DTX Manchester DTX Manchester
  • About Us
Tuesday, 26 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Eight patches from Microsoft, including anti-Sandworm fix

by The Gurus
October 15, 2014
in Editor's News
Share on FacebookShare on Twitter

Microsoft released three critical patches last night, including a fix for the flaw being exploited by the sandworm gang.
 
As part of what it now calls Update Tuesday, Microsoft said in an advisory that the three critical-rated and five important patches will address 24 Common Vulnerabilities and Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET and Internet Explorer. “We encourage you to apply all of these updates, but for those who need to prioritise deployment planning, we recommend focusing on the Critical updates first,” it said.
 
Wolfgang Kandek, CTO of Qualys, said that this mainly focuses on desktop software with the attack vector targeting end-users.
 
He said: “Several of the vulnerabilities are in use by attackers in the wild and should receive an extra urgent treatment by both enterprises and end-users alike. Overall, five of the eight bulletins allow for remote code execution (RCE) attacks, a higher than usual number. Microsoft had originally announced nine bulletins, but the vulnerability in Office rated as moderate in Bulletin #4 will be held back.”
 
Commentators agreed that the critical-rated MS14-058 should be the highest priority. Russ Ernst, director of product management at Lumension, said: “It patches two CVEs in Windows Kernel-Mode Driver that could allow a remote code execution. Note this is under active attack and is applicable to all shipping versions of Windows, including the Server Core installations of Windows Server 2008 and Windows Server 2012, so it should be patched quickly.”
 
Karl Sigler, threat intelligence manager at Trustwave, said: “The final critical bulletin in this release patches two vulnerabilities in the Windows Kernel-Mode Driver. The first vulnerability allows for privilege escalation for a currently logged in user due to memory corruption. The second vulnerability allows for arbitrary remote code execution because of the mishandling of TrueType fonts. To exploit the RCE vulnerability an attacker would need the victim to simply view a document with a maliciously crafted TrueType font. This could be a webpage or any office document.”
 
The fix for the flaw being exploited by the Sandworm gang is MS14-060. Rated important, Kandek said: “This bulletin fixes a vulnerability (CVE-2014-4114) that has been actively targeted in the wild and may lead to malicious programs being executed on victim machines. Using a UAC setting to ‘Always Prompt’ helps mitigate the impact of this vulnerability.”
 
Patch updates were also released by Oracle and Adobe last night.
 

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: FlawMicrosoftPatchSandwormWindows
ShareTweetShare
Previous Post

ISSE 2014 – J-CAT to build own encrypted system for intelligence sharing

Next Post

Worldpay launches risk assessment tool

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

Effective ways to prevent payroll fraud

Effective ways to prevent payroll fraud

January 25, 2021
Surveillance Camera on a wall

ADT Technician Watched Customers in their Homes

January 25, 2021
Up close image of a hand on a keyboard.

Hackers exploit U.S. Agency Supply Chain

January 25, 2021
Ripped paper heart

2.28 million MeetMindful users’ data leaked by hacker

January 25, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept