Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    Patch-Tuesday_grayTwo out of seven bulletins in today’s Microsoft Patch Tuesday are tagged as critical while the rest are marked as important. The critical bulletins addressed a number of vulnerabilities found existing in Microsoft Office and Internet Explorer, which when exploited could allow remote code execution, thus compromising the security of the systems.

    Perhaps the most interesting bulletin here is MS14-035, which resolves flaws in Internet Explorer versions 6 to 11, can be abused via a specially crafted web page and can possibly lead to attackers gaining more user rights on the affected systems. The bulletin only patches the vulnerability for Server 2003, but the vulnerability almost certainly exists in the now-unsupported Windows XP as well.

    This is the sort of problem what we warned about earlier this year: newly discovered vulnerabilities will now be wide-open for use by attackers. This particular problem will only get worse over time.

    Another critical bulletin, MS14-036, also fixes flaws existing in Microsoft Windows, Microsoft Office, and Microsoft Lync or a platform for video messaging and conference. Any specially crafted webpage or file could possibly compromise the system.

    MS14-032 also addresses vulnerabilities in Microsoft Lync or a platform for video messaging and conference, which can lead to information disclosure when exploited. Another notable bulletin is MS14-031, which also addressed vulnerabilities in Microsoft Windows and can possibly lead to denial of service when exploited by cybercriminals.

    On the other hand, Adobe also rolls out one security bulletin to resolve issues in Adobe Flash Player, covered under the following CVEs. This brings the current version of Adobe Flash Player to 14.0.0.125.

    • CVE-2014-0531
    • CVE-2014-0532
    • CVE-2014-0533
    • CVE-2014-0534
    • CVE-2014-0535
    • CVE-2014-0536

    We highly recommend users to apply these security patches and upgrade their Adobe products to its latest versions. This is to prevent their systems from being infected with threats leveraging vulnerabilities discussed in these security bulletins.

    Users may also visit our Trend Micro Threat Encyclopedia page to know more about the appropriate Deep Security solutions.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice