Acknowledgments – 2015

Microsoft extends thanks to the following for working with us to help protect customers.

Bulletin ID Vulnerability Title CVE ID Acknowledgment
December 2015
MS15-135 Windows Kernel Memory Elevation of Privilege Vulnerability CVE-2015-6171 Nils Sommer of bytegeist, working with Google Project Zero
MS15-135 Windows Kernel Memory Elevation of Privilege Vulnerability CVE-2015-6173 Nils Sommer of bytegeist, working with Google Project Zero
MS15-135 Windows Kernel Memory Elevation of Privilege Vulnerability CVE-2015-6174 Nils Sommer of bytegeist, working with Google Project Zero
MS15-135 Windows Kernel Memory Elevation of Privilege Vulnerability CVE-2015-6175 ChenDong Li of Tencent
MS15-134 Windows Media Center Information Disclosure Vulnerability CVE-2015-6127 Francisco Falcon of Core Security
MS15-134 Media Center Library Parsing RCE Vulnerability CVE-2015-6131 Zhang YunHai of NSFOCUS Security Team
MS15-134 Windows Library Loading Remote Code Execution Vulnerability CVE-2015-6128 Steven Vittitoe of Google Project Zero
MS15-134 Windows Library Loading Remote Code Execution Vulnerability CVE-2015-6128 Parvez Anwar
MS15-132 Windows Library Loading Remote Code Execution Vulnerability CVE-2015-6132 Yorick Koster of Securify B.V.
MS15-132 Windows Library Loading Remote Code Execution Vulnerability CVE-2015-6132 Steven Vittitoe of Google Project Zero
MS15-131 Microsoft Office Memory Corruption Vulnerability CVE-2015-6040 Steven Vittitoe of Google Project Zero
MS15-131 Microsoft Office Memory Corruption Vulnerability CVE-2015-6118 Kai Lu of Fortinet's FortiGuard Labs
MS15-131 Microsoft Office Memory Corruption Vulnerability CVE-2015-6122 Steven Vittitoe of Google Project Zero
MS15-131 Microsoft Office RCE Vulnerability CVE-2015-6172 Haifei Li
MS15-131 Microsoft Office Memory Corruption Vulnerability CVE-2015-6177 Kai Lu of Fortinet's FortiGuard Labs
MS15-130 Windows Integer Underflow Vulnerability CVE-2015-6130 Hossein Lotfi, Secunia Research (now part of Flexera Software)
MS15-129 Microsoft Silverlight Information Disclosure Vulnerability CVE-2015-6165 Marcin 'Icewall' Noga of Cisco Talos
MS15-128 Graphics Memory Corruption Vulnerability CVE-2015-6106 Steven Vittitoe of Google Project Zero
MS15-128 Graphics Memory Corruption Vulnerability CVE-2015-6107 Steven Vittitoe of Google Project Zero
MS15-126 Scripting Engine Information Disclosure Vulnerability CVE-2015-6135 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-126 Scripting Engine Memory Corruption Vulnerability CVE-2015-6136 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-126 Scripting Engine Memory Corruption Vulnerability CVE-2015-6136 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-126 Scripting Engine Memory Corruption Vulnerability CVE-2015-6136 Yuki Chen of Qihoo 360Vulcan Team
MS15-126 Scripting Engine Memory Corruption Vulnerability CVE-2015-6137 Anonymous contributor, working with VeriSign iDefense Labs
MS15-125 Microsoft Browser Elevation of Privilege Vulnerability CVE-2015-6139 Michal Bentkowski
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6140 Bo Qu of Palo Alto Networks
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6142 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6142 Zheng Huang of the Baidu Scloud XTeam, working with VeriSign iDefense Labs
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6148 A3F2160DCA1BDE70DA1D99ED267D5DC1EC336192, working with HP’s Zero Day Initiative
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6151 Li Kemeng of Baidu Security Team(x-Team) , working with HP’s Zero Day Initiative
MS15-125 Microsoft Edge Memory Corruption Vulnerability CVE-2015-6153 Shi Ji (@Puzzor) of VARAS@IIE
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6154 ChenDong Li and YunZe Ni of Tencent
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6155 Zheng Huang of the Baidu Scloud XTeam, working with VeriSign iDefense Labs
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6158 Zheng Huang of the Baidu Scloud XTeam, working with VeriSign iDefense Labs
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6159 Zheng Huang of the Baidu Scloud XTeam
MS15-125 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6159 Jason Kratzer, working with HP’s Zero Day Initiative
MS15-125 Microsoft Browser ASLR Bypass CVE-2015-6161 Rh0
MS15-125 Microsoft Edge Memory Corruption Vulnerability CVE-2015-6168 SkyLined, working with HP’s Zero Day Initiative
MS15-125 Microsoft Edge Spoofing Vulnerability CVE-2015-6169 Stephan Brunner
MS15-125 Microsoft Edge Elevation of Privilege Vulnerability CVE-2015-6170 Mario Heiderich of Cure53
MS15-125 Microsoft Edge XSS Filter Bypass Vulnerability CVE-2015-6176 Masato Kinugawa
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6083 Hui Gao of Palo Alto Networks
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6083 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6134 SkyLined, working with HP’s Zero Day Initiative
MS15-124 Scripting Engine Information Disclosure Vulnerability CVE-2015-6135 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-124 Scripting Engine Information Disclosure Vulnerability CVE-2015-6136 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-124 Microsoft Browser Elevation of Privilege Vulnerability CVE-2015-6139 Michal Bentkowski
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6140 Bo Qu of Palo Alto Networks
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6141 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6142 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-124 Microsoft Browser XSS Filter Bypass Vulnerability CVE-2015-6144 Masato Kinugawa
MS15-124 Microsoft Browser XSS Filter Bypass Vulnerability CVE-2015-6144 Filedescriptor
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6145 Cong Zhang and Yi Jiang, working with Beijing VRV Software Co., LTD.
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6146 Bo Qu of Palo Alto Networks
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6147 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6148 A3F2160DCA1BDE70DA1D99ED267D5DC1EC336192, working with HP’s Zero Day Initiative
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6149 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6150 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6151 Li Kemeng of Baidu Security Team(x-Team) , working with HP’s Zero Day Initiative
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6152 Moritz Jodeit of Blue Frost Security
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6153 Shi Ji (@Puzzor) of VARAS@IIE
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6154 ChenDong Li and YunZe Ni of Tencent
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6155 Zheng Huang of the Baidu Scloud XTeam, working with VeriSign iDefense Labs
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6156 Anonymous contributor, working with VeriSign iDefense Labs
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6157 Zheng Huang of the Baidu Scloud XTeam, working with VeriSign iDefense Labs
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6158 Zheng Huang of the Baidu Scloud XTeam, working with VeriSign iDefense Labs
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6159 Zheng Huang of the Baidu Scloud XTeam
MS15-124 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6159 Jason Kratzer, working with HP’s Zero Day Initiative
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6160 Garage4Hackers, working with HP’s Zero Day Initiative
MS15-124 Internet Explorer ASLR Bypass CVE-2015-6161 Rh0
MS15-124 Internet Explorer Memory Corruption Vulnerability CVE-2015-6162 Wenxiang Qian of TencentQQBrowser
November 2015
MS15-123 Server Input Validation Information Disclosure Vulnerability CVE-2015-6061 Fatih Ozavci - Sense of Security
MS15-122 Windows Kerberos Security Feature Bypass CVE-2015-6095 Ian Haken of Synopsys Inc.
