torsdag 12 juni 2014

Zscaler tätar nya sårbarheter i Explorer och Lync Server

Zscaler, som arbetar tillsammans med Microsoft via MAPPs-programmet har proaktivt utvecklat skydd mot de nyupptäckta sårbarheterna. Skyddet omfattar alla utsatta plattformar.
WeClouds webbsäkerhetslösning från Zscaler analyserar allt innehåll i den data som hämtas från webben och bedömer det genom flera olika analyser, jämförelser och beteendeanalyser. Skanningen av surftrafiken sker i realtid och skyddar användarna oavsett var de kopplat upp sig genom att styra surftrafiken via någon av skannings-noderna i det globala säkerhetsnätverket.



MS14-032 Lync Server Content Sanitization Vulnerability

Severity: Important
Affected Software
  • SharePoint Server 2010
  • SharePoint Server 2013
CVE-2014-1823 – Microsoft Lync Server Could Allow Information Disclosure

Description: An information disclosure vulnerability exists when Lync Server fails to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user’s browser to obtain information from web sessions.


MS14-035 Cumulative Security Update for Internet Explorer

Severity: Critical
Affected Software
  • Internet Explorer 6-11
CVE-2014-0282 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1762 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1766 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1769 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1772 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1785 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1789 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1791 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1795 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1797 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1800 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1804 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-1805 – Internet Explorer Memory Corruption Vulnerability

Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.


www.wecloud.se
support@wecloud.se