ALERT: Apply Microsoft Windows DNS, Office, and Windows Updates ASAP
Thursday, December 10, 2015
This information is intended for U-M IT staff who are responsible for university machines with Microsoft Windows DNS, Microsoft Office, or Microsoft Windows installed. It was sent via email to U-M IT staff groups on December 10, 2015.
Summary
Microsoft has released critical and important security updates for Microsoft Windows Domain Name Service (DNS), Office, and Windows that should be applied as soon as possible to address serious vulnerabilities. All updates rated by Microsoft as “critical” should be applied quickly after appropriate testing, but the following updates should be prioritized:
- Windows DNS (MS15-127 - critical). Resolves a vulnerability in Microsoft Windows servers that provide DNS services (such as domain controllers) that could allow remote code execution if an attacker sends specially crafted requests to a DNS server.
- Office (MS15-131 - critical). Resolves vulnerabilities that could allow remote code execution if a user opens a specially crafted Microsoft Office file.
- Windows (MS15-135 - important). Resolves vulnerabilities that could allow elevation of privilege if an attacker logs on to a target system and runs a specially crafted application.
Threats
- The Windows DNS update resolves a vulnerability that is a very significant concern for anyone running a Windows domain controller or other Windows system that acts as a DNS server. It is critical that the update be applied as soon as possible because the consequences of exploitation are serious and exploitation is likely to occur quickly after exploits are developed.
- Both the Windows and Office updates resolve vulnerabilities that are already being exploited in the wild.
Affected Versions
- Microsoft Windows DNS with Windows Server 2008, 2008 RT, 2012, and 2012 RT.
- Microsoft Office 2007, 2010, 2013, 2016, 2013 RT, 2011 (Mac), 2016 (for Mac), as well as the Microsoft Excel Viewer and Office Compatibility Pack Service Pack 3.
- Microsoft Windows Vista, 7, 8, 8.1,10, RT, RT 8.1, Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2.
Action Items
Apply all updates as soon as possible after appropriate testing. It is especially important to apply the update for Windows systems acting as DNS servers. The other updates should also be applied quickly.
Information for Users
MiWorkspace machines will be updated as soon as possible. If you have Microsoft Windows or Microsoft Office installed on your own devices that are not managed by the university, please apply the security updates as soon as possible. We recommend that you set this software for automatic updates.
In general, the best protection for your devices is this: keep your software and apps up-to-date, do not click suspicious links in email, do not open email attachments unless you are expecting them and trust the person who sent them, and only use secure, trusted networks. For more information, see Spam, Phishing, and Suspicious Email, Instructions for Securing Your Devices and Data, and Use a Secure Internet Connection on the U-M Safe Computing website.
Questions, Concerns, Reports
Please contact [email protected].
References
- Microsoft Security Bulletin MS15-127 - Critical. Security Update for Microsoft Windows DNS to Address Remote Code Execution (3100465) (12/08/15)
- Microsoft Security Bulletin MS15-131 - Critical. Security Update for Microsoft Office to Address Remote Code Execution (3116111) (12/08/15)
- Microsoft Security Bulletin MS15-135 - Important. Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3119075) (12/8/15)