Microsoft Security Bulletin Coverage (June 10, 2014)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of June, 2014. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS14-030 Vulnerability in Remote Desktop Could Allow Tampering (2969259)

• CVE-2014-0296 RDP MAC Vulnerability
  There are no known exploits in the wild.

MS14-031 Vulnerability in Remote Desktop Could Allow Tampering (2969259)

• CVE-2014-1811 TCP Denial of Service Vulnerability
  There are no known exploits in the wild.

MS14-032 Vulnerability in Microsoft Lync Server Could Allow Information Disclosure (2969258)

• CVE-2014-1823 Lync Server Content Sanitization Vulnerability
  IPS: 3943 “Microsoft Lync Server Information Disclosure Vulnerability (MS14-032)”

MS14-033 Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)

• CVE-2014-1816 MSXML Entity URI Vulnerability
  There are no known exploits in the wild.

MS14-034 Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)

• CVE-2014-2778 Embedded Font Vulnerability
  There are no known exploits in the wild.

MS14-035 Cumulative Security Update for Internet Explorer (2969262)

• CVE-2014-0282 Internet Explorer Memory Corruption Vulnerability
  IPS: 3936 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 8”
• CVE-2014-1762 Internet Explorer Memory Corruption Vulnerability
  IPS: 3938 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 7”
• CVE-2014-1764 Internet Explorer Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1766 Internet Explorer Memory Corruption Vulnerability
  IPS: 3939 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 6”
• CVE-2014-1769 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1770 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1771 TLS Server Certificate Renegotiation Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1772 Internet Explorer Memory Corruption Vulnerability
  IPS: 3941 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 5”
• CVE-2014-1773 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1774 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1775 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1777 Internet Explorer Information Disclosure Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1778 Internet Explorer Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1779 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1780 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1781 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1782 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1783 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1784 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1785 Internet Explorer Memory Corruption Vulnerability
  IPS: 3929 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 1”
• CVE-2014-1786 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1788 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1789 Internet Explorer Memory Corruption Vulnerability
  IPS: 3930 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 2”
• CVE-2014-1790 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1791 Internet Explorer Memory Corruption Vulnerability
  IPS: 3933 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 3”
• CVE-2014-1792 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1794 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1795 Internet Explorer Memory Corruption Vulnerability
  IPS: 3934 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 4”
• CVE-2014-1796 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1797 Internet Explorer Memory Corruption Vulnerability
  IPS: 6308 “HTTP Client Shellcode Exploit 46”
• CVE-2014-1799 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1800 Internet Explorer Memory Corruption Vulnerability
  IPS: 3944 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 9”
• CVE-2014-1802 Internet Explorer Memory Corruption Vulnerability
  IPS: 3955 “Internet Explorer Memory Corruption Vulnerability (MS14- 035) 10”
• CVE-2014-1803 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1804 Internet Explorer Memory Corruption Vulnerability
  IPS: 7454 “HTTP Client Shellcode Exploit 35a”
• CVE-2014-1805 Internet Explorer Memory Corruption Vulnerability
  IPS: 3480 “DOM Object Use-After-Free Attack 10a”
• CVE-2014-2753 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2754 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2755 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2756 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2757 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2758 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2759 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2760 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2761 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2763 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2764 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2765 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2766 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2767 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2768 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2769 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2770 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2771 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2772 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2773 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2775 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2776 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2014-2777 Internet Explorer Elevation of Privilege Vulnerability
  There are no known exploits in the wild.

MS14-036 Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (2967487)

• CVE-2014-1817 Unicode Scripts Processor Vulnerability
  There are no known exploits in the wild.
• CVE-2014-1818 GDI+ Image Parsing Vulnerability
  There are no known exploits in the wild.
  
  Security News

  

  The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.