Microsoft Security Bulletin: October 14

Advisory overview

Qualys Vulnerability R&D Lab has released new vulnerability checks in the Qualys Cloud Platform to protect organizations against 24 vulnerabilities that were fixed in 8 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.

Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.

Vulnerability details

Microsoft has released 8 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:

Microsoft Internet Explorer Cumulative Security Update (MS14-056)

Severity

Urgent 5

Qualys ID

100212

Vendor Reference

MS14-056

CVE Reference

CVE-2014-4123, CVE-2014-4124, CVE-2014-4126, CVE-2014-4127, CVE-2014-4128, CVE-2014-4129, CVE-2014-4130, CVE-2014-4132, CVE-2014-4133, CVE-2014-4134, CVE-2014-4137, CVE-2014-4138, CVE-2014-4140, CVE-2014-4141

CVSS Scores

Base 9.3 / Temporal 7.7

Description

Microsoft Internet Explorer is a graphical web browser developed by Microsoft and included as part of the Microsoft Windows operating systems.
This security update resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution.
This security update is rated Critical for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.

Consequence

An attacker who successfully exploits these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Solution

Refer to Microsoft Security Bulletin MS14-056 for details.

Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-056 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 10)
MS14-056 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 11)
MS14-056 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 8)
MS14-056 Windows 7 for 32-bit Systems Service Pack 1(Internet Explorer 9)
MS14-056 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 10)
MS14-056 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 11)
MS14-056 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 8)
MS14-056 Windows 7 for x64-based Systems Service Pack 1(Internet Explorer 9)
MS14-056 Windows 8 for 32-bit Systems(Internet Explorer 10)
MS14-056 Windows 8 for x64-based Systems(Internet Explorer 10)
MS14-056 Windows 8.1 for 32-bit Systems(Internet Explorer 11)
MS14-056 Windows 8.1 for x64-based Systems(Internet Explorer 11)
MS14-056 Windows Server 2003 Service Pack 2(Internet Explorer 6)
MS14-056 Windows Server 2003 Service Pack 2(Internet Explorer 7)
MS14-056 Windows Server 2003 Service Pack 2(Internet Explorer 8)
MS14-056 Windows Server 2003 with SP2 for Itanium-based Systems(Internet Explorer 6)
MS14-056 Windows Server 2003 with SP2 for Itanium-based Systems(Internet Explorer 7)
MS14-056 Windows Server 2003 x64 Edition Service Pack 2(Internet Explorer 6)
MS14-056 Windows Server 2003 x64 Edition Service Pack 2(Internet Explorer 7)
MS14-056 Windows Server 2003 x64 Edition Service Pack 2(Internet Explorer 8)
MS14-056 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Internet Explorer 8)
MS14-056 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 10)
MS14-056 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 11)
MS14-056 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 8)
MS14-056 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Internet Explorer 9)
MS14-056 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 7)
MS14-056 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 8)
MS14-056 Windows Server 2008 for 32-bit Systems Service Pack 2(Internet Explorer 9)
MS14-056 Windows Server 2008 for Itanium-based Systems Service Pack 2(Internet Explorer 7)
MS14-056 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 7)
MS14-056 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 8)
MS14-056 Windows Server 2008 for x64-based Systems Service Pack 2(Internet Explorer 9)
MS14-056 Windows Server 2012(Internet Explorer 10)
MS14-056 Windows Server 2012 R2(Internet Explorer 11)
MS14-056 Windows Vista Service Pack 2(Internet Explorer 7)
MS14-056 Windows Vista Service Pack 2(Internet Explorer 8)
MS14-056 Windows Vista Service Pack 2(Internet Explorer 9)
MS14-056 Windows Vista x64 Edition Service Pack 2(Internet Explorer 7)
MS14-056 Windows Vista x64 Edition Service Pack 2(Internet Explorer 8)
MS14-056 Windows Vista x64 Edition Service Pack 2(Internet Explorer 9)
Microsoft .Net Framework Remote Code Execution Vulnerability (MS14-057)

Severity

Critical 4

Qualys ID

90982

Vendor Reference

MS14-057

CVE Reference

CVE-2014-4073, CVE-2014-4121, CVE-2014-4122

CVSS Scores

Base 10 / Temporal 8.3

Description

The Microsoft .NET Framework is a software framework for computers running Microsoft Windows operating systems.
A remote code execution vulnerability exists in the way that Microsoft .NET Framework improperly parses internationalized resource identifiers. An attacker who successfully exploits this vulnerability could take complete control of an affected system (CVE-2014-4121).
A security feature bypass vulnerability exists in Microsoft .NET Framework that could allow an attacker to bypass the Address Space Layout Randomization (ASLR) security feature, which helps protect users from a broad class of vulnerabilities (CVE-2014-4122).
An elevation of privilege vulnerability exists in Microsoft .NET Framework that could allow an attacker to elevate privileges on the targeted system (CVE-2014-4073).
This security update is rated Critical for Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4, and Microsoft .NET Framework 4.5/4.5.1/4.5.2 on affected releases of Microsoft Windows.

Consequence

Successfully exploiting these vulnerabilities might allow a remote attacker to execute arbitrary code, gain escalated privileges or bypass ASLR on the target.

Solution

Refer to Microsoft Security Bulletin MS14-057 for further details.

Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-057 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 4)
MS14-057 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 4)
MS14-057 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS14-057 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS14-057 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8 for 32-bit Systems(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows 8 for 32-bit Systems(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows 8 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8 for x64-based Systems(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows 8 for x64-based Systems(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows 8.1 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8.1 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8.1 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8.1 for 32-bit Systems(Microsoft .NET Framework 4.5.1/4.5.2)
MS14-057 Windows 8.1 for 32-bit Systems(Microsoft .NET Framework 4.5.1/4.5.2)
MS14-057 Windows 8.1 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8.1 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8.1 for x64-based Systems(Microsoft .NET Framework 3.5)
MS14-057 Windows 8.1 for x64-based Systems(Microsoft .NET Framework 4.5.1/4.5.2)
MS14-057 Windows 8.1 for x64-based Systems(Microsoft .NET Framework 4.5.1/4.5.2)
MS14-057 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 4)
MS14-057 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 4)
MS14-057 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2012(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2012(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Server 2012 R2(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 R2(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 R2(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 R2(Microsoft .NET Framework 4.5.1/4.5.2)
MS14-057 Windows Server 2012 R2(Microsoft .NET Framework 4.5.1/4.5.2)
MS14-057 Windows Server 2012 R2 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 R2 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 R2 (Server Core installation)(Microsoft .NET Framework 3.5)
MS14-057 Windows Server 2012 R2 (Server Core installation)(Microsoft .NET Framework 4.5.1/4.5.2)
MS14-057 Windows Server 2012 R2 (Server Core installation)(Microsoft .NET Framework 4.5.1/4.5.2)
MS14-057 Windows Vista Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Vista Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Vista Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Vista Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Vista Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Vista Service Pack 2(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Vista Service Pack 2(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS14-057 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS14-057 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
MS14-057 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4.5/4.5.1/4.5.2)
Microsoft Windows Kernel-Mode Driver Remote Code Execution Vulnerability (MS14-058)

Severity

Urgent 5

Qualys ID

90983

Vendor Reference

MS14-058

CVE Reference

CVE-2014-4113, CVE-2014-4148

CVSS Scores

Base 9.3 / Temporal 8.1

Description

The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling.
The kernel is prone to the following vulnerabilities:
- An elevation of privilege vulnerability exists when the Windows kernel-mode driver improperly handles objects in memory.
- A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.
This security update is ratedCritical for all supported releases of Microsoft Windows.
Affected Software:
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 (server core installation)
Windows Server 2012 R2 (server core installation)

Consequence

An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

Solution

Refer to MS14-058 for further information.

Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-058 Windows 7 for 32-bit Systems Service Pack 1
MS14-058 Windows 7 for x64-based Systems Service Pack 1
MS14-058 Windows 8 for 32-bit Systems
MS14-058 Windows 8 for x64-based Systems
MS14-058 Windows 8.1 for 32-bit Systems
MS14-058 Windows 8.1 for x64-based Systems
MS14-058 Windows Server 2003 Service Pack 2
MS14-058 Windows Server 2003 with SP2 for Itanium-based Systems
MS14-058 Windows Server 2003 x64 Edition Service Pack 2
MS14-058 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS14-058 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-058 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-058 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-058 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-058 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS14-058 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-058 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-058 Windows Server 2012
MS14-058 Windows Server 2012
MS14-058 Windows Server 2012 R2
MS14-058 Windows Server 2012 R2
MS14-058 Windows Vista Service Pack 2
MS14-058 Windows Vista x64 Edition Service Pack 2
Microsoft ASP.NET MVC Security Feature Bypass Vulnerability (MS14-059)

Severity

Critical 4

Qualys ID

90984

Vendor Reference

MS14-059

CVE Reference

CVE-2014-4075

CVSS Scores

Base 4.3 / Temporal 3.2

Description

ASP.NET MVC (Model View Controller) is a patterns-based toolset for building dynamic websites that enables a clean separation of concerns and that gives customers full control over markup for enjoyable, agile development. ASP.NET MVC includes many features that enable fast, TDD-friendly development for creating sophisticated applications that use the latest web standards.
A cross-site scripting (XSS) vulnerability exists in ASP.NET MVC that can allow an attacker to inject a client-side script into the users web browser.
This security update is rated Important for all supported releases of Microsoft Windows.
Affected Software:
ASP.NET MVC 2.0
ASP.NET MVC 3.0
ASP.NET MVC 4.0
ASP.NET MVC 5.0
ASP.NET MVC 5.1

Consequence

An attacker who successfully exploits this vulnerability can inject a client-side script into the users instance of Internet Explorer. The script can spoof content, disclose information, or take any action that the user could take on the site on behalf of the targeted user.

Solution

Refer to MS14-059 for further information.

Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-059 ASP.NET MVC 2.0
MS14-059 ASP.NET MVC 3.0
MS14-059 ASP.NET MVC 4.0
MS14-059 ASP.NET MVC 5.0
MS14-059 ASP.NET MVC 5.1
Microsoft Windows OLE Remote Code Execution Vulnerability (MS14-060)

Severity

Critical 4

Qualys ID

90979

Vendor Reference

MS14-060

CVE Reference

CVE-2014-4114

CVSS Scores

Base 9.3 / Temporal 8.1

Description

The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. This vulnerability is caused when a user downloads, or receives, and then opens a specially crafted Microsoft Office file which contains OLE objects.
The security update addresses the vulnerability by modifying the way that OLE objects are activated in Windows.
This security update is rated Important for all supported releases of Microsoft Windows.
Affected Versions:-
Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 and Windows 8.1, Windows Server 2012 and Windows Server 2012 R2, Windows RT and Windows RT 8.1

Consequence

An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Solution

N/A Workaround:
1. Disable the WebClient service
2. Block TCP ports 139 and 445
3. Block the launching of executables via Setup information files

Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-060 Windows 7 for 32-bit Systems Service Pack 1
MS14-060 Windows 7 for x64-based Systems Service Pack 1
MS14-060 Windows 8 for 32-bit Systems
MS14-060 Windows 8 for x64-based Systems
MS14-060 Windows 8.1 for 32-bit Systems
MS14-060 Windows 8.1 for x64-based Systems
MS14-060 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS14-060 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS14-060 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-060 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS14-060 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-060 Windows Server 2012
MS14-060 Windows Server 2012 R2
MS14-060 Windows Vista Service Pack 2
MS14-060 Windows Vista x64 Edition Service Pack 2
Microsoft Word and Office Web Apps Remote Code Execution Vulnerability (MS14-061)

