness Service Security Bypass (3022777) 44402 - Microsoft Network Location Awareness Service Security Bypass (3022777) - 2003 [MS15-006] - Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365) 44396 - Microsoft Windows Error Reporting Security Bypass (3004365) [MS15-007] - Vulnerability in Network Policy Server RADIUS Implementation Could Cause Denial of Service (3014029) 44397 - Microsoft Network Policy Server RADIUS Implementation DoS (3014029) [MS15-008] - Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3019215) 44410 - Microsoft Windows Kernel-Mode Driver Privilege Elevation (3019215)
Photograph of Scott Lang

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.