Microsoft Security Bulletins For June 2015

TechExpert

This page offers detailed information about Microsoft's June 2015 Patch Day. The company releases security patches for its Windows operating system as well as other company products on the second Tuesday of each month.

The guide provides you with information about each security bulletin that Microsoft released on June 9, 2015 that include affected products, severity information as well as links to the bulletins to look up further information.

I addition to that, you find an executive summary in the beginning listing the most important changes, information about the operating system and Microsoft product distribution, new or revised security advisory information, a list of non-security updates the company released since the last patch day and information on how to download the patches to devices.

Executive Summary

  • A total of eight bulletins were released on this patch day by Microsoft.
  • Two security bulletins, MS15-056 and MS15-057 received the highest severity rating of critical.
  • All client operating systems are affected by at least one critical vulnerability.
  • On the server side, only Windows Server 2008 and 2008 R2 are affected by a critically rated bulletin.
  • Other Microsoft products affected this month by vulnerabilities are Microsoft Office and Microsoft Exchange Server 2013.

Operating System Distribution

Windows Vista and Windows 7 are two client operating systems that are affected the most this month. Both share the same bulletin severity while Windows 8x and newer versions are not affected by MS15-057, a vulnerability affecting Windows Media Player.

The situation is different on the server side. Windows Server 2008 and 2008 R2 are affected by most vulnerabilities including one that received the severity rating of critical.

  • Windows Vista: 2 critical, 2 important (MS15-056, MS15-056, MS15-060, MS15-061)
  • Windows 7: 2 critical, 2 important (MS15-056, MS15-057, MS15-067, MS15-061)
  • Windows 8.x: 1 critical, 2 important (MS15-056, MS15-060, MS15-061)
  • Windows RT: 1 critical, 2 important (MS15-056, MS15-060, MS15-061)
  • Windows Server 2003: 1 critical, 1 important, 1 moderate (MS15-056, MS15-057, MS15-061)
  • Windows Server 2008 and 2008 R2: 1 critical, 2 important, 1 moderate (MS15-056, MS15-057, MS15-060, MS15-061)
  • Windows Server 2012 and 2012 R2: 2 important, 1 moderate (MS15-056, MS15-060, MS15-061)
  • Server Core: 2 important (MS15-060, MS15-061)

Other Microsoft Products

  • Microsoft Exchange Server 2013: 1 important (MS15-064)
  • Microsoft Office 2007, 2010, 2013, 2013 RT; 1 important (MS15-059)

Security Bulletins

  • MS15-056 - Cumulative Security Update for Internet Explorer (3058515) - Critical - Remote Code Execution
  • MS15-057 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (3033890) - Critical - Remote Code Execution
  • MS15-059 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3064949) - Important - Remote Code Execution
  • MS15-060 - Vulnerability in Microsoft Common Controls Could Allow Remote Code Execution (3059317) - Important - Remote Code Execution
  • MS15-061 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057839) - Important - Elevation of Privilege
  • MS15-062 - Vulnerability in Active Directory Federation Services Could Allow Elevation of Privilege (3062577) - Important - Elevation of Privilege
  • MS15-063 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (3063858) - Important - Elevation of Privilege
  • MS15-064 - Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3062157) - Important - Elevation of Privilege

Security Advisories and updates

  • Microsoft Security Advisory 2962393 - Update for Vulnerability in Juniper Networks Windows In-Box Junos Pulse Client
  • Microsoft Security Advisory 2755801 (revised) - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

Non-security related updates

  • Update for Windows 7 (KB2952664) - Compatibility update for upgrading Windows 7
  • Update for Windows 8.1 and Windows 8 (KB2976978) - Compatibility update for Windows 8.1 and Windows 8
  • Update for Windows 7 (KB2977759) - Compatibility update for Windows 7 RTM
  • Update for Windows 7 and Windows Server 2008 R2 (KB3050265) - Windows Update Client for Windows 7: June 2015
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3050267) - Windows Update Client for Windows 8.1: June 2015
  • Update for Windows 8.1, Windows Server 2012 R2, Windows 7, and Windows Server 2008 R2 (KB3068708) - Update for customer experience and diagnostic telemetry
  • Update for Windows Server 2012 R2 (KB3019270) - Update to remove duplicate descriptions for Office 365 integration in Windows Server 2012 R2 Essentials
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3029432) - The logon process for new users takes significantly longer as the number of user profiles increases in Windows
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3029603) - xHCI driver crashes after you resume computer from sleep mode in Windows 8.1 or Windows Server 2012 R2
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3034348) - "Access denied" error when you use a Windows Store app to configure printer property settings in Windows
  • Update for Windows 8.1 and Windows Server 2012 R2 (KB3037313) - Old files are not removed after a migration of virtual machine storage in Windows 8.1 or Windows Server 2012 R2
  • Update for Windows 8, Windows RT, and Windows Server 2012 (KB3040272) - Start time increases after another language is added to VM images in Windows Server 2012
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3041857) - "Code 0x80070057 The parameter is incorrect" error when you try to display a user's "effective access" to a file
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3045634) - You cannot make a PPP connection after you reconnect a PLC device in Windows 8.1 or Windows 8
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3045746) - Single string is drawn by multiple fonts in the TextBox control of Windows Store application in Windows
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3054464) - Applications that use the AddEntry method may crash in Windows
  • Update for Windows 7 and Windows Server 2008 R2 (KB3054476) - May 2015 update for stream.sys driver-based applications in Windows 7 or Windows Server 2008 R2
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB3055323) - Update to enable a security feature in Windows 8.1 or Windows Server 2012 R2
  • Update for Windows 8.1, Windows RT 8.1, Windows 8, and Windows RT (KB3055999) - Update APN database entry for SaskTel (Canada) in Windows 8.1 and 8
  • Update for Windows 8.1 and Windows 7 (KB3035583) - Update enables additional capabilities for Windows Update notifications in Windows 8.1 and Windows 7 SP1

How to download and install the June 2015 security updates

Patches are distributed via Microsoft's automatic update system to home users worldwide. While that covers most home users, some may have blocked automatic updates from being deployed on their systems, for instance to run tests first or wait for stability reports before patches are applied.

If you have configured automatic updates, you may still want to run a check right away so that the updates can be downloaded and installed on a system running Windows right away. If you don't do that, you may wait hours before the patches are picked up automatically.

The best method to run update checks is the following:

  • Tap on the Windows-key on your keyboard to bring up the start menu or start screen.
  • Type Windows Update and select the appropriate result from the list of results.
  • There you need to select "check for updates" to run a manual check for updates.
  • The system should find the updates so that they can be downloaded and installed right away.

Alternatives are provided for users who don't use automatic updates. Updates are made available on Microsoft's Download Center from where they can be downloaded. Another alternative is the monthly security ISO image that Microsoft releases.

Last but not least, third-party software is also provided to download updates and patches to systems. These third-party solutions may improve the user experience, for instance by allowing you to download patches for multiple versions of Windows from a single machine in one go.

Additional information

This article was first seen on ComTek's "TekBits" Technology News

HOME