MS14-018 – Critical: Cumulative Security Update for Internet Explorer (2950467) – Version: 1.2

Severity Rating: Critical
Revision Note: V1.2 (June 30, 2014): Corrected the CVE number for CVE-2014-0325. The bulletin incorrectly had listed this CVE number as CVE-2014-0235. This is an informational change only.
Summary: This security update resolves six privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS14-019 – Critical: Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2922229) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (June 27, 2014): Updated the Known Issues entry in the Knowledge Base Article section from “None” to “Yes”.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user runs specially crafted .bat and .cmd files from a trusted or semi-trusted network location. An attacker would have no way to force users to visit the network location or run the specially crafted files. Instead, an attacker would have to convince users to take such action. For example, an attacker could trick users into clicking a link that takes them to the location of the attacker’s specially crafted files and subsequently convince them to run them.

[BSA-096] Security Update for libreoffice

Rene Engelhard uploaded new packages for libreoffice which fixed the following
security problems:

  It was discovered that LibreOffice unconditionally executed certain VBA
  macros, contrary to user expectations.

The stable distribution (wheezy) is not affected by this issue.

For the testing (jessie) and unstable (sid) distributions, these
problems have been fixed in version 1:4.2.5-1.

For the wheezy-backports distribution, these problems have been fixed in
version 1:4.2.5-1~bpo70+1.

Panda Advanced Protection Service gets the backing of customers and partners alike

Panda Advanced Protection Service (PAPS) represents a disruptive offer to the market from Panda Security, The Cloud Security Company, to combat malware in general and specifically APTs (Advanced Persistent Threats), and gets the backing of customers, partners and industry analysts.

Customers including Eulen and Mecalux, and partners such as Indra have placed their trust in this unique solution to guarantee the security of all applications run on endpoints within an environment of multinational operations.

Real-time blocking and warnings

Mecalux is a multinational company specialized in the design and manufacturing of automated warehouses and other storage solutions. In a highly geographically disperse operative environment, Mecalux realized that its infrastructure -comprising thousands of endpoints and servers around the world- needed effective yet flexible protection, as well as secure access to services such as ERP (SAP), CRM, etc. By implementing PAPS, Mecalux can protect and supervise its extensive network thanks to the complete visibility of all applications run by users. This allows it to identify, classify and block potentially dangerous applications or those with potentially dangerous behavior.

“We are highly satisfied with the quality of the service provided by Panda Security over these months. Thanks to this innovative service for classifying applications, we can rest assured that we have real-time blocking and warnings that protect us against advanced cyber-threats such as meta-exploits, APTs in adware, PUPs, etc.,” Jorge Box, IT Systems & Infrastructure Manager.

“Mecalux needed optimum, real-time, forensic information on targeted attacks that could compromise its corporate servers and endpoints, and PAPS was the answer it was waiting for,” explains Josu Franco, VP Corporate Development at Panda Security.

Forensic analysis services on-demand

Indra is the leading consulting and technology multinational in Spain and Latin America. It provides solutions and services for sectors including Transport and Traffic, Energy and Industry, Public Administration and Healthcare, Financial Services, Security and Defense, etc. As part of its offer to key accounts, Indra has recently set up a major cyber-security center (i-CSOC) which brings together all available knowledge on cyber-security throughout the company, with the goal of making it a leading point of reference in this field.

“Panda Advanced Protection Service is a managed security solution that allows us to guarantee complete protection of our customers’ endpoints and servers, with granular monitoring and supervision of the behavior of each device. We can also offer forensic analysis services to customers on request,” explains Alfonso Martín Palma, Senior Manager of Indra’s Cybersecurity Unit (i-CSOC).

“Panda Advanced Protection Service enables us to provide guaranteed security against cyber-crime and targeted attacks, a key point which we were not convinced we would be able to achieve when we began to evaluate solutions,” concludes Ascensio Chazarra, Cyber-security Manager at Indra.

“Our partners represent a vital part of the strategy of PAPS, given that they address the global cyber-security needs of corporate customers. As such, we believe that PAPS offers them an excellent chance to satisfy the needs of all customers worried about the threat posed by targeted attacks to their data and intellectual assets. PAPS is the definitive answer to this demand for advanced security services. We are more than satisfied that PAPS will be a cornerstone of Indra’s cyber-security center (i-CSOC),” says Josu Franco, VP Corporate Development at Panda Security.

