August 13, 2014 at 15:57Microsoft and Adobe released a set of updates, August 2014
Microsoft has released a suite of updates for its products that cover 37 unique vulnerabilities in products such as Windows, Internet Explorer, .NET Framework, SQL Server, OneNote, and SharePoint. Two updates have Critical status and seven more Important. Microsoft has also updated Security Advisory 2755801 in connection with the release of a new version of Flash Player as part of Internet Explorer. As usual, one of the updates - MS14-051 fixes a significant number of critical Remote Code Execution vulnerabilities (26) in all supported versions of IE 6-11 for W2k3 +. Vulnerabilities can be used by attackers to conduct attacks such as drive-by download and secretly install malicious code into the system. To apply the update, you need a reboot.
As we wrote a few days ago, in this patch tuesday Microsoft added another security option for Internet Explorer called Out-of-date ActiveX control blocking , which will block the playback of web page content through legacy ActiveX controls (IE plugins). So far we are talking only about the Oracle Java plug-in, outdated versions of which account for the majority of exploits for installing malware into the system. Later, blocking support for Adobe Flash Player and MS Silverlight can be added for this security option. This month, Microsoft also announced the completion of support for unsafe versions of Internet Explorer and legacy versions of the .NET Framework.in early 2016, MS14-043
updates one RCE vulnerability CVE-2014-4060 in the Windows Media Center component for Windows Vista-Seven-8-8.1. The vulnerability is present in the MCPlayer.dll library, which does not work correctly with memory after releasing the CSyncBasePlayer (use-after-free) object . Attackers can execute code through a specially crafted Office document that includes content for invoking the Windows Media Center component. A malicious document can be posted on a special site where the user will be redirected, or an attachment with such a document can be sent to the user by e-mail. Critical. Exploitation Less Likely . Update MS14-044
fixes two vulnerabilities like Elevation of Privelege and Denial of Service in SQL Server 2008-2014. These are the components of SQL Server Master Data Services and SQL Server relational database management system. Attackers can elevate their privileges in the system using one of the vulnerabilities using a special client-side script located on their website when the user uses Internet Explorer to visit the website (via XSS, SQL Master Data Services XSS Vulnerability - CVE-2014-1820). In another case (SQL Server Stack Overrun Vulnerability - CVE-2014-4061), attackers can send a specially crafted Transact-SQL query for the SQL server, which will cause it to freeze. Important
Update MS14-045fixes three vulnerabilities like Elevation of Privelege in system components of all supported versions of Windows. We are talking about vulnerabilities in such system components as the Windows kernel kernel mode driver (win32k.sys), DirectX driver (Dxgkrnl.sys) and GDI (Gdi32.dll). The vulnerability CVE-2014-0318 is present in win32k.sys and can be used by attackers to execute their code in kernel mode bypassing Windows restrictions (user-mode restrictions escape). The second vulnerability CVE-2014-1819 is also present in Win32k (Font Double-Fetch Vulnerability) and is associated with improper processing by the driver of descriptors for objects extracted from font files. The third vulnerability CVE-2014-4064 is of type Information Disclosure and can be used by attackers to obtain information about the addresses of objects in the system memory (Windows Kernel Pool Allocation Vulnerability). Important
The MS14-046 update addresses the “Security Feature Bypass” (.NET ASLR Vulnerability - CVE-2014-4062) vulnerability in .NET Framework versions 2.0 SP2 through 3.5.1. The vulnerability can be used by attackers to bypass ASLR in conjunction with another RCE vulnerability, that is, it can greatly facilitate an attacker's ability to remotely install code into a system through a .NET library compiled without ASLR support. Important Exploitation Less Likely .
Update MS14-047fixes one CVE-2014-0316 vulnerability of the "Security Feature Bypass" type in the Microsoft Local RPC component (Rpcrt4.dll) on Windows 7+. The vulnerability lies in the erroneous mechanism for freeing message memory on the Local RPC server side (via the Rpcrt4.dll function), which the server marks as incorrect. An error in the implementation allows the attacker to fill in the virtual address space of the target process (server) with messages of the same type, which, in turn, can lead to bypass ASLR via remote memory-spray. Important Exploitation Unlikely.
