WatchGuard’s visibility solution, WatchGuard Dimension, eliminates Synerzip’s need for a SIEM solution
Global Software Developer Synerzip Deploys WatchGuard Technologies' Solutions to Secure Worldwide Network
All posts by 007admin
CVE-2014-2324
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname. (CVSS:5.0) (Last Update:2014-04-19)
CVE-2014-2323
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname. (CVSS:7.5) (Last Update:2014-04-19)
MS14-014 – Important: Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677) – Version: 1.0
Severity Rating: Important
Revision Note: V1.0 (March 11, 2014): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Silverlight. The vulnerability could allow security feature bypass if an attacker hosts a website that contains specially crafted Silverlight content that is designed to exploit the vulnerability, and then convinces a user to view the website. In all cases, however, an attacker would have no way to force users to visit a website. Instead, an attacker would have to convince users to visit a website, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker’s website. It could also be possible to display specially crafted web content by using banner advertisements or by using other methods to deliver web content to affected systems.
MS14-015 – Important: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275) – Version: 1.0
Severity Rating: Important
Revision Note: V1.0 (March 11, 2014): Bulletin published.
Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.
MS14-013 – Critical: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2929961) – Version: 1.0
Severity Rating: Critical
Revision Note: V1.0 (March 11, 2014): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted image file. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
TA14-069A: Microsoft Ending Support for Windows XP and Office 2003
Original release date: March 10, 2014 | Last revised: June 18, 2014
Systems Affected
- Microsoft Windows XP with Service Pack 3 (SP3) Operating System
- Microsoft Office 2003 Products
Overview
Microsoft is ending support for the Windows XP operating system and Office 2003 product line on April 8, 2014. [1] After this date, these products will no longer receive:
- Security patches which help protect PCs from harmful viruses, spyware, and other malicious software
- Assisted technical support from Microsoft
- Software and content updates
Description
All software products have a lifecycle. End of support refers to the date when Microsoft no longer provides automatic fixes, updates, or online technical assistance. [2] As of February 2014, nearly 30 percent of Internet-connected PCs still run Windows XP. [3]
Microsoft will send “End of Support†notifications to users of Windows XP who have elected to receive updates via Windows Update. Users in organizations using Windows Server Update Services (WSUS), System Center Configuration manager, or Windows Intune will not receive the notification. [4]
Impact
Computer systems running unsupported software are exposed to an elevated risk to cybersecurity dangers, such as malicious attacks or electronic data loss.
Users may also encounter problems with software and hardware compatibility since new software applications and hardware devices may not be built for Windows XP or Office 2003.
Organizations that are governed by regulatory obligations may find they are no longer able to satisfy compliance requirements. [4]
Solution
Computers operating Windows XP with SP3 or running Office 2003 products will continue to work after support ends. However, using unsupported software may increase the risk of viruses and other security threats.
Users have the option to upgrade to a currently supported operating system or office productivity suite. The Microsoft “End of Support†pages for Windows XP and Office 2003 offer additional details.
There are software vendors and service providers in the marketplace who offer assistance in migrating from Windows XP or Office 2003 to a currently supported operating system or office productivity suite. US-CERT does not endorse or support any particular product or vendor.
Users who choose to continue using Windows XP after the end of support may mitigate some risks by using a web browser other than Internet Explorer. The Windows XP versions of some alternative browsers will continue to receive support temporarily. Users should consult the support pages of their chosen alternative browser for more details.
References
- [1] Support is ending for Office 2003
- [2] Windows lifecycle fact sheet
- [3] Operating system market share
- [4] Support for Windows XP is ending
Revision History
- March 10, 2014 – Initial Release
- June 18, 2014 – A spelling correction was made.
This product is provided subject to this Notification and this Privacy & Use policy.
MS13-095 – Important: Vulnerability in Digital Signatures Could Allow Denial of Service – Version: 1.1
Severity Rating: Important
Revision Note: V1.1 (February 28, 2014): Bulletin revised to announce a detection change in the 2868626 update for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows RT 8.1, and Windows Server 2012 R2. This is a detection change only. There were no changes to the update files. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service when an affected web service processes a specially crafted X.509 certificate.
MS14-005 – Important: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036) – Version: 1.1
Severity Rating: Important
Revision Note: V1.1 (February 28, 2014): Bulletin revised to announce a detection change in the 2916036 update for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows Server 2012 R2, and Windows RT 8.1. This is a detection change only. There were no changes to the update files. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services included in Microsoft Windows. The vulnerability could allow information disclosure if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to view specially crafted content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to an attacker’s website, or by getting them to open an attachment sent through email.
MS14-007 – Critical: Vulnerability in Direct2D Could Allow Remote Code Execution (2912390) – Version: 1.1
Severity Rating: Critical
Revision Note: V1.1 (February 28, 2014): Bulletin revised to announce a detection change in the 2912390 update for Windows 8.1 for 32-bit Systems, Windows 8.1 for x64-based Systems, Windows RT 8.1, and Windows Server 2012 R2. This is a detection change only. There were no changes to the update files. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to view specially crafted content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to an attacker’s website, or by getting them to open an attachment sent through email.