Microsoft has come up with its most important Patch Tuesday for this year, addressing the recently disclosed critical the FREAK encryption-downgrade attack, and a separate five-year-old vulnerability leveraged by infamous Stuxnet malware to infect Windows operating system.
Stuxnet malware, a sophisticated cyber-espionage malware allegedly developed by the US Intelligence and Israeli government together, was specially designed to sabotage the Iranian nuclear facilities a few years ago. First uncovered in 2010, Stuxnet targeted computers by exploiting vulnerabilities in Windows systems.
Thankfully, Microsoft has issued a patch to protect its Windows machines that have been left vulnerable to Stuxnet and other similar attacks for the past five years. The fixes are included in MS15-020 which resolves Stuxnet issue.
The company has also issued an update that patches the FREAK encryption vulnerability in its SSL/TSL implementation called Secure Channel (Schannel). The fixes for the vulnerability are included in MS15-031.
As we have mentioned in our previous report, FREAK — short for Factoring attack on RSA-EXPORT Keys — was initially thought to be associated with Apple’s Safari and Android’s stock browsers, but it was found to affect Windows PCs as well.
This decades-old FREAK vulnerability allows an attacker on your network to force the software using Schannel component such as Internet Explorer to use weak encryption over the web, so that they caneasily decrypt the intercepted HTTPS connections.
Among these two critical issues, the company has also released a bunch of other updates. Microsoft’s March 2015 Patch Tuesday update bundles a total of 14 security-related updates for 43 vulnerabilities affecting Internet Explorer, VBscript, Text Services, Adobe Font Drivers, and Office.
- MS15-018 – A Cumulative Security Update, rated as ‘critical’, affects all supported versions of Internet Explorer and addresses a number of Memory Corruption vulnerabilities, two elevation of privilege vulnerabilities, and a VBscript memory corruption vulnerability.
- MS15-019 – This update addresses a scripting vulnerability in some older versions of Windows operating systems. The vulnerability doesn’t affect Windows 7 and later desktop versions.
- MS15-021 – It addresses eight vulnerabilities in the Adobe Font Driver components for Windows and Windows Server exploitable through a malicious website or file. It is also rated ‘critical’ due to the possibility of remote code execution.
- MS15-022 – This update fixes three unknown flaws in Office document formats as well as multiple cross-site scripting (XSS) issues for SharePoint Server, and applies to all supported versions of Microsoft Office, as well as the server-based Office Web Apps and SharePoint Server products.
- MS15-023 – This bulletin, rated as ‘important’, addresses four vulnerabilities in the Windows Kernel-Mode driver allowing elevation of privilege and information disclosure attacks by launching a specially-crafted application.