MS15-119 Winsock Elevation of Privilege Vulnerability CVE-2015-2478 Alex Ionescu of Winsider Seminars & Solutions Inc.
MS15-119 Winsock Elevation of Privilege Vulnerability CVE-2015-2478 Thomas Faber, of CrowdStrike Inc.
MS15-118 .NET Elevation of Privilege Vulnerability CVE-2015-6099 John Page aka hyp3rlinx
MS15-117 Windows NDIS Elevation of Privilege Vulnerability CVE-2015-6098 Nils Sommer of bytegeist, working with Google Project Zero
MS15-116 Microsoft Office Memory Corruption Vulnerability CVE-2015-6038 Steven Seeley of Source Incite, working with HP’s Zero Day Initiative
MS15-116 Microsoft Office Memory Corruption Vulnerability CVE-2015-6091 Steven Vittitoe of Google Project Zero
MS15-116 Microsoft Office Memory Corruption Vulnerability CVE-2015-6092 Steven Vittitoe of Google Project Zero
MS15-116 Microsoft Office Memory Corruption Vulnerability CVE-2015-6093 SignalSEC Research, working with HP’s Zero Day Initiative
MS15-116 Microsoft Office Memory Corruption Vulnerability CVE-2015-6094 Steven Seeley of Source Incite, working with HP’s Zero Day Initiative
MS15-116 Microsoft Outlook for Mac Spoofing Vulnerability CVE-2015-6123 Mark Robbins Rebelmail
MS15-115 Windows Kernel Memory Elevation of Privilege Vulnerability CVE-2015-6100 Nils Sommer of bytegeist, working with Google Project Zero
MS15-115 Windows Kernel Memory Elevation of Privilege Vulnerability CVE-2015-6101 Nils Sommer of bytegeist, working with Google Project Zero
MS15-115 Windows Kernel Memory Information Disclosure Vulnerability CVE-2015-6102 Nils Sommer of bytegeist, working with Google Project Zero
MS15-115 Windows Graphics Memory Remote Code Execution Vulnerability CVE-2015-6103 Mateusz Jurczyk of Google Project Zero
MS15-115 Windows Graphics Memory Remote Code Execution Vulnerability CVE-2015-6104 Mateusz Jurczyk of Google Project Zero
MS15-115 Windows Kernel Security Feature Bypass Vulnerability CVE-2015-6113 James Forshaw of Google Project Zero
MS15-114 Windows Journal Heap Overflow Vulnerability CVE-2015-6097 Jason Kratzer, working with VeriSign iDefense Labs
MS15-113 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6064 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-113 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6073 Kai Kang of Tencent's Xuanwu LAB
MS15-113 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6078 Bo Qu of Palo Alto Networks
MS15-113 Microsoft Browser ASLR Bypass CVE-2015-6088 JaeHun Jeong
MS15-112 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6064 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6065 Jason Kratzer, working with VeriSign iDefense Labs
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6065 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6066 Bo Qu of Palo Alto Networks
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6068 Zheng Huang of the Baidu Scloud XTeam, working with VeriSign iDefense Labs
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6069 Bo Qu of Palo Alto Networks
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6070 Tongbo Luo of Palo Alto Networks
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6070 Bo Qu of Palo Alto Networks
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6071 Bo Qu of Palo Alto Networks
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6072 Kai Kang of Tencent's Xuanwu LAB
MS15-112 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6073 Kai Kang of Tencent's Xuanwu LAB
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6075 0011, working with HP’s Zero Day Initiative
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6076 Anonymous, working with HP’s Zero Day Initiative
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6077 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative, and Linan Hao of Qihoo 360
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6077 Linan Hao of Qihoo 360 Vulcan Team
MS15-112 Microsoft Browser Memory Corruption Vulnerability CVE-2015-6078 Bo Qu of Palo Alto Networks
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6079 Zheng Huang of the Baidu Scloud XTeam
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6080 Zheng Huang of the Baidu Scloud XTeam
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6081 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6082 Zheng Huang of the Baidu Scloud XTeam
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6084 Zheng Huang of the Baidu Scloud XTeam, working with VeriSign iDefense Labs
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6085 Jason Kratzer, working with VeriSign iDefense Labs
MS15-112 Internet Explorer Information Disclosure Vulnerability CVE-2015-6086 Ashfaq Ansari, working with HP’s Zero Day Initiative
MS15-112 Internet Explorer Memory Corruption Vulnerability CVE-2015-6087 Bo Qu of Palo Alto Networks
MS15-112 Scripting Engine Memory Corruption Vulnerability CVE-2015-6089 Yuki Chen of Qihoo 360 Vulcan Team
MS15-099 Microsoft Office Malformed EPS File Vulnerability CVE-2015-2545 Genwei Jiang of FireEye, Inc.
SA3108638 N/A CVE-2015-5307 Ben Serebrin of Google
October 2015
MS15-111 Windows Kernel Memory Corruption Vulnerability CVE-2015-2549 dbc282f4f2f7d2466fa0078bf8034d99
MS15-111 Windows Elevation of Privilege Vulnerability CVE-2015-2550 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-111 Windows Mount Point Elevation of Privilege Vulnerability CVE-2015-2553 James Forshaw of Google Project Zero
MS15-111 Windows Object Reference Elevation of Privilege Vulnerability CVE-2015-2554 James Forshaw of Google Project Zero
MS15-110 Microsoft Office Memory Corruption Vulnerability CVE-2015-2555 3S Labs, working with HP’s Zero Day Initiative
MS15-110 Microsoft Sharepoint Information Disclosure Vulnerability CVE-2015-2556 Jakub Palaczynski of ING Services Polska
MS15-110 Microsoft Office Memory Corruption Vulnerabilties CVE-2015-2557 kdot, working with HP’s Zero Day Initiative
MS15-110 Microsoft Office Memory Corruption Vulnerability CVE-2015-2558 3S Labs, working with HP’s Zero Day Initiative
MS15-109 Toolbar Use After Free Vulnerability CVE-2015-2515 Heige (a.k.a. SuperHei) from Knownsec 404 Security Team
MS15-109 Microsoft Tablet Input Band Use After Free Vulnerability CVE-2015-2548 Heige (a.k.a. SuperHei) from Knownsec 404 Security Team and Hui Gao of Palo Alto Networks
MS15-108 Scripting Engine Memory Corruption Vulnerability CVE-2015-2482 Skylined, working with HP’s Zero Day Initiative
MS15-108 VBScript and JScript ASLR Bypass CVE-2015-6052 Bill Finlayson, Vectra Networks
MS15-108 Scripting Engine Memory Corruption Vulnerability CVE-2015-6055 Simon Zuckerbraun, working with HP’s Zero Day Initiative
MS15-108 Scripting Engine Memory Corruption Vulnerability CVE-2015-6055 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-108 Scripting Engine Information Disclosure Vulnerability CVE-2015-6059 Takeshi Terada of Mitsui Bussan Secure Directions, Inc.
MS15-107 Microsoft Edge XSS Filter Bypass CVE-2015-6058 Noriaki Iwasaki of Cyber Defense Institute, Inc.
