November 2014 - Microsoft Releases 14 Security Advisories
DESCRIPTION
In the November bulletin, MS14-068 and MS14-075 are not included. Microsoft, however, addresses the following vulnerabilities:
Risk Rating: Critical
This security update addresses vulnerabilities found existing in Microsoft Windows Object Linking and Embedding (OLE). When exploited successfully, it could allow remote code execution via specially crafted webpage using Internet Explorer, thus compromising the security of the affected systems.
Risk Rating: Critical
This security update addresses several vulnerabilities in Internet Explorer. Accordingly, it can possibly lead to remote code execution once users view a specially crafted webpage via Internet Explorer.
Risk Rating: Critical
This security update addresses a vulnerability found existing in the Microsoft Secure Channel (Schannel) security package in Windows that could lead to remote code execution when exploited successfully.
Risk Rating: Critical
This security update addresses a vulnerability in Microsoft Windows that could lead to remote code execution when exploited successfully.
Risk Rating: Important
This security update addresses several vulnerabilities found in Microsoft office. Once successfully exploited, it could allow remote code execution via specially crafted file opened by the user.
Risk Rating: Important
This security update addresses a vulnerability found in TCP/IP that happened during input/output control (IOCTL) processing. When successfully exploited, it could allow elevation of privilege.
Risk Rating: Important
This security update addresses a vulnerability found in Microsoft Windows that when successfully exploited, it could allow elevation of privilege via an app that employs Microsoft Windows Audio service.
Risk Rating: Important
This security update addresses a vulnerability found existing in Microsoft .NET Framework that could allow elevation of privilege.
Risk Rating: Important
This security update addresses a vulnerability found existing in Microsoft SharePoint Server that could run random scripts when successfully exploited.
Risk Rating: Important
This security update addresses a vulnerability found existing in Microsoft Windows. Accordingly, this vulnerability can allow security bypass once RDP does not properly log audit events.
Risk Rating: Important
This security update addresses a vulnerability found existing in Microsoft Internet Information Services (IIS) that can bypass the IP and domain restrictions" security feature once successfully exploited.
Risk Rating: Important
This security update addresses a vulnerability found existing in Active Directory Federation Services (AD FS), that could allow information disclosure once exploited successfully.
Risk Rating: Moderate
This security update addresses a vulnerability found existing in Microsoft Input Method Editor (IME) (Japanese).
Risk Rating: Moderate
This security update addresses a vulnerability found existing in Microsoft Windows that could allow denial of service.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
| MS Bulletin ID | Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | Vulnerability Protection and IDF Compatibility |
| MS14-064 | CVE-2014-6332 | 1006324 | Windows OLE Automation Array Remote Code Execution Vulnerability (CVE-2014-6332) | 11-Nov-14 | YES |
| MS14-064 | CVE-2014-6352 | 1006290 | Microsoft Windows OLE Remote Code Execution Vulnerability | 11-Nov-14 | YES |
| MS14-064 | CVE-2014-6352 | 1006291 | Microsoft Windows OLE Remote Code Execution Vulnerability -1 | 14-Oct-14 | YES |
| MS14-064 | CVE-2014-6352 | 1006292 | Microsoft Windows OLE Remote Code Execution Vulnerability Over SMB | 21-Oct-14 | YES |
| MS14-064 | CVE-2014-6352 | 1006294 | Microsoft Windows OLE Remote Code Execution Vulnerability Over WebDAV | 21-Oct-14 | YES |
| MS14-064 | CVE-2014-6352 | 1006315 | Microsoft Windows OLE Remote Code Execution Vulnerability -2 | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-4143 | 1006321 | Microsoft Internet Explorer Use After Free Vulnerability (CVE-2014-4143) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6323 | 1006330 | Microsoft Internet Explorer Clipboard Information Disclosure Vulnerability (CVE-2014-6323) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6337 | 1006332 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6337) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6339 | 1006329 | Microsoft Internet Explorer ASLR Bypass Vulnerability (CVE-2014-6339) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6340 | 1006333 | Microsoft Internet Explorer Cross-Domain Information Disclosure Vulnerability (CVE-2014-6340) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6341 | 1006334 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6341) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6342 | 1006331 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6342) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6343 | 1006340 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6343) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6344 | 1006341 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6344) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6347 | 1006338 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6347) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6348 | 1006335 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6348) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6351 | 1006336 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6351) | 11-Nov-14 | YES |
| MS14-065 | CVE-2014-6353 | 1006337 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-6353) | 11-Nov-14 | YES |
| MS14-066 | CVE-2014-6321 | 1006327 | Microsoft Schannel Remote Code Execution Vulnerability (CVE-2014-6321) | 11-Nov-14 | YES |
| MS14-066 | CVE-2014-6321 | 1006357 | Microsoft Schannel Remote Code Execution Vulnerability (CVE-2014-6321) - 1 | 26-Nov-14 | YES |
| MS14-066 | CVE-2014-6321 | 1006358 | Microsoft Schannel Remote Code Execution Vulnerability (CVE-2014-6321) - 2 | 26-Nov-14 | YES |
| MS14-066 | CVE-2014-6321 | 1006357 | Microsoft Schannel Remote Code Execution Vulnerability (CVE-2014-6321) - 3 | 26-Nov-14 | YES | MS14-067 | CVE-2014-4118 | 1006339 | Microsoft XML Core Services Remote Code Execution Vulnerability (CVE-2014-4118) | 11-Nov-14 | YES |
| MS14-069 | CVE-2014-6333 | 1006323 | Microsoft Office Remote Code Execution Vulnerability (CVE-2014-6333) | 11-Nov-14 | YES |
| MS14-069 | CVE-2014-6334 | 1006322 | Microsoft Office Bad Index Remote Code Execution Vulnerability (CVE-2014-6334) | 11-Nov-14 | YES |
| MS14-069 | CVE-2014-6335 | 1006320 | Microsoft Office Invalid Pointer Remote Code Execution Vulnerability (CVE-2014-6335) | 11-Nov-14 | YES |
| MS14-073 | CVE-2014-4116 | 1000552 | Generic Cross Site Scripting(XSS) Prevention | 05-July-06 | NO |
| MS14-076 | CVE-2014-4078 | 1001126 | DNS Domain Blocker | 28-Dec-07 | NO |
SOLUTION
Featured Stories
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more