Microsoft Patch Tuesday – May 2015
This month the vendor is releasing 13 bulletins covering a total of 46 vulnerabilities. Twenty-one of this month’s issues are rated ’Critical’.
Read More
This month the vendor is releasing 13 bulletins covering a total of 46 vulnerabilities. Twenty-one of this month’s issues are rated ’Critical’.
Read More
This month the vendor is releasing 11 bulletins covering a total of 26 vulnerabilities. Thirteen of this month’s issues are rated ’Critical’.
Read More
Vulnerability (CVE-2015-0291) rated as high severity by OpenSSL.Read More
This month the vendor is releasing fourteen bulletins covering a total of 45 vulnerabilities. Nineteen of this month’s issues are rated ’Critical’.
Read More
This month the vendor is releasing nine bulletins covering a total of 56 vulnerabilities. Thirty-seven of this month’s issues are rated ’Critical’.
Read More
Hello, welcome to this month’s blog on the Microsoft patch release. This month the vendor is releasing eight bulletins covering a total of 8 vulnerabilities. One of this month’s issues is rated ’Critical’.
Read More
summary
Hello, welcome to this month’s blog on the Microsoft patch release. This month the vendor is releasing seven bulletins covering a total of 24 vulnerabilities. Thirteen of this month’s issues are rated ’Critical’.
As always, customers are advised to follow these security best practices:
Microsoft’s summary of the December releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms14-dec
The following is a breakdown of the issues being addressed this month:
MS14-075 Vulnerabilities in Microsoft Exchange Server Could Allow Security Feature Bypass (3009712)
Outlook Web Access Token Spoofing Vulnerability (CVE-2014-6319) MS Rating: Moderate
A token spoofing vulnerability exists in Exchange Server when Microsoft Outlook Web Access (OWA) fails to properly validate a request token.
OWA XSS Vulnerability (CVE-2014-6325) MS Rating: Important
An elevation of privilege vulnerability exists when Microsoft Exchange Server does not properly validate input. An attacker who successfully exploited this vulnerability could run script in the context of the current user.
OWA XSS Vulnerability (CVE-2014-6326) MS Rating: Important
An elevation of privilege vulnerability exists when Microsoft Exchange Server does not properly validate input. An attacker who successfully exploited this vulnerability could run script in the context of the current user.
Exchange URL Redirection Vulnerability (CVE-2014-6336) MS Rating: Important
A spoofing vulnerability exists in Microsoft Exchange when Microsoft Outlook Web Access (OWA) fails to properly validate redirection tokens.
MS14-080 Cumulative Security Update for Internet Explorer (3008923)
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6327) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6329) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6330) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6366) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6369) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6373) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6374) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6375) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6376) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-8966) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
XSS Filter Bypass Vulnerability in Internet Explorer (CVE-2014-6328) MS Rating: Important
An XSS filter bypass vulnerability exists in the way Internet Explorer disables an HTML attribute in otherwise appropriately filtered HTTP response data. This vulnerability could allow initially disabled scripts to run in the wrong security context, leading to information disclosure.
XSS Filter Bypass Vulnerability in Internet Explorer (CVE-2014-6365) MS Rating: Important
An XSS filter bypass vulnerability exists in the way Internet Explorer disables an HTML attribute in otherwise appropriately filtered HTTP response data. This vulnerability could allow initially disabled scripts to run in the wrong security context, leading to information disclosure.
Internet Explorer ASLR Bypass Vulnerability (CVE-2014-6368) MS Rating: Important
A security feature bypass vulnerability exists when Internet Explorer does not use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. This vulnerability could allow an attacker to bypass the Address Space Layout Randomization (ASLR) security feature.
VBScript Memory Corruption Vulnerability (CVE-2014-6363) MS Rating: Critical
A remote code execution vulnerability exists in the way that the VBScript engine, when rendered in Internet Explorer, handles objects in memory. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
MS14-081 Vulnerabilities in Microsoft Word and Microsoft Office Web Apps Could Allow (3017301)
Index Remote Code Execution Vulnerability (CVE-2014-6356) MS Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. System memory may be corrupted in such a way that an attacker could execute arbitrary code.
Use After Free Word Remote Code Execution Vulnerability (CVE-2014-6357) MS Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. System memory may be corrupted in such a way that an attacker could execute arbitrary code.
MS14-082 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3017349)
Microsoft Office Component Use After Free Vulnerability (CVE-2014-6364) MS Rating: Important
A remote code execution vulnerability exists in the context of the current user that is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files.