MS15-107 Microsoft Edge XSS Filter Bypass CVE-2015-6058 Masato Kinugawa, Individual
MS15-107 Microsoft Edge Information Disclosure Vulnerability CVE-2015-6057 Mario Heiderich of Cure53
MS15-106 Scripting Engine Memory Corruption Vulnerability CVE-2015-2482 Skylined, working with HP’s Zero Day Initiative
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6042 Garage4Hackers, working with HP’s Zero Day Initiative
MS15-106 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-6044 Jack Tang of Trend Micro
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6045 Zheng Huang of the Baidu Scloud XTeam, working with HP’s Zero Day Initiative
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6045 Kai Kang of Tencent's Xuanwu LAB
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6046 Jason Kratzer, working with VeriSign iDefense Labs
MS15-106 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-6047 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6048 Tongbo Luo of Palo Alto Networks
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6048 Hui Gao of Palo Alto Networks
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6048 Dhanesh Kizhakkinan of FireEye, Inc.
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6049 Heige (a.k.a. SuperHei) from Knownsec 404 Security Team
MS15-106 Internet Explorer Memory Corruption Vulnerability CVE-2015-6050 Zheng Huang of the Baidu Scloud XTeam, working with HP’s Zero Day Initiative
MS15-106 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-6051 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-106 VBScript and JScript ASLR Bypass CVE-2015-6052 Bill Finlayson, Vectra Networks
MS15-106 Internet Explorer Information Disclosure Vulnerability CVE-2015-6053 CK, working with HP’s Zero Day Initiative
MS15-106 Scripting Engine Memory Corruption Vulnerability CVE-2015-6055 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-106 Scripting Engine Memory Corruption Vulnerability CVE-2015-6056 Aakash Jain and Dhanesh Kizhakkinan of FireEye, Inc.
MS15-106 Scripting Engine Information Disclosure Vulnerability CVE-2015-6059 Takeshi Terada of Mitsui Bussan Secure Directions, Inc.
MS15-106 Scripting Engine Memory Corruption Vulnerability CVE-2015-6184 Zheng Huang of the Baidu Scloud XTeam, working with HP’s Zero Day Initiative
MS15-106 Defense-in-depth ------------------- Mario Heiderich of Cure53
September 2015
MS15-103 Exchange Information Disclosure Vulnerability CVE-2015-2505 John Page of hyp3rlinx
MS15-103 Exchange Spoofing Vulnerability CVE-2015-2543 Abdulrahman Alqabandi
MS15-103 Exchange Spoofing Vulnerability CVE-2015-2544 Justin Khoo of FreshInbox
MS15-102 Windows Task Management Elevation of Privilege Vulnerability CVE-2015-2524 James Forshaw of Google Project Zero
MS15-102 Windows Task File Deletion Elevation of Privilege Vulnerability CVE-2015-2525 James Forshaw of Google Project Zero
MS15-102 Windows Task Management Elevation of Privilege Vulnerability CVE-2015-2528 James Forshaw of Google Project Zero
MS15-101 .NET Elevation of Privilege Vulnerability CVE-2015-2504 Yorick Koster of Securify B.V.
MS15-101 MVC Denial of Service Vulnerability CVE-2015-2526 Roberto Suggi Liverani of NCIA (NATO Communications and Information Agency)
MS15-100 Windows Media Center RCE Vulnerability CVE-2015-2509 Aaron Luo, Kenney Lu, and Ziv Chang of TrendMicro
MS15-099 Microsoft Office Memory Corruption Vulnerability CVE-2015-2520 Steven Vittitoe of Google Project Zero
MS15-099 Microsoft Office Memory Corruption Vulnerability CVE-2015-2521 Steven Vittitoe of Google Project Zero
MS15-099 Microsoft SharePoint XSS Spoofing Vulnerability CVE-2015-2522 This vulnerability was discovered by Fortinet's FortiGuard Labs.
MS15-099 Microsoft Office Memory Corruption Vulnerability CVE-2015-2523 Steven Vittitoe of Google Project Zero
MS15-099 Microsoft Office Malformed EPS File Vulnerability CVE-2015-2545 Genwei Jiang of FireEye, Inc.
MS15-098 Windows Journal RCE Vulnerability CVE-2015-2513 Phil Blankenship of BeyondTrust Inc
MS15-098 Windows Journal DoS Vulnerability CVE-2015-2514 Kai Lu of Fortinet's FortiGuard Labs
MS15-098 Windows Journal DoS Vulnerability CVE-2015-2516 Kai Lu of Fortinet's FortiGuard Labs
MS15-097 OpenType Font Parsing Vulnerability CVE-2015-2506 Piotr Bania and Andrea Allievi of Cisco Talos
MS15-097 Font Driver Elevation of Privilege Vulnerability CVE-2015-2507 Nils Sommer of bytegeist, working with Google Project Zero
MS15-097 Font Driver Elevation of Privilege Vulnerability CVE-2015-2508 James Forshaw of Google Project Zero
MS15-097 Graphics Component Buffer Overflow Vulnerability CVE-2015-2510 Steven Vittitoe of Google Project Zero
MS15-097 Font Driver Elevation of Privilege Vulnerability CVE-2015-2511 Nils Sommer of bytegeist, working with Google Project Zero
MS15-097 Font Driver Elevation of Privilege Vulnerability CVE-2015-2512 Nils Sommer of bytegeist, working with Google Project Zero
MS15-097 Win32k Memory Corruption Elevation of Privilege Vulnerability CVE-2015-2517 Nils Sommer of bytegeist, working with Google Project Zero
MS15-097 Win32k Memory Corruption Elevation of Privilege Vulnerability CVE-2015-2518 Nils Sommer of bytegeist, working with Google Project Zero
MS15-097 Win32k Elevation of Privilege Vulnerability CVE-2015-2527 James Forshaw of Google Project Zero
MS15-097 Kernel ASLR Bypass Vulnerability CVE-2015-2529 Matt Tait of Google Project Zero
MS15-097 Win32k Memory Corruption Elevation of Privilege Vulnerability CVE-2015-2546 Wang Yu of FireEye, Inc.
MS15-097 Defense-in-depth ------------------- lokihardt@ASRT, working with HP’s Zero Day Initiative
MS15-096 Active Directory Denial of Service Vulnerability CVE-2015-2535 Andrew Bartlett of Catalyst and the Samba Team
MS15-095 Memory Corruption Vulnerability CVE-2015-2485 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-095 Memory Corruption Vulnerability CVE-2015-2486 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-094 Information Disclosure Vulnerability CVE-2015-2483 Shi Ji (@Puzzor) of VARAS@IIE
MS15-094 Tampering Vulnerability CVE-2015-2484 Haifei Li of Intel Security IPS Research Team
MS15-094 Memory Corruption Vulnerability CVE-2015-2485 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-094 Memory Corruption Vulnerability CVE-2015-2486 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-094 Memory Corruption Vulnerability CVE-2015-2487 Pawel Wylecial, working with HP’s Zero Day Initiative
MS15-094 Elevation of Privilege Vulnerability CVE-2015-2489 5AECDBC12A3C178E19CF1E3CB5EDAA89, working with HP’s Zero Day Initiative
MS15-094 Memory Corruption Vulnerability CVE-2015-2490 Bo Qu of Palo Alto Networks
MS15-094 Memory Corruption Vulnerability CVE-2015-2491 Heige (a.k.a. SuperHei) from Knownsec 404 Security Team
MS15-094 Memory Corruption Vulnerability CVE-2015-2492 Bo Qu of Palo Alto Networks
MS15-094 Memory Corruption Vulnerability CVE-2015-2492 Dhanesh Kizhakkinan of FireEye, Inc.
MS15-094 Scripting Engine Memory Corruption Vulnerability CVE-2015-2493 Bo Qu of Palo Alto Networks
MS15-094 Memory Corruption Vulnerability CVE-2015-2494 Kai Song (exp-sky) of Tencent's Xuanwu LAB
MS15-094 Memory Corruption Vulnerability CVE-2015-2498 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-094 Memory Corruption Vulnerability CVE-2015-2499 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-094 Memory Corruption Vulnerability CVE-2015-2500 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-094 Memory Corruption Vulnerability CVE-2015-2501 Sean Verity, working with HP’s Zero Day Initiative
MS15-094 Memory Corruption Vulnerability CVE-2015-2541 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-094 Defense-in-depth ------------------- Yang Yu (@tombkeeper) of Tencent's Xuanwu Lab
August 2015
MS15-093 Memory Corruption Vulnerability CVE-2015-2502 Clement Lecigne of Google Inc.
MS15-092 RyuJIT Optimization Elevation of Privilege Vulnerability CVE-2015-2479 Nick Craver & Marc Gravell of Stack Overflow
MS15-091 Memory Corruption Vulnerability CVE-2015-2441 Liu Long of the Qihoo 360 Vulcan Team
MS15-090 Windows Registry Elevation of Privilege Vulnerability CVE-2015-2429 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-090 Windows Filesystem Elevation of Privilege Vulnerability CVE-2015-2430 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-087 UDDI Services Elevation of Privilege Vulnerability CVE-2015-2475 François-Xavier Stellamans from NCI Agency - Cyber Security / NCIRC
MS15-084 MSXML Information Disclosure Vulnerability CVE-2015-2440 Ucha Gobejishvili, working with HP’s Zero Day Initiative
MS15-083 Server Message Block Memory Corruption Vulnerability CVE-2015-2474 Tenable Network Security
MS15-081 Microsoft Office Memory Corruption Vulnerability CVE-2015-1642 This vulnerability was discovered by Fortinet's FortiGuard Labs
MS15-081 Microsoft Office Memory Corruption Vulnerability CVE-2015-1642 Yong Chuan Koh (@yongchuank) of MWR Labs (@mwrlabs)
MS15-081 Microsoft Office Memory Corruption Vulnerability CVE-2015-1642 s3tm3m@gmail.com, working with VeriSign iDefense Labs
MS15-081 Microsoft Office Memory Corruption Vulnerability CVE-2015-2467 Steven Vittitoe of Google Project Zero
MS15-081 Microsoft Office Memory Corruption Vulnerability CVE-2015-2468 Steven Vittitoe of Google Project Zero
MS15-081 Microsoft Office Memory Corruption Vulnerability CVE-2015-2469 Steven Vittitoe of Google Project Zero
MS15-081 Microsoft Office Integer Underflow Vulnerability CVE-2015-2470 Steven Vittitoe of Google Project Zero
MS15-081 Microsoft Office Memory Corruption Vulnerability CVE-2015-2477 Steven Vittitoe of Google Project Zero
MS15-081 Microsoft Office Memory Corruption Vulnerability CVE-2015-2445 Jack Tang of Trend Micro
MS15-080 Microsoft Office Graphics Component Remote Code Execution Vulnerability CVE-2015-2431 Steven Vittitoe of Google Project Zero
MS15-080 OpenType Font Parsing Vulnerability CVE-2015-2432 Mateusz Jurczyk of Google Project Zero
MS15-080 Kernel ASLR Bypass Vulnerability CVE-2015-2433 Matt Tait of Google Inc.
MS15-080 TrueType Font Parsing Vulnerability CVE-2015-2435 KeenTeam's Jihui Lu and Peter Hlavaty, working with HP’s Zero Day Initiative
MS15-080 Windows CSRSS Elevation of Privilege Vulnerability CVE-2015-2453 Liang Yin of Tencent PC Manager
MS15-080 Windows KMD Security Feature Bypass Vulnerability CVE-2015-2454 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-080 TrueType Font Parsing Vulnerability CVE-2015-2455 Mateusz Jurczyk of Google Project Zero
MS15-080 TrueType Font Parsing Vulnerability CVE-2015-2455 KeenTeam's Jihui Lu and Peter Hlavaty, working with HP’s Zero Day Initiative
MS15-080 TrueType Font Parsing Vulnerability CVE-2015-2456 Mateusz Jurczyk of Google Project Zero
MS15-080 OpenType Font Parsing Vulnerability CVE-2015-2458 Mateusz Jurczyk of Google Project Zero
MS15-080 OpenType Font Parsing Vulnerability CVE-2015-2459 Mateusz Jurczyk of Google Project Zero
MS15-080 OpenType Font Parsing Vulnerability CVE-2015-2460 Mateusz Jurczyk of Google Project Zero
MS15-080 OpenType Font Parsing Vulnerability CVE-2015-2461 Mateusz Jurczyk of Google Project Zero
MS15-080 OpenType Font Parsing Vulnerability CVE-2015-2462 Mateusz Jurczyk of Google Project Zero
MS15-080 TrueType Font Parsing Vulnerability CVE-2015-2463 Mateusz Jurczyk of Google Project Zero
MS15-080 TrueType Font Parsing Vulnerability CVE-2015-2464 Mateusz Jurczyk of Google Project Zero
MS15-079 Memory Corruption Vulnerability CVE-2015-2442 Linan Hao of the Qihoo 360 Vulcan Team
MS15-079 Memory Corruption Vulnerability CVE-2015-2443 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-079 Memory Corruption Vulnerability CVE-2015-2444 Moritz Jodeit of Blue Frost Security
MS15-079 Security Feature Bypass Vulnerability CVE-2015-2445 Jack Tang of Trend Micro
MS15-079 Memory Corruption Vulnerability CVE-2015-2446 Heige (a.k.a. SuperHei) from Knownsec 404 Security Team and Bo Qu of Palo Alto Networks
MS15-079 Memory Corruption Vulnerability CVE-2015-2447 sweetchip@GRAYHASH
MS15-079 Memory Corruption Vulnerability CVE-2015-2448 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-079 Security Feature Bypass Vulnerability CVE-2015-2449 Linan Hao of the Qihoo 360 Vulcan Team
MS15-079 Memory Corruption Vulnerability CVE-2015-2450 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-079 Memory Corruption Vulnerability CVE-2015-2451 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-079 Memory Corruption Vulnerability CVE-2015-2452 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
July 2015
MS15-078 OpenType Font Driver Vulnerability CVE-2015-2426 Mateusz Jurczyk of Google Project Zero
MS15-078 OpenType Font Driver Vulnerability CVE-2015-2426 Genwei Jiang of FireEye, Inc.
MS15-078 OpenType Font Driver Vulnerability CVE-2015-2426 Moony Li of TrendMicro Company
MS15-077 ATMFD.DLL Memory Corruption Vulnerability CVE-2015-2387 Google Project Zero and Morgan Marquis-Boire
MS15-076 Windows RPC Elevation of Privilege Vulnerability CVE-2015-2370 James Forshaw of Google Project Zero
MS15-075 OLE Elevation of Privilege Vulnerability CVE-2015-2416 Nicolas Joly @n_joly
MS15-075 OLE Elevation of Privilege Vulnerability CVE-2015-2417 Nicolas Joly @n_joly
MS15-074 Windows Installer EoP Vulnerability CVE-2015-2371 Mariusz Mlynski working with HP’s Zero Day Initiative
MS15-073 Win32k Elevation of Privilege Vulnerability CVE-2015-2363 enSilo
MS15-073 Win32k Elevation of Privilege Vulnerability CVE-2015-2363 Peng Qiu of 360Vulcan Team
MS15-073 Win32k Elevation of Privilege Vulnerability CVE-2015-2365 Nils Sommer of bytegeist, working with Google Project Zero
MS15-073 Win32k Elevation of Privilege Vulnerability CVE-2015-2366 Nils Sommer of bytegeist, working with Google Project Zero
MS15-073 Win32k Information Disclosure Vulnerability CVE-2015-2367 WanderingGlitch of HP’s Zero Day Initiative
MS15-073 Win32k Information Disclosure Vulnerability CVE-2015-2381 Matt Tait of Google Project Zero
MS15-073 Win32k Information Disclosure Vulnerability CVE-2015-2382 Matt Tait of Google Project Zero
MS15-072 Graphics Component EOP Vulnerability CVE-2015-2364 Nicolas Joly @n_joly
MS15-070 Microsoft Excel ASLR Bypass Vulnerability CVE-2015-2375 3S Labs working with HP’s Zero Day Initiative
MS15-070 Microsoft Office Memory Corruption Vulnerability CVE-2015-2376 3S Labs, working with HP’s Zero Day Initiative
MS15-070 Microsoft Office Memory Corruption Vulnerability CVE-2015-2377 3S Labs, working with HP’s Zero Day Initiative
MS15-070 Microsoft Excel DLL Remote Code Execution Vulnerability CVE-2015-2378 M1x7e1(ShiXiaoLei) of SafeyeTeam
MS15-070 Microsoft Office Memory Corruption Vulnerability CVE-2015-2379 Steven Vittitoe of Google Project Zero
MS15-070 Microsoft Office Memory Corruption Vulnerability CVE-2015-2380 Steven Vittitoe of Google Project Zero
MS15-070 Microsoft Office Memory Corruption Vulnerability CVE-2015-2415 Jack Tang of Trend Micro
MS15-070 Microsoft Office Remote Code Execution Vulnerability CVE-2015-2424 The Labs Team of iSIGHT Partners
MS15-070 Microsoft Office Remote Code Execution Vulnerability CVE-2015-2424 Edward Fjellskål of Telenor CERT
MS15-069 Windows DLL Remote Code Execution Vulnerability CVE-2015-2368 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-069 DLL Planting Remote Code Execution Vulnerability CVE-2015-2369 Haifei Li of McAfee Labs IPS Team
MS15-068 Hyper-V Buffer Overflow Vulnerability CVE-2015-2361 Thomas Garnier of Microsoft
MS15-068 Hyper-V System Data Structure Vulnerability CVE-2015-2362 Thomas Garnier of Microsoft
MS15-066 VBScript Memory Corruption Vulnerability CVE-2015-2372 Bo Qu of Palo Alto Networks
MS15-066 VBScript Memory Corruption Vulnerability CVE-2015-2372 bilou, working with VeriSign iDefense Labs
MS15-065 Internet Explorer Information Disclosure Vulnerability CVE-2015-1729 Mashiro YAMADA
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-1733 JaeHun Jeong (@n3sk) of WINS, WSEC Analysis Team
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-1738 Li Kemeng of Baidu Anti-virus Team
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-1767 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-1767 Zheng Huang of the Baidu Scloud XTeam, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2383 Jason Kratzer, working with VeriSign iDefense Labs
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2383 Sky, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2383 Liu Long of the Qihoo 360 Vulcan Team
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2383 Jihui Lu of KeenTeam (@K33nTeam)
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2384 Liu Long of the Qihoo 360 Vulcan Team
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2385 Liu Long of the Qihoo 360 Vulcan Team
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2385 ChenDong Li of Tencent
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2388 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2389 Linan Hao of the Qihoo 360 Vulcan Team
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2390 Linan Hao of the Qihoo 360 Vulcan Team
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2391 Jack Tang of Trend Micro Inc.
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2397 AA32AF9897C15779037CD4FC1C1C13D7, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2397 A3F2160DCA1BDE70DA1D99ED267D5DC1EC336192, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2397 Bo Qu of Palo Alto Networks
MS15-065 Internet Explorer XSS Filter Bypass Vulnerability CVE-2015-2398 Mario Heiderich
MS15-065 Internet Explorer XSS Filter Bypass Vulnerability CVE-2015-2398 Carlos Munoz of WhiteHat Security (former) and Trustwave SpiderLabs (current)
MS15-065 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-2402 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2403 ca0nguyen, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2404 4cbad7dc77d1a1af7d66b5ded6cd92a5, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2406 B6BEB4D5E828CF0CCB47BB24AAC22515, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2408 Zheng Huang of Baidu Scloud XTeam, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Information Disclosure Vulnerability CVE-2015-2410 A Google Inc. employee
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2411 JeongHoon Shin
MS15-065 Internet Explorer Information Disclosure Vulnerability CVE-2015-2412 Ashutosh Mehra, working with HP’s Zero Day Initiative
MS15-065 Internet Explorer Information Disclosure Vulnerability CVE-2015-2413 Hiroshi Suzuki of Internet Initiative Japan Inc.
MS15-065 Internet Explorer Information Disclosure Vulnerability CVE-2015-2414 Angelo Prado, Director, Product Security at Salesforce
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2422 Bo Qu of Palo Alto Networks
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2425 Bill Finlayson, Vectra Networks
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2425 Dhanesh Kizhakkinan of FireEye, Inc.
MS15-065 Internet Explorer Memory Corruption Vulnerability CVE-2015-2425 Peter Pi of TrendMicro
3074162 MSRT Race Condition Vulnerability CVE-2015-2418 James Forshaw of Google Project Zero
June 2015
MS15-063 Windows LoadLibrary EoP Vulnerability CVE-2015-1758 Takashi Yoshikawa of Mitsui Bussan Secure Directions, Inc.
MS15-062 ADFS XSS Elevation of Privilege Vulnerability CVE-2015-1757 “John Hollenberger” and “Tate Hansen from FishNet Security”
MS15-061 Microsoft Windows Kernel Information Disclosure Vulnerability CVE-2015-1719 Guo Pengfei of Qihoo 360
MS15-061 Microsoft Windows Kernel Use After Free Vulnerability CVE-2015-1720 KK of Tencent’s Xuanwu LAB
MS15-061 Win32k Null Pointer Dereference Vulnerability CVE-2015-1721 Nils Sommer of bytegeist, working with Google Project Zero
MS15-061 Microsoft Windows Kernel Bitmap Handling Use After Free Vulnerability CVE-2015-1722 Nils Sommer of bytegeist, working with Google Project Zero
MS15-061 Microsoft Windows Station Use After Free Vulnerability CVE-2015-1723 Nils Sommer of bytegeist, working with Google Project Zero
MS15-061 Microsoft Windows Kernel Object Use After Free Vulnerability CVE-2015-1724 Nils Sommer of bytegeist, working with Google Project Zero
MS15-061 Win32k Buffer Overflow Vulnerability CVE-2015-1725 Nils Sommer of bytegeist, working with Google Project Zero
MS15-061 Microsoft Windows Kernel Brush Object Use After Free Vulnerability CVE-2015-1726 Nils Sommer of bytegeist, working with Google Project Zero
MS15-061 Win32k Pool Buffer Overflow Vulnerability CVE-2015-1727 Nils Sommer of bytegeist, working with Google Project Zero
MS15-061 Win32k Elevation of Privilege Vulnerability CVE-2015-2360 Maxim Golovkin, Kaspersky Lab
MS15-061 Win32k Elevation of Privilege Vulnerability CVE-2015-2360 enSilo Research Team
MS15-059 Microsoft Office Memory Corruption Vulnerability CVE-2015-1759 Ben Hawkes of Google Project Zero
MS15-059 Microsoft Office Memory Corruption Vulnerability CVE-2015-1760 Ben Hawkes of Google Project Zero
MS15-059 Microsoft Office Uninitialized Memory Use Vulnerability CVE-2015-1770 Yong Chuan Koh (@yongchuank) MWR Labs (@mwrlabs)
MS15-057 Windows Media Player RCE via DataObject Vulnerability CVE-2015-1728 bilou, working with VeriSign iDefense Labs
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1687 Pengfei Guo of Qihoo 360
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1730 SkyLined, working with VeriSign iDefense Labs
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1731 Zheng Huang of Baidu Scloud XTeam
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1732 Linan Hao of the Qihoo 360 Vulcan Team
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1735 Zheng Huang of Baidu Scloud XTeam working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1736 Bo Qu of Palo Alto Networks
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1736 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1737 Dhanesh Kizhakkinan of FireEye, Inc.
MS15-056 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1739 Thomas Vanhoutte working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1740 Chen Zhang (demi6od) of NSFOCUS Security Team
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1740 Heige (a.k.a. SuperHei) from Knownsec 404 Security Team
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1740 Bo Qu of Palo Alto Networks
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1741 Chen Zhang (demi6od) of NSFOCUS Security Team
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1742 Chen Zhang (demi6od) of NSFOCUS Security Team
MS15-056 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1743 Haifei Li of McAfee Labs IPS Team
MS15-056 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1743 Yuki Chen of Qihoo 360/Vulcan 360 Team working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1743 Thomas Vanhoutte, working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1744 Bo Qu of Palo Alto Networks
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1744 National Engineering Laboratory for Mobile Internet System and Application Security, China
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1745 Yuki Chen of Qihoo 360 working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1747 lokihardt@ASRT working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1748 lokihardt@ASRT working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1750 Bo Qu of Palo Alto Networks
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1751 Jason Kratzer, working with VeriSign iDefense Labs
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1752 Kai Song (exp-sky) of Tencent's Xuanwu LAB
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1752 Henry Li of Trend Micro
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1753 Jihui Lu of KeenTeam (@K33nTeam)
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1754 Jack Tang of Trend Micro
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1755 0016EECD9D7159A949DAD3BC17E0A939 working with HP’s Zero Day Initiative
MS15-056 Internet Explorer Memory Corruption Vulnerability CVE-2015-1755 Jason Kratzer, working with VeriSign iDefense Labs
MS15-056 Defense-in-depth ------------------- רומן זאיקין
MS15-056 Defense-in-depth ------------------- An anonymous researcher, working with Beyond Security’s SecuriTeam Secure Disclosure team and Ashutosh Mehra working with HP’s Zero Day Initiative
Special thanks for working with Microsoft to make Internet Explorer more secure. ------------------- Xiaoyin Liu @general_nfs
May 2015
MS15-054 Microsoft Management Console File Format Denial of Service Vulnerability CVE-2015-1681 Michael Heerklotz, working with HP’s Zero Day Initiative
MS15-053 VBScript ASLR Bypass CVE-2015-1684 SkyLined, working with HP’s Zero Day Initiative
MS15-053 VBScript and JScript ASLR Bypass CVE-2015-1686 Bill Finlayson of BeyondTrust Inc
MS15-052 Windows Kernel Security Feature Bypass Vulnerability CVE-2015-1674 lokihardt@ASRT, working with HP’s Zero Day Initiative
MS15-051 Microsoft Windows Kernel Memory Disclosure Vulnerability CVE-2015-1676 WanderingGlitch of HP’s Zero Day Initiative
MS15-051 Microsoft Windows Kernel Memory Disclosure Vulnerability CVE-2015-1677 WanderingGlitch of HP’s Zero Day Initiative
MS15-051 Microsoft Windows Kernel Memory Disclosure Vulnerability CVE-2015-1678 WanderingGlitch of HP’s Zero Day Initiative
MS15-051 Microsoft Windows Kernel Memory Disclosure Vulnerability CVE-2015-1679 WanderingGlitch of HP’s Zero Day Initiative
MS15-051 Microsoft Windows Kernel Memory Disclosure Vulnerability CVE-2015-1680 WanderingGlitch of HP’s Zero Day Initiative
MS15-049 Microsoft Silverlight Out of Browser Application Vulnerability CVE-2015-1715 Exodus Intelligence
MS15-048 .NET XML Decryption Denial of Service Vulnerability CVE-2015-1672 John Heasman of DocuSign
MS15-048 Windows Forms Elevation of Privilege Vulnerability CVE-2015-1673 Kalle Niemitalo
MS15-046 Microsoft Office Memory Corruption Vulnerability CVE-2015-1682 3S Labs, working with HP’s Zero Day Initiative
MS15-046 Microsoft Office Memory Corruption Vulnerability CVE-2015-1683 Jack Tang of Trend Micro
MS15-046 Microsoft Office Memory Corruption Vulnerability CVE-2015-1683 Kai Lu of Fortinet's FortiGuard Labs
MS15-045 Windows Journal Remote Code Execution Vulnerability CVE-2015-1675 Bill Finlayson of Beyond Trust, Inc.
MS15-045 Windows Journal Remote Code Execution Vulnerability CVE-2015-1695 Adith Sudhakar, VMware
MS15-045 Windows Journal Remote Code Execution Vulnerability CVE-2015-1696 Rohit Mothe of VeriSign iDefense Labs
MS15-045 Windows Journal Remote Code Execution Vulnerability CVE-2015-1697 Rohit Mothe of VeriSign iDefense Labs
MS15-045 Windows Journal Remote Code Execution Vulnerability CVE-2015-1698 Adith Sudhakar, VMware
MS15-045 Windows Journal Remote Code Execution Vulnerability CVE-2015-1698 Rohit Mothe of VeriSign iDefense Labs
MS15-045 Windows Journal Remote Code Execution Vulnerability CVE-2015-1699 Steven Seeley of Source Incite
MS15-044 OpenType Font Parsing Vulnerability CVE-2015-1670 Mateusz Jurczyk of Google Project Zero
MS15-044 TrueType Font Parsing Vulnerability CVE-2015-1671 Dan Caselden of FireEye, Inc.
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1658 Jason Kratzer, working with VeriSign iDefense Labs
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1658 National Engineering Laboratory for Mobile Internet System and Application Security, China
MS15-043 VBScript ASLR Bypass CVE-2015-1684 SkyLined, working with HP’s Zero Day Initiative
MS15-043 Internet Explorer ASLR Bypass CVE-2015-1685 Hao Linan of 360 Vulcan Team
MS15-043 Internet Explorer ASLR Bypass CVE-2015-1685 Dhanesh Kizhakkinan of FireEye, Inc.
MS15-043 Internet Explorer ASLR Bypass CVE-2015-1685 Li Kemeng of Baidu Scloud XTeam
MS15-043 VBScript and JScript ASLR Bypass CVE-2015-1686 Bill Finlayson of BeyondTrust Inc
MS15-043 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1688 Ashutosh Mehra
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1689 Jihui Lu of KeenTeam (@K33nTeam)
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1691 Jihui Lu of KeenTeam (@K33nTeam)
MS15-043 Internet Explorer Clipboard Information Disclosure Vulnerability CVE-2015-1692 Daniel Trebbien
MS15-043 Internet Explorer Clipboard Information Disclosure Vulnerability CVE-2015-1692 Vincent Lee of TELUS Security Labs
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1694 Jack Tang of Trend Micro
MS15-043 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1703 Akitsugu
MS15-043 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1704 Mario Heiderich
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1705 Bo Qu of Palo Alto Networks
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1706 Zheng Huang of Baidu Scloud XTeam working with HP’s Zero Day Initiative
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1708 Bo Qu of Palo Alto Networks
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1709 Jack Tang of Trend Micro
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1709 Zheng Huang of Baidu Scloud XTeam working with HP’s Zero Day Initiative
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1710 Dhanesh Kizhakkinan of FireEye, Inc.
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1711 Bo Qu of Palo Alto Networks
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1712 sweetchip@GRAYHASH
MS15-043 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1713 Ashutosh Mehra
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1714 sweetchip@GRAYHASH, working with HP’s Zero Day Initiative
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1717 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-043 Internet Explorer Memory Corruption Vulnerability CVE-2015-1718 Jihui Lu of KeenTeam (@K33nTeam)
April 2015
MS15-042 Windows Hyper-V DoS Vulnerability CVE-2015-1647 Dmitry Alikov of Veeam Software AG
MS15-039 MSXML3 Same Origin Policy SFB vulnerability CVE-2015-1646 Hormazd Billimoria, Xiaoran Wang, Sergey Gorbaty, Anton Rager, and Jonathan Brossard of Salesforce.com
MS15-038 NtCreateTransactionManager Type Confusion Vulnerability CVE-2015-1643 James Forshaw of Google Project Zero
MS15-038 Windows MS-DOS Device Name Elevation of Privilege Vulnerability CVE-2015-1644 James Forshaw of Google Project Zero
MS15-037 Task Scheduler Elevation of Privilege Vulnerability CVE-2015-0098 Renato Ettisberger of IOprotect GmbH
MS15-035 EMF Processing Remote Code Execution Vulnerability CVE-2015-1645 Hossein Lotfi, Secunia Research
MS15-034 HTTP.sys Remote Code Execution Vulnerability CVE-2015-1635 The Citrix Security Response Team
MS15-033 Microsoft Outlook App for Mac XSS Vulnerability CVE-2015-1639 Rakesh Dharmavaram
MS15-033 Microsoft Office Memory Corruption Vulnerability CVE-2015-1641 The Labs Team of iSIGHT Partners
MS15-033 Microsoft Office Component Use After Free Vulnerability CVE-2015-1649 Jack Tang of Trend Micro
MS15-033 Microsoft Office Component Use After Free Vulnerability CVE-2015-1649 Dan Caselden of FireEye, Inc.
MS15-033 Microsoft Office Component Use After Free Vulnerability CVE-2015-1650 3S Labs, working with HP’s Zero Day Initiative
MS15-033 Defense-in-depth change in this bulletin ------------------- Chris Parmer of Plotly
MS15-033 Microsoft Office Component Use After Free Vulnerability CVE-2015-1651 Ben Hawkes of Google Project Zero
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1652 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1657 Jihui Lu of KeenTeam (@K33nTeam)
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1659 Jason Kratzer, working with HP’s Zero Day Initiative
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1660 Arthur Gerkis, working with HP’s Zero Day Initiative
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1661 AbdulAziz Hariri, working with HP’s Zero Day Initiative
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1665 AMol NAik & Garage4Hackers, working with HP’s Zero Day Initiative
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1666 b0nd@garage4hackers@, working with HP’s Zero Day Initiative
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1667 ca0nguyen, working with HP’s Zero Day Initiative
MS15-032 Internet Explorer Memory Corruption Vulnerability CVE-2015-1668 Omair, working with HP’s Zero Day Initiative
March 2015
MS15-029 JPEG XR Parser Information Disclosure Vulnerability CVE-2015-0076 Michal Zalewski of Google Inc.
MS15-028 Task Scheduler Security Feature Bypass Vulnerability CVE-2015-0084 James Forshaw of Google Project Zero
MS15-027 NETLOGON Spoofing Vulnerability CVE-2015-0005 This vulnerability was discovered and researched by Alberto Solino from Core Security. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from the Core Advisories Team.
MS15-026 OWA Modified Canary Parameter Cross Site Scripting Vulnerability CVE-2015-1628 Francisco Correa
MS15-026 ExchangeDLP Cross Site Scripting Vulnerability CVE-2015-1629 Adi Ivascu
MS15-026 Audit Report Cross Site Scripting Vulnerability CVE-2015-1630 Adi Ivascu
MS15-026 Exchange Forged Meeting Request Spoofing Vulnerability CVE-2015-1631 Nicolai Grodum
MS15-026 Exchange Error Message Cross Site Scripting Vulnerability CVE-2015-1632 Darius Petrescu
MS15-025 Registry Virtualization Elevation of Privilege Vulnerability CVE-2015-0073 James Forshaw of Google Project Zero
MS15-024 Malformed PNG Parsing Information Disclosure Vulnerability CVE-2015-0080 Michal Zalewski of Google Inc.
MS15-023 Microsoft Windows Kernel Memory Disclosure Vulnerability CVE-2015-0077 WanderingGlitch, working with HP’s Zero Day Initiative
MS15-023 Win32k Elevation of Privilege Vulnerability CVE-2015-0078 James Forshaw of Google Project Zero
MS15-023 Win32k Elevation of Privilege Vulnerability CVE-2015-0078 Ashutosh Mehra of Adobe Systems Inc.
MS15-023 Microsoft Windows Kernel Memory Disclosure Vulnerability CVE-2015-0094 WanderingGlitch, working with HP’s Zero Day Initiative
MS15-023 Microsoft Windows Kernel Memory Disclosure Vulnerability CVE-2015-0095 KK of Xuanwu Lab of Tencent
MS15-022 Microsoft Office Component Use After Free Vulnerability CVE-2015-0085 3S Labs, working with HP’s Zero Day Initiative
MS15-022 Microsoft Office Memory Corruption Vulnerability CVE-2015-0086 Ben Hawkes of Google Project Zero
MS15-022 Microsoft Word Local Zone Remote Code Execution Vulnerability CVE-2015-0097 Eduardo Prado, working with Beyond Security’s SecuriTeam Secure Disclosure team
MS15-022 Microsoft SharePoint XSS Vulnerability CVE-2015-1633 Adi Ivascu
MS15-022 Microsoft SharePoint XSS Vulnerability CVE-2015-1636 Adi Ivascu
MS15-021 Adobe Font Driver Denial of Service Vulnerability CVE-2015-0074 Mateusz Jurczyk of Google Project Zero
MS15-021 Adobe Font Driver Information Disclosure Vulnerability CVE-2015-0087 Mateusz Jurczyk of Google Project Zero
MS15-021 Adobe Font Driver Remote Code Execution Vulnerability CVE-2015-0088 Mateusz Jurczyk of Google Project Zero
MS15-021 Adobe Font Driver Information Disclosure Vulnerability CVE-2015-0089 Mateusz Jurczyk of Google Project Zero
MS15-021 Adobe Font Driver Remote Code Execution Vulnerability CVE-2015-0090 Mateusz Jurczyk of Google Project Zero
MS15-021 Adobe Font Driver Remote Code Execution Vulnerability CVE-2015-0091 Mateusz Jurczyk of Google Project Zero
MS15-021 Adobe Font Driver Remote Code Execution Vulnerability CVE-2015-0092 Mateusz Jurczyk of Google Project Zero
MS15-021 Adobe Font Driver Remote Code Execution Vulnerability CVE-2015-0092 s3tm3m, working with HP’s Zero Day Initiative
MS15-021 Adobe Font Driver Remote Code Execution Vulnerability CVE-2015-0093 Mateusz Jurczyk of Google Project Zero
MS15-020 WTS Remote Code Execution Vulnerability CVE-2015-0081 Garage4Hackers, working with HP’s Zero Day Initiative
MS15-020 WTS Remote Code Execution Vulnerability CVE-2015-0081 Francis Provencher of Protek Research Lab’s
MS15-020 DLL Planting Remote Code Execution Vulnerability CVE-2015-0096 Michael Heerklotz, working with HP’s Zero Day Initiative
MS15-019 VBScript Memory Corruption Vulnerability CVE-2015-0032 Bo Qu of Palo Alto Networks
MS15-018 VBScript Memory Corruption Vulnerability CVE-2015-0032 Bo Qu of Palo Alto Networks
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-0056 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-0056 Jihui Lu of KeenTeam (@K33nTeam)
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-0099 SkyLined, working with HP’s Zero Day Initiative
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-0100 ca0nguyen, working with HP’s Zero Day Initiative
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-1622 SkyLined, working with HP’s Zero Day Initiative
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-1622 AMol NAik, working with HP’s Zero Day Initiative
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-1623 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-1624 Arthur Gerkis, working with HP’s Zero Day Initiative
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-1625 Bo Qu of Palo Alto Networks
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-1626 ca0nguyen, working with HP’s Zero Day Initiative
MS15-018 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1627 Ashutosh Mehra
MS15-018 Internet Explorer Memory Corruption Vulnerability CVE-2015-1634 An anonymous researcher, working with Beyond Security’s SecuriTeam Secure Disclosure team
MS15-018 Defense-in-depth change in this bulletin ------------------- Michal Zalewski of Google Project Zero
MS15-018 Defense-in-depth change in this bulletin ------------------- Zhang YunHai, NSFOCUS Security Team
MS15-018 Defense-in-depth change in this bulletin ------------------- Noriaki Iwasaki of Cyber Defense Institute, Inc.
