ID: IRCNE2014102340
Date: 2014-10-15
According to “ZDNet”, Microsoft has released eight security bulletins and updates to address them. A total of 24 vulnerabilities are addressed in these updates, three of which are rated Critical.
- MS14-056, MS14-058 and MS14-060 all fix vulnerabilities which have been exploited in the wild for some time. MS14-056 and MS14-058 are rated Critical by Microsoft and MS14-060 gets a lesser Important rating. See Multiple active zero-day vulnerabilities patched today for more details on some of these attacks.
- MS14-056: Cumulative Security Update for Internet Explorer (2987107) — 14 of the 24 vulnerabilities fixed today are in this update. One of them has already been exploited in the wild. Note that today's new versions of IE 10 and 11 also include a new version of Adobe Flash Player.
- MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414) — This update fixes three vulnerabilities, at least one of which affects all supported versions of .NET and Windows. The most severe is a remote control execution bug that could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application.
- MS14-058: Vulnerability in Kernel-Mode Driver Could Allow Remote Code Execution (3000061) — This update fixes two vulnerabilities reported by FireEye which could be used to gain privileged access and to execute remote code.
- MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942) — An attacker who convinced a user to click on a link to a malicious web site could then use that access to exploit other web sites.
- MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869) — An attacker who convinced a user to open a malicious Office document could gain remote code execution.
- MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) — A malicious Word document could be used to compromise the user who opened it.
- MS14-062: Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254) — A specially crafted input/output control (IOCTL) request to the Message Queuing service could cause elevation of privilege.
- MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege (2998579) — Windows Server 2003, Windows Vista, and Windows Server 2008 could be compromised through improper management of FAT32 partitions.
Finally, there is a new version of the Windows Malicious Software Removal Tool. As described by Microsoft, this version addresses many new families of malware: Win32/Hikiti, Win32/Mdmbot, Win32/Moudoor, Win32/Plugx, Win32/Sensode, and Win32/Derusbi.
- 4