MS14-083 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (3017347)
Global Free Remote Code Execution in Excel Vulnerability (CVE-2014-6360) MS Rating: Important
A remote code execution vulnerability exists in the way that Microsoft Excel does not properly handle objects in memory while parsing specially crafted Office files. System memory may be corrupted in such a way that an attacker could execute arbitrary code.
Excel Invalid Pointer Remote Code Execution Vulnerability (CVE-2014-6361) MS Rating: Important
A remote code execution vulnerability exists in the way that Microsoft Excel does not properly handle objects in memory while parsing specially crafted Office files. System memory may be corrupted in such a way that an attacker could execute arbitrary code.
MS14-084 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)
VBScript Memory Corruption Vulnerability (CVE-2014-6363) MS Rating: Critical
A remote code execution vulnerability exists in the way that the VBScript engine, when rendered in Internet Explorer, handles objects in memory. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
MS14-085 Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126)
Information Disclosure Vulnerability (CVE-2014-6355) MS Rating: Important
An information disclosure vulnerability exists in the Microsoft Graphics Component that could allow an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. The vulnerability is caused when the Microsoft Graphics Component improperly handles the decoding of JPEG images in memory. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system.
More information on the vulnerabilities being addressed this month is available at Symantec’s free SecurityFocus portal and to our customers through the DeepSight Threat Management System.
Hello, welcome to this month’s blog on the Microsoft patch release. This month the vendor is releasing fourteen bulletins covering a total of 33 vulnerabilities. Fourteen of this month’s issues are rated ’Critical’.
As always, customers are advised to follow these security best practices:
Microsoft’s summary of the November releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms14-nov
The following is a breakdown of the issues being addressed this month:
MS14-064 Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)
Windows OLE Automation Array Remote Code Execution Vulnerability (CVE-2014-6332) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.
Windows OLE Remote Code Execution Vulnerability (CVE-2014-6352) MS Rating: Important
A remote code execution vulnerability exists in the context of the current user that is caused when a user downloads, or receives, and then opens a specially crafted Microsoft Office file that contains OLE objects.
MS14-065 Cumulative Security Update for Internet Explorer (3003057)
Internet Explorer Memory Corruption Vulnerability (CVE-2014-4143) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6337) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6341) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6342) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6343) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6344) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6347) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6348) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6351) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Memory Corruption Vulnerability (CVE-2014-6353) MS Rating: Critical
A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Internet Explorer Elevation of Privilege Vulnerability (CVE-2014-6349) MS Rating: Important
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions. An attacker who successfully exploited this vulnerability could run scripts run with elevated privileges.
Internet Explorer Elevation of Privilege Vulnerability (CVE-2014-6350) MS Rating: Important
An elevation of privilege vulnerability exists when Internet Explorer does not properly validate permissions under specific conditions. An attacker who successfully exploited this vulnerability could run scripts run with elevated privileges.
Internet Explorer Cross-domain Information Disclosure Vulnerability (CVE-2014-6340) MS Rating: Important
An information disclosure vulnerability exists when Internet Explorer does not properly enforce cross-domain policies. An attacker could exploit this issue to gain access to information in another domain or Internet Explorer zone.
Internet Explorer Cross-domain Information Disclosure Vulnerability (CVE-2014-6345) MS Rating: Important
An information disclosure vulnerability exists when Internet Explorer does not properly enforce cross-domain policies. An attacker could exploit this issue to gain access to information in another domain or Internet Explorer zone.
Internet Explorer Cross-domain Information Disclosure Vulnerability (CVE-2014-6346) MS Rating: Important
An information disclosure vulnerability exists when Internet Explorer does not properly enforce cross-domain policies. An attacker could exploit this issue to gain access to information in another domain or Internet Explorer zone.
Internet Explorer Clipboard Information Disclosure Vulnerability (CVE-2014-6323) MS Rating: Important
An information disclosure vulnerability exists when Internet Explorer does not properly restrict access to the clipboard of a user who visits a website. The vulnerability could allow data stored on the Windows clipboard to be accessed by a malicious site. An attacker could collect information from the clipboard of a user if that user visits the malicious site.
Internet Explorer ASLR Bypass Vulnerability (CVE-2014-6339) MS Rating: Important
A security feature bypass vulnerability exists when Internet Explorer does not use the Address Space Layout Randomization (ASLR) security feature, which could allow an attacker to more reliably predict the memory offsets of specific instructions in a given call stack.