The MS14-048 update closes one RCE vulnerability in the OneNote 2007 SP3 product. Attackers can remotely execute code through a specially crafted OneNote file. Important Exploitation Less Likely.
The MS14-049 update closes one vulnerability like Elevation of Privilege in the Windows Installer component of all supported editions of Windows. Attackers could take advantage of this vulnerability (Windows Installer Repair Vulnerability - CVE-2014-1814) to elevate their privileges on the system through a specially compiled application that tries to fix the installation of another application using the Windows Installer API. The update addresses system files such as Msi.dll, Msimsg.dll and Appinfo.dll. Exploitation Less Likely .
Update MS14-050closes one Elevation of Privilege vulnerability in a Microsoft SharePoint Server 2013 product. An attacker who has the credentials to log into the server account can use a specially compiled application to launch malicious JavaScript for a user who visits a site running SharePoint. Important Exploitation Less Likely.
1 - Exploitation More Likely The
probability of exploiting the vulnerability is very high, attackers can use the exploit, for example, to remotely execute code.
2 - Exploitation Less Likely
The likelihood of exploitation is average, since attackers are unlikely to be able to achieve a sustainable exploitation situation, as well as due to the technical features of the vulnerability and the complexity of the exploit development.
3 - Exploit code unlikely The
probability of exploitation is minimal and attackers are unlikely to be able to develop successfully working code and use this vulnerability to conduct an attack.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
Adobe has released security updates for its products Flash Player ( APSB14-18 ) and Reader, Acrobat ( APSB14-19) The APSB14-19 update fixes an exploited in-the-wild vulnerability that is used by attackers to bypass the sandbox mechanism used in the current version of Adobe Reader XI. This version of Reader by default runs in the so-called. protected sandboxing mode and isolates the process in the context of which the PDF is viewed from system operations through the Deny SID in the access token and a special task object (as is the case with sandboxing with Google Chrome). The vulnerability allows to bypass these restrictions and execute arbitrary code with high privileges (sandbox protection bypass).
An update for Flash Player APSB14-18 fixes seven vulnerabilities, five of which can be used by attackers to bypass ASLR, one use-after-free vulnerability, which can be used for remote code execution, and another vulnerability like “security bypass”.
We recommend updating your Flash Player as soon as possible. Browsers such as Internet Explorer 10 & 11 on Windows 8 / 8.1 and Google Chrome update their versions of Flash Player automatically. For IE, see the updated Security Advisory 2755801 . Check your version of Flash Player for relevance here , the table below shows these versions for various browsers.
be secure.
As we wrote a few days ago, in this patch tuesday Microsoft added another security option for Internet Explorer called Out-of-date ActiveX control blocking , which will block the playback of web page content through legacy ActiveX controls (IE plugins). So far we are talking only about the Oracle Java plug-in, outdated versions of which account for the majority of exploits for installing malware into the system. Later, blocking support for Adobe Flash Player and MS Silverlight can be added for this security option. This month, Microsoft also announced the completion of support for unsafe versions of Internet Explorer and legacy versions of the .NET Framework.in early 2016, MS14-043
updates one RCE vulnerability CVE-2014-4060 in the Windows Media Center component for Windows Vista-Seven-8-8.1. The vulnerability is present in the MCPlayer.dll library, which does not work correctly with memory after releasing the CSyncBasePlayer (use-after-free) object . Attackers can execute code through a specially crafted Office document that includes content for invoking the Windows Media Center component. A malicious document can be posted on a special site where the user will be redirected, or an attachment with such a document can be sent to the user by e-mail. Critical. Exploitation Less Likely . Update MS14-044
fixes two vulnerabilities like Elevation of Privelege and Denial of Service in SQL Server 2008-2014. These are the components of SQL Server Master Data Services and SQL Server relational database management system. Attackers can elevate their privileges in the system using one of the vulnerabilities using a special client-side script located on their website when the user uses Internet Explorer to visit the website (via XSS, SQL Master Data Services XSS Vulnerability - CVE-2014-1820). In another case (SQL Server Stack Overrun Vulnerability - CVE-2014-4061), attackers can send a specially crafted Transact-SQL query for the SQL server, which will cause it to freeze. Important
Update MS14-045fixes three vulnerabilities like Elevation of Privelege in system components of all supported versions of Windows. We are talking about vulnerabilities in such system components as the Windows kernel kernel mode driver (win32k.sys), DirectX driver (Dxgkrnl.sys) and GDI (Gdi32.dll). The vulnerability CVE-2014-0318 is present in win32k.sys and can be used by attackers to execute their code in kernel mode bypassing Windows restrictions (user-mode restrictions escape). The second vulnerability CVE-2014-1819 is also present in Win32k (Font Double-Fetch Vulnerability) and is associated with improper processing by the driver of descriptors for objects extracted from font files. The third vulnerability CVE-2014-4064 is of type Information Disclosure and can be used by attackers to obtain information about the addresses of objects in the system memory (Windows Kernel Pool Allocation Vulnerability). Important
The MS14-046 update addresses the “Security Feature Bypass” (.NET ASLR Vulnerability - CVE-2014-4062) vulnerability in .NET Framework versions 2.0 SP2 through 3.5.1. The vulnerability can be used by attackers to bypass ASLR in conjunction with another RCE vulnerability, that is, it can greatly facilitate an attacker's ability to remotely install code into a system through a .NET library compiled without ASLR support. Important Exploitation Less Likely .
