Microsoft Security Bulletin Coverage (Jan 13, 2015)

Dell SonicWALL has analyzed and addressed Microsoft's security advisories for the month of January, 2015. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS15-001 Vulnerability in Windows Application Compatibility Cache Could Allow Elevation of Privilege (3023266)

• CVE-2015-0002 Microsoft Application Compatibility Infrastructure Elevation of Privilege Vulnerability
  This is a local vulnerability.

MS15-002 Vulnerability in Windows Telnet Service Could Allow Remote Code Execution (3020393)

• CVE-2015-0014 Windows Telnet Service Buffer Overflow Vulnerability
  IPS: 10696 "Suspicious Telnet Traffic 1".

MS15-003 Vulnerability in Windows User Profile Service Could Allow Elevation of Privilege (3021674)

• CVE-2015-0004 Microsoft User Profile Service Elevation of Privilege Vulnerability
  This is a local vulnerability.

MS15-004 Vulnerability in Windows Components Could Allow Elevation of Privilege (3025421)

• CVE-2015-0016 Directory Traversal Elevation of Privilege Vulnerability
  IPS: 6218 "Microsoft CTSWebProxy ActiveX Elevation of Priviledge".

MS15-005 Vulnerability in Network Location Awareness Service Could Allow Security Feature Bypass (3022777)

• CVE-2015-0006 NLA Security Feature Bypass Vulnerability
  There are no known exploits in the wild.

MS15-006 Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)

• CVE-2015-0001 Windows Error Reporting Security Feature Bypass Vulnerability
  This is a local vulnerability.

MS15-007 Vulnerability in Network Policy Server RADIUS Implementation Could Cause Denial of Service (3014029)

• CVE-2015-0015 Network Policy Server RADIUS Implementation Denial of Service Vulnerability
  There are no known exploits in the wild.

MS15-008 Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3019215)

• CVE-2015-0011 WebDAV Elevation of Privilege Vulnerability
  IPS: 6212 "WebdavRedirector Handle".