Microsoft put out nine bulletins for Patch Tuesday 2015 two of which have grabbed most of the attention. They are MS15-011 and MS15-014 both of which relate to Microsoft’s Group Policy System. The reason they have got so much attention is twofold.
- They both promote Remote Code Execution by sending malware to a client when it requests a file from a server.
- Both involve Group Policy and Group Policy Objects which are normally used to improve security and simplify administration
In addition, one of the bugs has been given the name JASBUG ; JAS Global Advisors who spotted it chose to name it after themselves and have given it much publicity.
Briefly, the way the two vulnerabilities can be exploited is as follows. Usually when a client connects to Active Directory Network the server makes sure of the clients authenticity before allowing download or access to files. On the other hand the client does not usually authenticate the server or even if it does, can be tricked into bypassing it. As a result when a client tries to access the server an attacker can redirect it to a fraudulent server, and thereby feed malicious files or programs infested with malware.
However in spite of the publicity that JASBUG has received users should not neglect some of the other fixes. Here are the more important ones. MS15-009; This update fixes 41 vulnerabilities for Internet Explorer including one that is publicly known. This includes bugs that could potentially infect your computer merely by visiting a malicious webpage.
MS15-010: This patches 6 vulnerabilities in the kernel including font rendering problems. Thus an innocuous looking font file, embedded in a document or a webpage, could take over execution rights inside the operating system and gain complete control over your computer.
MS15-012: This addresses three remotely exploitable vulnerabilities in Office and significantly in the MS Word Viewer. Your computer could get taken over merely by opening a booby trapped attachment.
Home users , who most probably do not use Active Directory or GPOs need not worry about JASBUG. On the other the above three bugs could open the door for an attacker to take over your computer.
Adobe so far has not put out any fixes for Patch Tuesday. However this may be due to the fact that three emergency updates were put out after January Patch Tuesday.