February 2015
MS15-016 TIFF Processing Information Disclosure Vulnerability CVE-2015-0061 Michal Zalewski of Google Inc.
MS15-015 Windows Create Process Elevation of Privilege Vulnerability CVE-2015-0062 James Forshaw of Google Project Zero
MS15-014 Group Policy Security Feature Bypass Vulnerability CVE-2015-0009 Luke Jennings
MS15-012 Excel Remote Code Execution Vulnerability CVE-2015-0063 Fermin J. Serna of the Google Security Team
MS15-012 Office Remote Code Execution Vulnerability CVE-2015-0064 Ben Hawkes of Google Project Zero
MS15-012 OneTableDocumentStream Remote Code Execution Vulnerability CVE-2015-0065 Ben Hawkes of Google Project Zero
MS15-011 Group Policy Remote Code Execution Vulnerability CVE-2015-0008 Jeff Schmidt of JAS Global Advisors
MS15-011 Group Policy Remote Code Execution Vulnerability CVE-2015-0008 Dr. Arnoldo Muller-Molina of simMachines
MS15-011 Group Policy Remote Code Execution Vulnerability CVE-2015-0008 The Internet Corporation for Assigned Names and Numbers (ICANN)
MS15-010 Win32k Elevation of Privilege Vulnerability CVE-2015-0003 Marcin Wiazowski, working with HP’s Zero Day Initiative
MS15-010 CNG Security Feature Bypass Vulnerability CVE-2015-0010 James Forshaw of Google Project Zero
MS15-010 Win32k Elevation of Privilege Vulnerability CVE-2015-0057 Udi Yavo, CTO of enSilo
MS15-010 Windows Cursor Object Double Free Vulnerability CVE-2015-0058 n3phos, working with HP’s Zero Day Initiative
MS15-010 TrueType Font Parsing Remote Code Execution Vulnerability CVE-2015-0059 Cris Neckar of Divergent Security
MS15-010 Windows Font Driver Denial of Service Vulnerability CVE-2015-0060 Cris Neckar of Divergent Security
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0017 Aniway.Anyway@gmail.com, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0017 Adlab of Venustech
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0018 Bo Qu of Palo Alto Networks
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0019 Bo Qu of Palo Alto Networks
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0020 Liu Long of Qihoo 360
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0021 Liu Long of Qihoo 360
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0022 Yujie Wen of Qihoo 360
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0023 José A. Vázquez of VeriSign iDefense Labs
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0025 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0026 Chen Zhang (demi6od) of NSFOCUS Security Team
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0027 Jason Kratzer, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0028 Yujie Wen of Qihoo 360
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0029 Yuki Chen of Qihoo 360
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0030 Chen Zhang (demi6od) of NSFOCUS Security Team
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0031 Aniway.Anyway@gmail.com, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0035 Sky, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0035 Pawel Wylecial, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0035 Li Kemeng of Baidu Anti-virus Team
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0036 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0037 sweetchip@GRAYHASH, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0038 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0038 Dhanesh Kizhakkinan of FireEye, Inc.
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0038 Bo Qu of Palo Alto Networks
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0039 Jihui Lu of KeenTeam (@K33nTeam)
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0040 SkyLined, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0041 0016EECD9D7159A949DAD3BC17E0A939, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0041 An anonymous researcher, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0041 Li Kemeng of Baidu Anti-virus Team
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0042 Omair working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0043 Omair working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0044 ca0nguyen, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0045 ca0nguyen, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0045 Bo Qu of Palo Alto Networks
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0046 Stephen Fewer of Harmony Security, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0048 SkyLined
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0049 SkyLined
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0050 SkyLined
MS15-009 Internet Explorer ASLR Bypass Vulnerability CVE-2015-0051 SkyLined
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0052 SkyLined
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0053 SkyLined, working with HP’s Zero Day Initiative
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0053 Tao Qiu of Huawei's IT Infrastructure & Security Dept, BP & IT
MS15-009 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-0055 James Forshaw of Google Project Zero
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0066 Edward Torkington of NCC Group
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0066 Jihui Lu of KeenTeam (@K33nTeam)
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0067 Peter Vreugdenhil of exodusintel.com
MS15-009 Internet Explorer Memory Corruption Vulnerability CVE-2015-0068 Bo Qu of Palo Alto Networks
MS15-009 Internet Explorer ASLR Bypass Vulnerability CVE-2015-0069 Jack Tang of Trend Micro
MS15-009 Internet Explorer ASLR Bypass Vulnerability CVE-2015-0071 The Labs Team of iSIGHT Partners
MS15-009 Internet Explorer ASLR Bypass Vulnerability CVE-2015-0071 Clement Lecigne of Google Inc.
January 2015
MS15-008 WebDAV Elevation of Privilege Vulnerability CVE-2015-0011 James Forshaw of Google Project Zero
MS15-006 Windows Error Reporting Security Feature Bypass Vulnerability CVE-2015-0001 Alex Ionescu of Winsider Seminars & Solutions Inc. and CrowdStrike Inc.
MS15-005 NLA Security Feature Bypass Vulnerability CVE-2015-0006 Jonas Vestberg of Sentor
MS15-004 Directory Traversal Elevation of Privilege Vulnerability CVE-2015-0016 Liam O’Murchu of Symantec
MS15-002 Windows Telnet Service Buffer Overflow Vulnerability CVE-2015-0014 Daiyuu Nobori and Christopher Hiroshi Higuchi SMITH of the University of Tsukuba