10/15/2014

Update your Microsoft IE and Powerpoint IMMEDIATELY NOW (especially if you have confidential info)

we didn't publish this list from the Internet Storm Center since long but this has to be seen as a critical update because the attacks based on these vulnerabilities have been going on for 5 years now and the zeroday (or should be say zeroyear ?) leaks have had a good newscycle yesterday with the securityfirm trying to make a name for itself ahead of the release of the protections to announce to the (black Under) world that this is how you can compromise a computer easily. They couldn't wait another week of two so that all the critical posts were patched meanwhile.

If you are on a critical network or have critical information that you should do more security research in your logs based upon the articles that were published yesterday (but were very vague to say the least)

Overview of the October 2014 Microsoft patches and their status.

 

#AffectedContra Indications - KBKnown ExploitsMicrosoft rating(**)ISC rating(*)
clientsservers
MS14-056 Cumulative Security Update for Internet Explorer (replaces MS14-052)
Microsoft Windows, Internet Explorer
CVE-2014-4123, CVE-2014-4124, CVE-2014-4126, CVE-2014-4127, CVE-2014-4128, CVE-2014-4129, CVE-2014-4130, CVE-2014-4132, CVE-2014-4133, CVE-2014-4134, CVE-2014-4137, CVE-2014-4138, CVE-2014-4141, CVE-2014-4123, CVE-2014-4124, CVE-2014-4126, CVE-2014-4127, CVE-2014-4128, CVE-2014-4129, CVE-2014-4130, CVE-2014-4132, CVE-2014-4133, CVE-2014-4134, CVE-2014-4137, CVE-2014-4138, CVE-2014-4140, CVE-2014-4141
KB 2987107

CVE-2014-4123 has been exploited.

Severity:Critical
Exploitability: 1
Critical Important
MS14-057 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (replaces MS12-016)
Microsoft Windows, Microsoft .NET Framework

CVE-2014-4073
CVE-2014-4121
CVE-2014-4122
KB 3000414 No. Severity:Critical
Exploitability: 2
Critical Critical
MS14-058 Vulnerability in Kernel-Mode Driver Could Allow Remote Code Execution (replaces MS14-015)
Microsoft Windows

CVE-2014-4113
CVE-2014-4148
KB 3000061 Yes. Used in Limited Attacks Severity:Critical
Exploitability: 0
Critical Critical
MS14-059 Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass 
Microsoft Developer Tools

CVE-2014-4075
KB 2990942

Publicly disclosed,not
exploited. 

Severity:Important
Exploitability: 3
Less Important Important
MS14-060 Vulnerability in Windows OLE Could Allow Remote Code Execution  (replaces MS12-005)
Microsoft Windows

CVE-2014-4114
KB 3000869 yes. against powerpoint. See iSight disclosure. Severity:Important
Exploitability: 0
Critical Important
MS14-061 Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (MS14-034, MS14-017)
Microsoft Office, Microsoft Office Services, Microsoft Office Web Apps

CVE-2014-4117
KB 3000434 No. Severity:Important
Exploitability: 1
Critical Important
MS14-062 Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (MS09-040)
Microsoft Windows

CVE-2014-4971
KB 2993254 publicly disclosed but not exploited. Severity:Important
Exploitability: 1
Important Important
MS14-063 Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege 
Microsoft Windows

CVE-2014-4115
KB 2998579 No. Severity:Important
Exploitability: 1
Important Important

 

We will update issues on this page for about a week or so as they evolve.
We appreciate updates


https://isc.sans.edu

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.