MS14-066 Vulnerability in Schannel Could Allow Remote Code Execution (2992611)
Microsoft Schannel Remote Code Execution Vulnerability (CVE-2014-6321) MS Rating: Critical
A remote code execution vulnerability exists in the Secure Channel (Schannel) security package due to the improper processing of specially crafted packets.
MS14-067 Vulnerability in XML Core Services Could Allow Remote Code Execution (2993958)
MSXML Remote Code Execution Vulnerability (CVE-2014-4118) MS Rating: Critical
A remote code execution vulnerability exists when Microsoft XML Core Services (MSXML) improperly parses XML content, which can corrupt the system state in such a way as to allow an attacker to run arbitrary code. The vulnerability could allow a remote code execution if a user opens a specially crafted file or webpage.
MS14-069 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)
Microsoft Office Double Delete Remote Code Execution Vulnerability (CVE-2014-6333) MS Rating: Important
A remote code execution vulnerability exists in the context of the current user that is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files.
Microsoft Office Bad Index Remote Code Execution Vulnerability (CVE-2014-6334) MS Rating: Important
A remote code execution vulnerability exists in the context of the current user that is caused when Microsoft Word improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.
Microsoft Office Invalid Pointer Remote Code Execution Vulnerability (CVE-2014-6335) MS Rating: Important
A remote code execution vulnerability exists in the context of the local user that is caused when Microsoft Word improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.
MS14-070 Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)
TCP/IP Elevation of Privilege Vulnerability (CVE-2014-4076) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows TCP/IP stack (tcpip.sys, tcpip6.sys) that is caused when the Windows TCP/IP stack fails to properly handle objects in memory during IOCTL processing.
MS14-071 Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)
Windows Audio Service Vulnerability (CVE-2014-6322) MS Rating: Important
An elevation of privilege vulnerability exists in the Windows audio service component that could be exploited through Internet Explorer. The vulnerability is caused when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
MS14-072 Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)
TypeFilterLevel Vulnerability (CVE-2014-4149) MS Rating: Important
An elevation of privilege vulnerability exists in the way that .NET Framework handles TypeFilterLevel checks for some malformed objects.
MS14-073 Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)
SharePoint Elevation of Privilege Vulnerability (CVE-2014-4116) MS Rating: Important
An elevation of privilege vulnerability exists when SharePoint Server does not properly sanitize page content in SharePoint lists. An authenticated attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user.
MS14-074 Vulnerability in Remote Desktop Protocol could allow Security Feature Bypass (3003743)
Remote Desktop Protocol (RDP) Failure to Audit Vulnerability (CVE-2014-6318) MS Rating: Important
A security feature bypass vulnerability exists in Remote Desktop Protocol (RDP) when RDP does not properly log failed logon attempts. The vulnerability could allow an attacker to bypass the audit logon security feature. The security feature bypass by itself does not allow an arbitrary code execution. However, an attacker could use this bypass vulnerability in conjunction with another vulnerability.
MS14-076 Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass (2982998)
IIS Security Feature Bypass Vulnerability (CVE-2014-4078) MS Rating: Important
A security feature bypass vulnerability exists in Internet Information Services (IIS) that is caused when incoming web requests are not properly compared against the ‘IP and domain restriction’ filtering list.
MS14-077 Vulnerability in Active Directory Federation Services could allow Information Disclosure (3003381)
Active Directory Federation Services Information Disclosure Vulnerability (CVE-2014-6331) MS Rating: Important
An information disclosure vulnerability exists when Active Directory Federation Services (AD FS) fails to properly log off a user. The vulnerability could allow an unintentional information disclosure.
MS14-078 Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719)
Microsoft IME (Japanese) Elevation of Privilege Vulnerability (CVE-2014-4077) MS Rating: Moderate
An elevation of privilege vulnerability exists in Microsoft IME for Japanese that is caused when a vulnerable sandboxed application uses Microsoft IME (Japanese).
MS14-079 Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (3002885)
Denial of Service in Windows Kernel Mode Driver Vulnerability (CVE-2014-6317) MS Rating: Moderate
A denial of service vulnerability exists in the Windows kernel-mode driver that is caused by the improper handling of TrueType font objects in memory.
More information on the vulnerabilities being addressed this month is available at Symantec’s free SecurityFocus portal and to our customers through the DeepSight Threat Management System.
This month the vendor is releasing eight bulletins covering a total of 24 vulnerabilities. Thirteen of this month’s issues are rated ’Critical’.
This month the vendor is releasing four bulletins covering a total of 42 vulnerabilities. Thirty-six of this month’s issues are rated Critical.
Read more…