Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 26 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Final patches for XP issued on Patch Tuesday

by The Gurus
April 9, 2014
in Editor's News
Share on FacebookShare on Twitter

Microsoft released four patches on its final day of support for Windows XP last night.
 
Addressing issues in Windows, Internet Explorer and Office, the critical-rated MS14-018 addresses six vulnerabilities in Internet Explorer (IE) and affects all versions from IE6 to IE11, while patches were issued for XP service pack 3.
 
Wolfgang Kandek, CTO of Qualys, said: “Microsoft gives this bulletin an exploitability index rating of “1”, meaning that attacks can be expected with the next 30 days. The attack vector would be a malicious webpage that the user has to browse. Patch together with MS14-017.”
 
Kandek described MS14-017 as “the top bulletin” as this addresses three vulnerabilities in Microsoft Word, including the zero-day in the RTF (Rich Text Format) parser. “The problem was first disclosed by Microsoft in KB2953095 on March 24th, where Microsoft acknowledges the existence of exploits in the wild,” he said.
 
“Microsoft credits the Google Security team with the discovery. As a workaround Microsoft recommends disabling the opening of RTF files with Word, which can be automated with the provided FixIt MSI. The exploit has since been circulated widely and can be found on VirusTotal, meaning we are pretty close to a much wider usage by attackers. The attack vector is a self-contained RTF document that the user has to open with Microsoft Word, resulting in Remote Code Execution (RCE).  Our recommendation: Patch Microsoft Word as quickly as possible.”
 
Craig Young, security researcher at Tripwire, said: “The top priority for most administrators will be to apply MS14-017 to fix CVE-2014-1761, the Word vulnerability, because it’s currently being exploited in the wild.
 
“As always, the Internet Explorer fix, MS14-018 should also be treated with high priority because attackers have become very adept at quickly creating IE exploits by reversing patches.
 
“Microsoft has blocked off a potential attack vector with MS14-019 which could allow context-dependent attackers to execute attacker-controlled code within poorly implemented programs. Similar to DLL preloading, this attack vector relies on a process loading executable code from an untrusted path.”
 
Kandek said: “MS14-019 and MS14-020 are bulletins that cover Windows and Microsoft Publisher. Both provide Remote Code Execution to an attacker, but have lower viability than MS14-017 or MS14-018. The Windows vulnerability only works under very special conditions and Publisher in only sparsely installed and does not have any known exploits. Patch within your normal patch cycle.”
 
Ross Barrett, senior manager of security engineering at Rapid7, said: “The top story in these advisories is actually the Word issue, MS14-017. One of the issues addressed by this fix is under active exploitation in the wild and has already been temporarily addressed in security advisory 2953095.  The 2953095 fix is a complete, but heavy handed fix and Microsoft is advising that it can be removed safely before or after installing the MS14-017 patch in order to restore full rich text format functionality.  None of the other advisories feature attacks under active exploitation.
 
“MS14-019 is
definitely the lowest priority, in that a user would have to be enticed into executing a batch file on a malicious network share.  Exploitation of this vulnerability is two steps of misdirection removed from reality.  Nothing to ignore, but not a top tier, urgent concern.”
 

FacebookTweetLinkedIn
ShareTweet
Previous Post

Heartbleed – Wide Open SSL

Next Post

User advice to change passwords described as premature

Recent News

CREST and IASME announce partnership with the NCSC to deliver Cyber Incident Exercising scheme

September 26, 2023
partnership

Cyberelements Partners with ABC Distribution Partners to Revolutionise Privileged Access Management in Europe

September 26, 2023
Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

September 25, 2023
Nurturing Our Cyber Talent

Nurturing Our Cyber Talent

September 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information