Sécurité « Zero-trust »

Rendez le possible

Votre Mission

 

Security Advisory - November 11, 2014

Zscaler Protects against Multiple Memory Corruption in Internet Explorer, Microsoft Office Remote Code Execution, and Windows Audio and SharePoint Privilege Escalation Vulnerabilities

 

 

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 17 vulnerabilities included in the November 2014 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections as necessary.

MS14-065Cumulative Security Update for Internet Explorer

Severity: Critical
Affected Software

  • Internet Explorer 6-11

CVE-2014-4143 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6323 - Internet Explorer Clipboard Information Disclosure Vulnerability
CVE-2014-6337 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6339 - Internet Explorer ASLR Bypass Vulnerability
CVE-2014-6340 - Internet Explorer Cross-domain Information Disclosure Vulnerability
CVE-2014-6341 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6342 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6347 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6348 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6350 - Internet Explorer Elevation of Privilege Vulnerability
CVE-2014-6351 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6353 - Internet Explorer Memory Corruption Vulnerability

Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.

MS14-069Vulnerabilities in Microsoft Office Could Allow Remote Code Execution

Severity: Important
Affected Software

  • Office 2007
  • Word Viewer
  • Microsoft Office Compatibility Pack SP 3

CVE-2014-6333 - Microsoft Office Double Delete Remote Code Execution Vulnerability
CVE-2014-6334 - Microsoft Office Bad Index Remote Code Execution Vulnerability
CVE-2014-6335 - Microsoft Office Invalid Pointer Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the context of the current user that is caused when Microsoft Word improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.

MS14-071Vulnerability in Windows Audio Service Could Allow Elevation of Privilege

Severity: Important
Affected Software

  • Windows Vista SP2
  • Windows Server 2008 SP2
  • Windows 7 SP1
  • Windows 8
  • Windows 8.1
  • Windows Server 2012

CVE-2014-4126 - Windows Audio Service Vulnerability

Description: An elevation of privilege vulnerability exists in the Windows audio service component that could be exploited through Internet Explorer. The vulnerability is caused when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.

MS14-073Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege

Severity: Important
Affected Software

  • SharePoint Server 2010 SP2

CVE-2014-4116 - Windows Audio Service SharePoint Elevation of Privilege Vulnerability

Description: An elevation of privilege vulnerability exists when SharePoint Server does not properly sanitize page content in SharePoint lists. An authenticated attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user. The security update addresses the vulnerability by correcting how SharePoint Server sanitizes modified lists within SharePoint mobile browser view.