Microsoft security alert.
August 12, 2014
Advisory overview
Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 38 vulnerabilities that were fixed in 9 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Vulnerability details
Microsoft has released 9 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
-
Microsoft Windows Media Center Remote Code Execution Vulnerability (MS14-043)
- Severity
- Critical 4
- Qualys ID
- 90968
- Vendor Reference
- MS14-043
- CVE Reference
- CVE-2014-4060
- CVSS Scores
- Base 6.8 / Temporal 5.3
- Description
-
This security update resolves a publicly disclosed vulnerability in Windows Media Center. The security update addresses the vulnerability by modifying how Component Object Model (COM) objects are handled in memory.
The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that invokes Windows Media Center resources.Affected Versions:-
Windows Media Center TV Pack for Windows Vista, all supported editions of Windows 7 except Starter and Home Basic editions, Windows Media Center when installed on Windows 8 Professional edition, and Windows Media Center when installed on Windows 8.1 Professional edition - Consequence
-
An attacker could exploit this vulnerability by placing specially crafted Office files on a remote share or by attaching them to an email. When a user double-clicks the specially crafted file from a computer containing Windows Media Center, the malicious code may be able to run.
An attacker who successfully exploits this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. - Solution
-
Refer to Microsoft Security Bulletin MS14-043 for further details.
Workaround:
Do not open Office files that you receive from untrusted sources or that you receive unexpectedly from trusted sources.Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-043 Windows 7 for 32-bit Systems Service Pack 1
MS14-043 Windows 7 for x64-based Systems Service Pack 1
MS14-043 Windows 8 for 32-bit Systems (Professional edition only)(Windows Media Center)
MS14-043 Windows 8 for x64-based Systems (Professional edition only)(Windows Media Center)
MS14-043 Windows 8.1 for 32-bit Systems(Professional edition only)(Windows Media Center)
MS14-043 Windows 8.1 for x64-based Systems(Professional edition only)(Windows Media Center)
MS14-043 Windows Media Center TV Pack for Windows Vista (32-bit editions)
MS14-043 Windows Media Center TV Pack for Windows Vista (64-bit editions)
-
Microsoft SQL Server Elevation of Privilege and Denial of Service Vulnerability (MS14-044)
- Severity
- Serious 3
- Qualys ID
- 90973
- Vendor Reference
- MS14-044
- CVE Reference
- CVE-2014-1820, CVE-2014-4061
- CVSS Scores
- Base 6.8 / Temporal 5
- Description
-
This security update resolves two privately reported vulnerabilities in Microsoft SQL Server, one in SQL Server Master Data Services and the other in the SQL Server relational database management system.
An XSS vulnerability exists in SQL Master Data Services (MDS) that could allow an attacker to inject a client-side script into the user's instance of Internet Explorer. The script could spoof content, disclose information, or take any action that the user could take on the site on behalf of the targeted user (CVE-2014-1820).
A denial of service vulnerability exists in SQL Server. An attacker who successfully exploited this vulnerability could cause the server to stop responding until a manual reboot is initiated.
This security update is rated Important for supported editions of Microsoft SQL Server 2008 Service Pack 3, Microsoft SQL Server 2008 R2 Service Pack 2, and Microsoft SQL Server 2012 Service Pack 1; it is also rated Important for Microsoft SQL Server 2014 for x64-based Systems.
- Consequence
- Successfully exploiting these vulnerabilities could allow a remote attacker to gain escalated privileges or cause denial of service like conditions.
