CVE-2015-0081
published 2015-03-11CVE-2015-0081: Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1…
PriorityP270critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
23.76%
97.5th percentile
Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "WTS Remote Code Execution Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The exploit file must be opened in WordPad — monitor WordPad (wordpad.exe) process spawning unexpected child processes or loading unusual DLLs as a detection vector. ↗
- →The vulnerability is triggered via a crafted web site or file delivered to the victim — monitor for delivery of .rar or crafted document files exploiting Windows Text Services (WTS) memory corruption. ↗
- ·The vulnerability is described as 'unspecified' in technical detail — no specific memory corruption offset, shellcode, or binary signature is publicly documented beyond the PoC RAR file. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Talos
Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
blogs_talos·2015-03-10·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
## Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 45 CVEs. The first 5 bulletins are rated critical and address vulnerabilities within Internet Explorer, Office, Windows, and VBScript. The remaining 9 bulletins are rated important and cover vulnerabilities within Windows Kernel Mode Drivers, Exchange, Task Scheduler, Remote Desktop, SChannel, and the Microsoft Graphics component.
## Bulletins Rated Critical MS15-018, MS15-019, MS15-020, MS15-021, and MS15-022 are rated Critical.
MS15-018 addresses multiple vulnerabilities within Internet Explor
Talos
Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
blogs_talos·2015-03-10·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK
Patched
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 45 CVEs. The first 5 bulletins are rated critical and address vulnerabilities within Internet Explorer, Office, Windows, and VBScript. The remaining 9 bulletins are rated important and cover vulnerabilities within Windows Kernel Mode Drivers, Exchange, Task Scheduler, Remote Desktop, SChannel, and the Microsoft Graphics component.
### Bulletins Rated CriticalMS15-018, MS15-019, MS15-020, MS15-021, and MS15-022 are rated Critical.
MS15-018 addresses multiple vulnerabilities within Internet Explorer, versions 6 through 11. 12 CVEs were resolved this month, including CVE-2015-0
http://www.securityfocus.com/bid/72886http://www.securitytracker.com/id/1031890https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-020http://www.securityfocus.com/bid/72886http://www.securitytracker.com/id/1031890https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-020
2015-03-11
Published