October2015 Patch Tuesday: Including Windows Shell Vulnerability


Has several patches including  MS15-106  ” One memory corruption vulnerability (CVE-2015-6056) has been publicly disclosed.”  from the following link:



As far as Microsoft patches go – the ones that patch remote code execution in the vulnerability impact column.

And 4 of the 6 have remote code execution.   As a systems person I am always most concerned of MS15-109   as it is a Windows Shell vulnerability.



Notice the critical portion of this link:

{ A vulnerability whose exploitation could allow code execution without user interaction. These scenarios include self-propagating malware (e.g. network worms), or unavoidable common use scenarios where code execution occurs without warnings or prompts. This could mean browsing to a web page or opening email. }

Microsoft recommends that customers apply Critical updates immediately.


I.e. this unpatched vulnerability could create another supervirus like the named ones in the past (Melissa, Code Red and more).

And here are the systems which could be affected:

Win10,Win8,Win7, Winserver2008, Winserver2012, WinRT, WinVista  basically all windows systems



Needless to say patch your systems!!!


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.