onsdag 10 december 2014

Zscaler skyddar nya säkerhetshål i Microsoft Office och Exchange

Zscaler, som arbetar tillsammans med Microsoft via MAPPs-programmet (Microsoft Active Protection Program) har proaktivt utvecklat skydd mot de nyupptäckta sårbarheterna. Skyddet omfattar alla utsatta plattformar. 

WeClouds webbsäkerhetslösning från Zscaler analyserar allt innehåll i den data som hämtas från webben och bedömer det genom flera olika analyser, jämförelser och beteendeanalyser. Skanningen av http/https sker i realtid och skyddar användare och system oavsett var de kopplat upp sig genom att styra trafiken via någon av skannings-noderna i det globala säkerhetsnätverket.



MS14-075Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege
Severity: Important

Affected Software
  • Microsoft Exchange Server 2013 SP1 
CVE-2014-6325 – OWA XSS Vulnerability

Description: Elevation of privilege vulnerabilities exist when Microsoft Exchange Server does not properly validate input. An attacker who successfully exploited these vulnerabilities could run script in the context of the current user. An attacker could, for example, read content that the attacker is not authorized to read, use the victim's identity to take actions on the Outlook Web Access site on behalf of the victim, such as change permissions and delete content, and inject malicious content in the browser of the victim. Any system that is used to access an affected version of Outlook Web Access would potentially be at risk to attack. The update addresses the vulnerabilities by ensuring that URLs are properly sanitized.

MS14-080Cumulative Security Update for Internet Explorer
Severity: Important

Affected Software
  • Internet Explorer 6-11 
CVE-2014-6328 – Internet Explorer XSS Filter Bypass Vulnerability
CVE-2014-6329 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-6330 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-6363 – VBScript Memory Corruption Vulnerability
CVE-2014-6365 – Internet Explorer XSS Filter Bypass Vulnerability
CVE-2014-6366 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-6369 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-6373 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-6374 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-6375 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-6376 – Internet Explorer Memory Corruption Vulnerability
CVE-2014-8966 – Internet Explorer Memory Corruption Vulnerability

Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.

MS14-082Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
Severity: Important

Affected Software
  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft Office 2013 
CVE-2014-6364 – Microsoft Office Component Use After Free Vulnerability

Description: A remote code execution vulnerability exists in the context of the current user that is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS14-083Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
Severity: Important

Affected Software
  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft Office 2013
CVE-2014-6360 – Global Free Remote Code Execution in Excel Vulnerability
CVE-2014-6361 – Excel Invalid Pointer Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft Excel does not properly handle objects in memory while parsing specially crafted Office files. System memory may be corrupted in such a way that an attacker could execute arbitrary code.

MS14-085Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure
Severity: Important

Affected Software
  • Windows Server 2003 SP2
  • Windows Vista SP2
  • Windows Server 2008 SP2
  • Windows 7 SP1
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
CVE-2014-6355 – Information Disclosure Vulnerability

Description: An information disclosure vulnerability exists in the Microsoft Graphics Component that could allow an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. The vulnerability is caused when the Microsoft Graphics Component improperly handles the decoding of JPEG images in memory. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system.


www.wecloud.se

info@wecloud.se