Severity

Critical 4

Qualys ID

110241

Vendor Reference

MS14-061

CVE Reference

CVE-2014-4117

CVSS Scores

Base 9.3 / Temporal 6.9

Description

A remote code execution vulnerability exists in the way that Microsoft Office software parses certain properties of Microsoft Word files. Microsoft has released a security update that addresses the vulnerability by correcting the way that Microsoft Office parses specially crafted files.
This security update is rated Important for supported editions of Microsoft Word 2007, Microsoft Office 2007, Microsoft Word 2010, Microsoft Office 2010, Microsoft Office for Mac 2011, Microsoft Office Compatibility Pack, Word Automation Services, and Microsoft Office Web Apps Server 2010.

Consequence

An attacker who successfully exploits the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Solution

Refer to Microsoft Security Bulletin MS14-061 for details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-061 Microsoft Office 2007 Service Pack 3(Microsoft Word 2007 Service Pack 3)
MS14-061 Microsoft Office 2007 Service Pack 3
MS14-061 Microsoft Office 2010 Service Pack 1 (32-bit editions)(Microsoft Word 2010 Service Pack 1 (32-bit editions))
MS14-061 Microsoft Office 2010 Service Pack 1 (32-bit editions)
MS14-061 Microsoft Office 2010 Service Pack 1 (64-bit editions)(Microsoft Word 2010 Service Pack 1 (64-bit editions))
MS14-061 Microsoft Office 2010 Service Pack 1 (64-bit editions)
MS14-061 Microsoft Office 2010 Service Pack 2 (32-bit editions)(Microsoft Word 2010 Service Pack 2 (32-bit editions))
MS14-061 Microsoft Office 2010 Service Pack 2 (32-bit editions)
MS14-061 Microsoft Office 2010 Service Pack 2 (64-bit editions)(Microsoft Word 2010 Service Pack 2 (64-bit editions))
MS14-061 Microsoft Office 2010 Service Pack 2 (64-bit editions)
MS14-061 Microsoft Office Compatibility Pack Service Pack 3
MS14-061 Microsoft Office Web Apps 2010(Microsoft Office Web Apps Server 2010)
MS14-061 Microsoft Office Web Apps 2010 Service Pack 1(Microsoft Office Web Apps Server 2010 Service Pack 1)
MS14-061 Microsoft Office Web Apps 2010 Service Pack 2(Microsoft Office Web Apps Server 2010 Service Pack 2)
MS14-061 Microsoft Office for Mac 2011
MS14-061 Microsoft SharePoint Server 2010 Service Pack 1(Word Automation Services)
MS14-061 Microsoft SharePoint Server 2010 Service Pack 2(Word Automation Services)
Microsoft Windows Message Queuing Service Elevation of Privilege Vulnerability (MS14-062)

Severity

Serious 3

Qualys ID

90981

Vendor Reference

MS14-062

CVE Reference

CVE-2014-4971

CVSS Scores

Base 7.2 / Temporal 6

Description

Microsoft Message Queuing technology enables applications that are running at different times to communicate across heterogeneous networks and across systems that may be temporarily offline.
An elevation of privilege vulnerability exists in the Windows Message Queuing service (MSMQ) due to a specific flaw in the parsing of an IOCTL request to the Message Queuing service. The MSMQ service improperly handles objects in memory by inadvertently allowing overwrite. An attacker could exploit this vulnerability by sending a specially crafted IOCTL request to the MSMQ service.
This security update is rated Important for all supported editions of Windows 2003.

Consequence

An attacker who successfully exploits this vulnerability could execute arbitrary code and take complete control of an affected system under the LOCAL SYSTEM context. An attacker could then install programs; view, change, or delete data or create new accounts with full user rights.

Solution

Refer to Microsoft Security Bulletin MS14-062 for further details.

Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-062 Windows Server 2003 Service Pack 2
MS14-062 Windows Server 2003 with SP2 for Itanium-based Systems
MS14-062 Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows FAT32 Disk Partition Driver Elevation of Privilege Vulnerability (MS14-063)

Severity

Serious 3

Qualys ID

90980

Vendor Reference

MS14-063

CVE Reference

CVE-2014-4115

CVSS Scores

Base 7.2 / Temporal 5.3

Description

The Microsoft Windows FASTFAT driver is used to manage FAT32 disk partitions.
An elevation of privilege vulnerability exists in the FASTFAT driver. The vulnerability is caused when the FASTFAT driver executes a function that results in a buffer under-allocation issue. An attacker could attack a system locally by inserting a specially crafted USB drive into the system.
This security update is rated Important for all supported editions of Windows 2003, Windows Vista and Windows Server 2008.

Consequence

An attacker who successfully exploits this vulnerability could execute arbitrary code and take complete control of an affected system under the LOCAL SYSTEM context. An attacker could then install programs; view, change, or delete data or create new accounts with full user rights.

Solution

Refer to Microsoft Security Bulletin MS14-063 for further details.

Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS14-063 Windows Server 2003 Service Pack 2
MS14-063 Windows Server 2003 with SP2 for Itanium-based Systems
MS14-063 Windows Server 2003 x64 Edition Service Pack 2
MS14-063 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-063 Windows Server 2008 for 32-bit Systems Service Pack 2
MS14-063 Windows Server 2008 for Itanium-based Systems Service Pack 2
MS14-063 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-063 Windows Server 2008 for x64-based Systems Service Pack 2
MS14-063 Windows Vista Service Pack 2
MS14-063 Windows Vista x64 Edition Service Pack 2

These new vulnerability checks are included in Qualys vulnerability signature 2.2.843-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.

Selective Scan Instructions Using Qualys

To perform a selective vulnerability scan, configure a scan profile to use the following options:

Ensure access to TCP ports 135 and 139 are available.
Enable Windows Authentication (specify Authentication Records).
Enable the following Qualys IDs:
- 100212
- 90982
- 90983
- 90984
- 90979
- 110241
- 90981
- 90980
If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
If you would like to be notified if Qualys is unable to log on to a host (if Authentication fails), also include QID 105015.

In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.

Access for Qualys Customers

Platforms and Platform Identification

Technical Support

For more information, customers may contact Qualys Technical Support.

About Qualys

The Qualys Cloud Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.

Asset Management

IT Security

Compliance

Cloud-native Security

Web App Security

Customers

Partners

Company

Support

Qualys Cloud Platform

Free Services

Asset Management

IT Security

Compliance

Cloud-Native Security

Web App Security

Qualys Cloud Platform

Free Services

Microsoft security alert.

October 14, 2014

Advisory overview

Vulnerability details

Microsoft Internet Explorer Cumulative Security Update (MS14-056)

Microsoft .Net Framework Remote Code Execution Vulnerability (MS14-057)

Microsoft Windows Kernel-Mode Driver Remote Code Execution Vulnerability (MS14-058)

Microsoft ASP.NET MVC Security Feature Bypass Vulnerability (MS14-059)

Microsoft Windows OLE Remote Code Execution Vulnerability (MS14-060)

Microsoft Word and Office Web Apps Remote Code Execution Vulnerability (MS14-061)

Microsoft Windows Message Queuing Service Elevation of Privilege Vulnerability (MS14-062)

Microsoft Windows FAT32 Disk Partition Driver Elevation of Privilege Vulnerability (MS14-063)

Selective Scan Instructions Using Qualys

Access for Qualys Customers

Technical Support

About Qualys