- Solution
-
Refer to MS14-044.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-044 Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 2
MS14-044 Microsoft SQL Server 2008 R2 for Itanium-based Systems Service Pack 2
MS14-044 Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 2
MS14-044 Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3
MS14-044 Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 3
MS14-044 Microsoft SQL Server 2008 for x64-based Systems Service Pack 3
MS14-044 Microsoft SQL Server 2012 for 32-bit Systems Service Pack 1
MS14-044 Microsoft SQL Server 2012 for x64-based Systems Service Pack 1
MS14-044 Microsoft SQL Server 2014 for x64-based Systems
-
Microsoft Windows Kernel-Mode Drivers Elevation of Privilege Vulnerability (MS14-045)
- Severity
- Critical 4
- Qualys ID
- 90972
- Vendor Reference
- MS14-045
- CVE Reference
- CVE-2014-0318, CVE-2014-1819, CVE-2014-4064
- CVSS Scores
- Base 7.2 / Temporal 5.3
- Description
-
The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling.
The kernel is prone to the following vulnerabilities:
- An elevation of privilege vulnerability exists when the Windows kernel-mode driver improperly handles window handle thread-owned objects.
- An elevation of privilege vulnerability exists in the way that the affected component handles objects from specially crafted font files.
NOTE: Microsoft revised the bulletin to remove the Download Center links for Microsoft security update 2982791.
Microsoft recommends that customers uninstall patch KB2982791 due to known issues. A replacement KB2993651 patch is now available to mitigate the vulnerability .
Source: KB2993651 for further information.This security update is rated Important for all supported releases of Microsoft Windows.
Affected Software:
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT and Windows RT 8.1 - Consequence
- An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
- Solution
-
Refer to MS14-045 for further information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-045 Windows 7 for 32-bit Systems Service Pack 1
MS14-045 Windows 7 for 32-bit Systems Service Pack 1
MS14-045 Windows 7 for x64-based Systems Service Pack 1
MS14-045 Windows 7 for x64-based Systems Service Pack 1
MS14-045 Windows 8 for 32-bit Systems
MS14-045 Windows 8 for 32-bit Systems
MS14-045 Windows 8 for x64-based Systems
MS14-045 Windows 8 for x64-based Systems
MS14-045 Windows 8.1 for 32-bit Systems
MS14-045 Windows 8.1 for 32-bit Systems
MS14-045 Windows 8.1 for x64-based Systems
MS14-045 Windows 8.1 for x64-based Systems
MS14-045 Windows Server 2003 Service Pack 2
MS14-045 Windows Server 2003 with SP2 for Itanium-based Systems
MS14-045 Windows Server 2003 x64 Edition Service Pack 2
MS14-045 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS14-045 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS14-045 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-045 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-045 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-045 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
MS14-045 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-045 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-045 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-045 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-045 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS14-045 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS14-045 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-045 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-045 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-045 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
MS14-045 Windows Server 2012
MS14-045 Windows Server 2012
MS14-045 Windows Server 2012
MS14-045 Windows Server 2012 (Server Core installation)
MS14-045 Windows Server 2012 R2
MS14-045 Windows Server 2012 R2
MS14-045 Windows Server 2012 R2
MS14-045 Windows Server 2012 R2
MS14-045 Windows Vista Service Pack 2
MS14-045 Windows Vista Service Pack 2
MS14-045 Windows Vista x64 Edition Service Pack 2
MS14-045 Windows Vista x64 Edition Service Pack 2
-
Microsoft .Net Framework Security Feature Bypass Vulnerability (MS14-046)
- Severity
- Serious 3
- Qualys ID
- 90971
- Vendor Reference
- MS14-046
- CVE Reference
- CVE-2014-4062
- CVSS Scores
- Base 4.3 / Temporal 3.2
- Description
-
A security feature bypass vulnerability exists in the Microsoft .NET Framework that could allow an attacker to bypass the Address Space Layout Randomization (ASLR) security feature, which helps protect users from a broad class of vulnerabilities. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this ASLR bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, that could take advantage of the ASLR bypass to run arbitrary code (CVE-2014-4062).
This security update is rated Important for Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.0 Service Pack 2, Microsoft .NET Framework 3.5, and Microsoft .NET Framework 3.5.1 on affected releases of Microsoft Windows.
- Consequence
- Successfully exploiting this vulnerability could allow an attacker to bypass the ASLR security feature.
- Solution
-
Refer to MS14-046.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-046 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-046 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-046 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-046 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-046 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-046 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-046 Windows 8 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-046 Windows 8 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-046 Windows 8.1 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-046 Windows 8.1 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-046 Windows 8.1 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-046 Windows 8.1 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-046 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-046 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-046 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-046 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-046 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS14-046 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS14-046 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-046 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS14-046 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-046 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS14-046 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-046 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS14-046 Windows Server 2012(Microsoft .NET Framework 3.5)
MS14-046 Windows Server 2012(Microsoft .NET Framework 3.5)
MS14-046 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-046 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-046 Windows Server 2012 R2(Microsoft .NET Framework 3.5)
MS14-046 Windows Server 2012 R2(Microsoft .NET Framework 3.5)
MS14-046 Windows Server 2012 R2 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-046 Windows Server 2012 R2 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-046 Windows Vista Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-046 Windows Vista Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS14-046 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-046 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
-
Microsoft Windows LRPC Security Feature Bypass Vulnerability (MS14-047)
- Severity
- Serious 3
- Qualys ID
- 90969
- Vendor Reference
- MS14-047
- CVE Reference
- CVE-2014-0316
- CVSS Scores
- Base 7.5 / Temporal 5.5
- Description
-
Local RPC (LRPC) is a component of Microsoft RPC. LRPC internally uses LPC as the transport mechanism for passing messages between the two processes.
Microsoft Windows is exposed to a security vulnerability which is caused when RPC improperly frees messages that the server rejects as malformed, allowing an attacker to fill up the address space of a process.
This security update is rated Important for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT, and Windows RT 8.1.
Note: Customers running Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1 must first install the 2919355 update released in April, 2014 before this update.
- Consequence
- If this vulnerability is successfully exploited, attackers can bypass the ASLR security feature, which protects users from a broad class of vulnerabilities.
- Solution
-
Refer to MS14-047 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-047 Windows 7 for 32-bit Systems Service Pack 1
MS14-047 Windows 7 for x64-based Systems Service Pack 1
MS14-047 Windows 8 for 32-bit Systems
MS14-047 Windows 8 for x64-based Systems
MS14-047 Windows 8.1 for 32-bit Systems
MS14-047 Windows 8.1 for x64-based Systems
MS14-047 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS14-047 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-047 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-047 Windows Server 2012
MS14-047 Windows Server 2012
MS14-047 Windows Server 2012 R2
MS14-047 Windows Server 2012 R2
-
Microsoft OneNote Remote Code Execution Vulnerability (MS14-048)
- Severity
- Critical 4
- Qualys ID
- 110239
- Vendor Reference
- MS14-048
- CVE Reference
- CVE-2014-2815
- CVSS Scores
- Base 9.3 / Temporal 7.3
- Description
-
Microsoft OneNote 2007 is a digital notebook that provides people with one place to gather their notes and information, powerful search capability to find what they are looking for quickly, and easy-to-use shared notebooks so that they can manage information overload and work together more effectively.
Microsoft OneNote 2007 is prone to a remote code execution vulnerability because the application fails to properly handle specially crafted OneNote files.
Microsoft has released a security update that addresses the vulnerability by correcting the way that Microsoft OneNote parses specially crafted files.
This security update is rated Important for all supported editions of Microsoft OneNote 2007.
- Consequence
- If this vulnerability is successfully exploited, attackers can execute arbitrary code with the privileges of the current user.
- Solution
-
Please refer Microsoft's advisory MS14-048 for more details about patches.
Workaround:
Do not open OneNote files that you receive from untrusted sources or that you receive unexpectedly from trusted sources.Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-048 Microsoft OneNote 2007 Service Pack 3
-
Windows Installer Service Elevation of Privilege Vulnerability (MS14-049)
- Severity
- Serious 3
- Qualys ID
- 90970
- Vendor Reference
- MS14-049
- CVE Reference
- CVE-2014-1814
- CVSS Scores
- Base 7.2 / Temporal 5.3
- Description
-
The Microsoft Windows Installer is an installation and configuration service provided with Windows. The installer service enables customers to provide better corporate deployment and provides a standard format for component management.