Advances security for a distributed infrastructure

The Eulen Group, a leading provider of business outsourcing services, required an advanced security solution for distributed infrastructure, with diverse software requirements across its numerous business units, a high degree of endpoint mobility, and an increasing level of cloud solutions implemented throughout the company. In such a context, Panda Advanced Protection Service has been highly valuable to Eulen, thanks to the monitoring, blocking and prevention of the most dangerous attacks.

“After the success of this project, and thanks to the quality of the services delivered, Eulen is now concentrating on the security of new operating systems such as Android, and as such is considering further collaboration with Panda Security,” Alejandro Las Heras, Technology Director at Eulen Group.

“Thanks to Panda Advanced Protection Service, Eulen now has a service that closes the window of opportunity for malware. It classifies everything that tries to run, and what can’t be classified is blocked. In short, it prevents malicious exploitation of anything run, and monitors data access,” explains Josu Franco, VP Corporate Development at Panda Security.

A unique, disruptive model

Panda Advanced Protection Service is positioned in the vanguard of new trends in cyber-security. As confirmed by the Gartner Group, in 2018, some 80% of endpoint protection platforms will include forensic analysis and user monitoring capabilities, against the 5% recorded in 2013⁽¹⁾.

Other Gartner sources predict that by 2017 over 50% of user devices will only allow the running of applications that have been previously classified in line with security and privacy criteria, in comparison with the current figure of 20%⁽²⁾.

(1) Source: “Designing an Adaptive Security Architecture for Protection From Advanced Attacks.” Published: February 12, 2014. Analysts: Neil MacDonald, Peter Firstbrook        
(2) Source: Magic Quadrant for Endpoint Protection Platforms. Published: January 8, 2014. Analysts: Peter Firstbrook, John Girard, Neil MacDonald.

Panda Security ensures security of all applications running on endpoints

Panda Security, The Cloud Security Company, today announced the launch of Panda Advanced Protection Service (PAPS), a new managed service for monitoring applications which uses a disruptive approach as opposed to the traditional system of detecting malware based on blacklists.

Designed for key accounts, Panda Advanced Protection Service proposes a new technological approach where every program that is run is automatically classified with maximum confidence. The solution identifies vulnerable applications, detects and blocks exploits against trusted applications, controls data access and provides complete traceability of all actions carried out on the system. PAPS neutralizes all malware that may have evaded detection by other security solutions as it classifies 100 percent of all executable files that attempt to run on protected endpoints. As malware creation grows unabated, endpoint security continues to be a problem for companies and a business opportunity for cyber-criminals.

PAPS classifies everything that attempts to run

Current endpoint security solutions are focused on integrating a growing number of detection technologies which, despite being increasingly sophisticated, are bypassed by malware writers in increasingly shorter times.

Diego Navarrete, CEO Panda Security

Diego Navarrete, CEO Panda Security

“In this context, Panda Security proposes a disruptive approach in which everything that attempts to run is classified with maximum confidence. This is a revolutionary step forward from a security model almost entirely based on detection techniques aimed at identifying malicious or suspicious items, to an approach aimed at classifying and securing everything that is run, even if no alert is triggered by the detection algorithms. With Panda Advanced Protection Service (PAPS), Panda Security presents a service that virtually eliminates the likelihood of malware going undetected. It classifies everything that attempts to run, continuously monitoring all actions performed by applications to prevent vulnerability exploits targeting trusted applications”, explained Diego Navarrete, CEO at Panda Security.

“In short, Panda Advanced Protection Service provides continuous classification and monitoring of all application activity on endpoints, allowing for complete traceability. As far as we know, no other security software vendor has a similar offering”, explained Josu Franco, VP Corporate Development at Panda Security.Adapted to customer needs

One important aspect that differentiates PAPS is that it is a service that adapts to the specific needs of each customer, profiling applications and behavior and identifying new attack patterns. “More than 20 years of experience in malware detection, together with the accumulated knowledge of our Collective Intelligence system, has enabled us to identify over 1,200 million application components and classify them as malware or goodware. This, along with the use of behavioral analysis, allows us to accurately predict the reliability of any applications running on endpoints”, concluded Panda Security’s VP Corporate Development.

CVE-2014-2782 (internet_explorer)

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.