Update MS14-047fixes one CVE-2014-0316 vulnerability of the "Security Feature Bypass" type in the Microsoft Local RPC component (Rpcrt4.dll) on Windows 7+. The vulnerability lies in the erroneous mechanism for freeing message memory on the Local RPC server side (via the Rpcrt4.dll function), which the server marks as incorrect. An error in the implementation allows the attacker to fill in the virtual address space of the target process (server) with messages of the same type, which, in turn, can lead to bypass ASLR via remote memory-spray. Important Exploitation Unlikely.
The MS14-048 update closes one RCE vulnerability in the OneNote 2007 SP3 product. Attackers can remotely execute code through a specially crafted OneNote file. Important Exploitation Less Likely.
The MS14-049 update closes one vulnerability like Elevation of Privilege in the Windows Installer component of all supported editions of Windows. Attackers could take advantage of this vulnerability (Windows Installer Repair Vulnerability - CVE-2014-1814) to elevate their privileges on the system through a specially compiled application that tries to fix the installation of another application using the Windows Installer API. The update addresses system files such as Msi.dll, Msimsg.dll and Appinfo.dll. Exploitation Less Likely .
Update MS14-050closes one Elevation of Privilege vulnerability in a Microsoft SharePoint Server 2013 product. An attacker who has the credentials to log into the server account can use a specially compiled application to launch malicious JavaScript for a user who visits a site running SharePoint. Important Exploitation Less Likely.
1 - Exploitation More Likely The
probability of exploiting the vulnerability is very high, attackers can use the exploit, for example, to remotely execute code.
2 - Exploitation Less Likely
The likelihood of exploitation is average, since attackers are unlikely to be able to achieve a sustainable exploitation situation, as well as due to the technical features of the vulnerability and the complexity of the exploit development.
3 - Exploit code unlikely The
probability of exploitation is minimal and attackers are unlikely to be able to develop successfully working code and use this vulnerability to conduct an attack.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
Adobe has released security updates for its products Flash Player ( APSB14-18 ) and Reader, Acrobat ( APSB14-19) The APSB14-19 update fixes an exploited in-the-wild vulnerability that is used by attackers to bypass the sandbox mechanism used in the current version of Adobe Reader XI. This version of Reader by default runs in the so-called. protected sandboxing mode and isolates the process in the context of which the PDF is viewed from system operations through the Deny SID in the access token and a special task object (as is the case with sandboxing with Google Chrome). The vulnerability allows to bypass these restrictions and execute arbitrary code with high privileges (sandbox protection bypass).
An update for Flash Player APSB14-18 fixes seven vulnerabilities, five of which can be used by attackers to bypass ASLR, one use-after-free vulnerability, which can be used for remote code execution, and another vulnerability like “security bypass”.
We recommend updating your Flash Player as soon as possible. Browsers such as Internet Explorer 10 & 11 on Windows 8 / 8.1 and Google Chrome update their versions of Flash Player automatically. For IE, see the updated Security Advisory 2755801 . Check your version of Flash Player for relevance here , the table below shows these versions for various browsers.
be secure.