The security update addresses the vulnerability by correcting the way that the Windows Installer service handles installation and repair scenarios.
This security update is rated Important for all supported releases of Microsoft Windows.
Note: Customers running Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1 must first install the 2919355 update released in April, 2014 before installing the 2918614 update.
- Consequence
- If this vulnerability is successfully exploited, attackers can run arbitrary code in kernel mode.
- Solution
-
Refer to MS14-049 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-049 Windows 7 for 32-bit Systems Service Pack 1
MS14-049 Windows 7 for x64-based Systems Service Pack 1
MS14-049 Windows 8 for 32-bit Systems
MS14-049 Windows 8 for x64-based Systems
MS14-049 Windows 8.1 for 32-bit Systems
MS14-049 Windows 8.1 for x64-based Systems
MS14-049 Windows Server 2003 Service Pack 2
MS14-049 Windows Server 2003 with SP2 for Itanium-based Systems
MS14-049 Windows Server 2003 x64 Edition Service Pack 2
MS14-049 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS14-049 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-049 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-049 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-049 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-049 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS14-049 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-049 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-049 Windows Server 2012
MS14-049 Windows Server 2012
MS14-049 Windows Server 2012 R2
MS14-049 Windows Server 2012 R2
MS14-049 Windows Vista Service Pack 2
MS14-049 Windows Vista x64 Edition Service Pack 2
-
Microsoft SharePoint Server Elevation of Privilege Vulnerability (MS14-050)
- Severity
- Critical 4
- Qualys ID
- 110240
- Vendor Reference
- MS14-050
- CVE Reference
- CVE-2014-2816
- CVSS Scores
- Base 9.3 / Temporal 6.9
- Description
-
Microsoft SharePoint Server is prone to an elevation of privilege vulnerability.
The vulnerability is caused when SharePoint Server does not properly handle a specially crafted app that uses the SharePoint extensibility model to execute arbitrary JavaScript on behalf of the user. Conditions exist where an app could bypass app permission management and run arbitrary code in the security context of the logged-on user.
Microsoft has released a security update that addresses the vulnerability by correcting how SharePoint Server sanitizes specially crafted applications (apps) that use custom actions.
The security update is rated Important for supported editions of Microsoft SharePoint Server 2013 and Microsoft SharePoint Foundation 2013.
- Consequence
- An authenticated attacker who successfully exploits this vulnerability could use a specially crafted app to run arbitrary JavaScript in the context of the user on the current SharePoint site.
- Solution
-
Refer to MS14-050 for more information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-050 Microsoft SharePoint Server 2013(Microsoft SharePoint Foundation 2013)
MS14-050 Microsoft SharePoint Server 2013(Microsoft SharePoint Server 2013)
MS14-050 Microsoft SharePoint Server 2013 Service Pack 1(Microsoft SharePoint Foundation 2013 Service Pack 1)
MS14-050 Microsoft SharePoint Server 2013 Service Pack 1(Microsoft SharePoint Server 2013 Service Pack 1)
-
Microsoft Internet Explorer Cumulative Security Update (MS14-051)
- Severity
- Urgent 5
- Qualys ID
- 100208
- Vendor Reference
- MS14-051
- CVE Reference
- CVE-2014-2774, CVE-2014-2784, CVE-2014-2796, CVE-2014-2808, CVE-2014-2810, CVE-2014-2811, CVE-2014-2817, CVE-2014-2818, CVE-2014-2819, CVE-2014-2820, CVE-2014-2821, CVE-2014-2822, CVE-2014-2823, CVE-2014-2824, CVE-2014-2825, CVE-2014-2826, CVE-2014-2827, CVE-2014-4050, CVE-2014-4051, CVE-2014-4052, CVE-2014-4055, CVE-2014-4056, CVE-2014-4057, CVE-2014-4058, CVE-2014-4063, CVE-2014-4067, CVE-2014-8985
- CVSS Scores
- Base 9.3 / Temporal 8.1
- Description
-
Microsoft Internet Explorer is a graphical web browser developed by Microsoft and included as part of the Microsoft Windows operating systems.
Multiple elevation of privilege vulnerabilities exist in Internet Explorer. These vulnerabilities are caused when Internet Explorer does not properly validate permissions under specific conditions, potentially allowing script to be run with elevated privileges.
Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory.
This security update is rated Critical for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, Moderate for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.
- Consequence
- An attacker who successfully exploits these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploits these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Solution
-
Please refer to MS14-051 for more details.
Workaround:
- Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone.
- Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones.Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-051 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 10)
MS14-051 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 11)
MS14-051 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 8)
MS14-051 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 9)
MS14-051 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 10)
MS14-051 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 11)
MS14-051 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 8)
MS14-051 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 9)
MS14-051 Windows 8 for 32-bit Systems(Internet Explorer 10)
MS14-051 Windows 8 for x64-based Systems(Internet Explorer 10)
MS14-051 Windows 8.1 for 32-bit Systems(Internet Explorer 11)
MS14-051 Windows 8.1 for x64-based Systems(Internet Explorer 11)
MS14-051 Windows Server 2003 Service Pack 2(Internet Explorer 6)
MS14-051 Windows Server 2003 Service Pack 2(Internet Explorer 7)
MS14-051 Windows Server 2003 Service Pack 2(Internet Explorer 8)
MS14-051 Windows Server 2003 with SP2 for Itanium-based Systems(Internet Explorer 6)
MS14-051 Windows Server 2003 with SP2 for Itanium-based Systems(Internet Explorer 7)
MS14-051 Windows Server 2003 x64 Edition Service Pack 2(Internet Explorer 6)
MS14-051 Windows Server 2003 x64 Edition Service Pack 2(Internet Explorer 7)
MS14-051 Windows Server 2003 x64 Edition Service Pack 2(Internet Explorer 8)
MS14-051 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Internet Explorer 8)
MS14-051 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 10)
MS14-051 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 11)
MS14-051 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 8)
MS14-051 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 9)
MS14-051 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 7)
MS14-051 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 8)
MS14-051 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 9)
MS14-051 Windows Server 2008 for Itanium-based Systems Service Pack 2(Internet Explorer 7)
MS14-051 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 7)
MS14-051 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 8)
MS14-051 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 9)
MS14-051 Windows Server 2012(Internet Explorer 10)
MS14-051 Windows Server 2012 R2(Internet Explorer 11)
MS14-051 Windows Vista Service Pack 2(Internet Explorer 7)
MS14-051 Windows Vista Service Pack 2(Internet Explorer 8)
MS14-051 Windows Vista Service Pack 2(Internet Explorer 9)
MS14-051 Windows Vista x64 Edition Service Pack 2(Internet Explorer 7)
MS14-051 Windows Vista x64 Edition Service Pack 2(Internet Explorer 8)
MS14-051 Windows Vista x64 Edition Service Pack 2(Internet Explorer 9)
These new vulnerability checks are included in Qualys vulnerability signature 2.2.793-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
Selective Scan Instructions Using Qualys
To perform a selective vulnerability scan, configure a scan profile to use the following options:
- Ensure access to TCP ports 135 and 139 are available.
- Enable Windows Authentication (specify Authentication Records).
-
Enable the following Qualys IDs:
- 90968
- 90973
- 90972
- 90971
- 90969
- 110239
- 90970
- 110240
- 100208
- If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
- If you would like to be notified if Qualys is unable to log on to a host (if Authentication fails), also include QID 105015.
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Access for Qualys Customers
Platforms and Platform Identification
Technical Support
For more information, customers may contact Qualys Technical Support.
About Qualys
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.