Microsoft's February 2015 Patch Tuesday Addresses 41 IE Bugs and More
Microsoft released nine security bulletins in February 2015, following a hectic month for security professionals due to Adobe Flash 0-day vulnerabilities. The updates included four critical and five important patches, addressing remote and local vulnerabilities across various Microsoft products.
Microsoft's most significant bulletin, MS15-009, fixed 41 Internet Explorer vulnerabilities. Another critical bulletin, MS15-010, addressed six Windows OS vulnerabilities present in all versions from Server 2003 to Windows 8.1. Notably, Microsoft did not address the vulnerability in Windows Server 2003 due to potential functionality issues, as the product's end-of-life is in July 2015.
MS15-011 stood out for exploiting a vulnerability in the Microsoft Group Policy mechanism, enabling remote code execution in enterprise environments. Meanwhile, Adobe swiftly addressed known Flash vulnerabilities with fixes APSB15-02, 03, and 04 within a week. MS15-012 addressed three vulnerabilities, including a critical remote code execution flaw exploitable through social engineering.
Microsoft's February 2015 Patch Tuesday addressed a wide range of vulnerabilities, with Adobe also swiftly responding to Flash issues. Despite not patching Windows Server 2003 due to potential functionality issues, Microsoft's comprehensive updates highlight the importance of keeping systems up-to-date to mitigate security risks.
