MS14-015 – Important : Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275) – Version: 1.0

 Microsoft Security Bulletins  Comments Off on MS14-015 – Important : Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275) – Version: 1.0
Mar 112014
 

Severity Rating: Important
Revision Note: V1.0 (March 11, 2014): Bulletin published.
Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.

MS14-012 – Critical : Cumulative Security Update for Internet Explorer (2925418) – Version: 1.0

 Microsoft Security Bulletins  Comments Off on MS14-012 – Critical : Cumulative Security Update for Internet Explorer (2925418) – Version: 1.0
Mar 112014
 

Severity Rating: Critical
Revision Note: V1.0 (March 11, 2014): Bulletin published.
Summary: This security update resolves one publicly disclosed vulnerability and seventeen privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS14-015 – Important : Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275) – Version: 1.0

 Microsoft Security Bulletins  Comments Off on MS14-015 – Important : Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275) – Version: 1.0
Mar 112014
 

Severity Rating: Important
Revision Note: V1.0 (March 11, 2014): Bulletin published.
Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.

Oracle Reports Vulnerability, (Thu, Jan 30th)

 SANS Internet Storm Center, Security Alerts  Comments Off on Oracle Reports Vulnerability, (Thu, Jan 30th)
Jan 292014
 

I mentioned this vulnerability earlier this week in a podcast, but believe it deserves a bit more attention, in particular as exploits are now public, and a metasploit module appears in the works.

Dana Taylor (NI @root) released details about the vulnerabilities first in her blog [1]. The post included quite a bit of details about respecitve vulnerabilities. Extended support for Oracle 10g ended July 2013 and a patch is not expected.

If for some reason you are still running Oracle 10g or earlier, please check on possible workarounds or upgrade to 11g

The vulnerabilities were assigned following CVE numbers 

CVE-2012-3153 – PARSEQUERY keymap vulnerabiilty

      Oracle details (requires login): https://support.oracle.com/rs?type=doc&id=279683.1

CVE-2012-3152 – URLPARAMETER code execution

Please let us know if you have any workarounds to share, or if you have any logs showing exploit attempts.

[1] http://netinfiltration.com

 

——
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

MS13-081 – Critical : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008) – Version: 2.0

 Microsoft Security Bulletins  Comments Off on MS13-081 – Critical : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008) – Version: 2.0
Jan 142014
 

Severity Rating: Critical
Revision Note: V2.0 (January 14, 2014): Rereleased bulletin to announce the reoffering of the 2862330 update to systems running Windows 7 or Windows Server 2008 R2. See the Update FAQ for details.
Summary: This security update resolves seven privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if a user views shared content that embeds OpenType or TrueType font files. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system.

%d bloggers like this: