Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka “Ancillary Function Driver Elevation of Privilege Vulnerability.”
Category Archives: Security
Security
CVE-2014-1824 (windows_7, windows_8, windows_8.1, windows_rt, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_vista)
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted Journal (aka .JNT) file, aka “Windows Journal Remote Code Execution Vulnerability.”
CVE-2014-2780 (windows_7, windows_8, windows_8.1, windows_server_2008, windows_server_2012, windows_vista)
DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges by leveraging control over a low-integrity process to execute a crafted application, aka “DirectShow Elevation of Privilege Vulnerability.”
CVE-2014-2510 (centerstage, documentum_foundation_services, my_documentum_for_desktop, my_documentum_for_microsoft_outlook)
The JAXB XML parser in EMC Documentum Foundation Services (DFS) 6.6 before P39, 6.7 SP1 before P28, and 6.7 SP2 before P15, as used in My Documentum for Desktop, My Documentum for Microsoft Outlook, and CenterStage, allows remote authenticated users to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
FreeBSD-SA-14:17.kmem
MS14-038 – Critical: Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) – Version: 1.0
Severity Rating: Critical
Revision Note: V1.0 (July 8, 2014): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. An attacker would have no way to force users to visit a specially crafted website. Instead, an attacker would have to convince them to visit the website, typically by getting them to click a link that takes them to the attacker’s site, and then convince them to open the specially crafted Journal file.
2960358 – Update for Disabling RC4 in .NET TLS – Version: 1.2
Revision Note: V1.2 (July 8, 2014): Advisory revised to announce a Microsoft Update Catalog detection change for the updates requiring installation of the 2868725 prerequisite update. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
Summary: Microsoft is announcing the availability of an update for Microsoft .NET Framework that disables RC4 in Transport Layer Security (TLS) through the modification of the system registry. Use of RC4 in TLS could allow an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions.
MS14-042 – Moderate: Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621) – Version: 1.0
Severity Rating: Moderate
Revision Note: V1.0 (July 8, 2014): Bulletin published
Summary: This security update resolves one publicly disclosed vulnerability in Microsoft Service Bus for Windows Server. The vulnerability could allow denial of service if a remote authenticated attacker creates and runs a program that sends a sequence of specially crafted Advanced Message Queuing Protocol (AMQP) messages to the target system. Microsoft Service Bus for Windows Server is not shipped with any Microsoft operating system. For an affected system to be vulnerable Microsoft Service Bus must first be downloaded, installed, and configured, and then its configuration details (farm certificate) shared with other users.
MS14-040 – Important: Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege (2975684) – Version: 1.0
Severity Rating: Important
Revision Note: V1.0 (July 8, 2014): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege an attacker logs onto a system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
MS14-041 – Important: Vulnerability in DirectShow Could Allow Elevation of Privilege (2975681) – Version: 1.0
Severity Rating: Important
Revision Note: V1.0 (July 8, 2014): Bulletin published
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker first exploits another vulnerability in a low integrity process and then uses this vulnerability to execute specially crafted code in the context of the logged on user. By default, the modern, immersive browsing experience on Windows 8 and Windows 8.1 runs with Enhanced Protected Mode (EPM). For example, customers using the touch-friendly Internet Explorer 11 browser on modern Windows tablets are using Enhanced Protected Mode by default. Enhanced Protected Mode uses advanced security protections that can help mitigate against exploitation of this vulnerability on 64-bit systems.