Microsoft Security Bulletin Coverage (November 12, 2014)

By

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of November, 2014. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS14-064 Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)

  • CVE-2014-6332 Windows OLE Automation Array Remote Code Execution Vulnerability
    SPY: 2230 “Malformed-File html.MP.53”
  • CVE-2014-6352 Windows OLE Remote Code Execution Vulnerability
    SPY: 1578 “Malformed-File xml.TL.37”

MS14-065 Cumulative Security Update for Internet Explorer (3003057)

  • CVE-2014-4143 Internet Explorer Memory Corruption Vulnerability
    SPY: 2228 “Malformed-File html.MP.50”
  • CVE-2014-6323 Internet Explorer Clipboard Information Disclosure Vulnerability
    SPY: 2229 “Malformed-File html.MP.51”
  • CVE-2014-6337 Internet Explorer Memory Corruption Vulnerability
    IPS: 5931 “Microsoft Internet Explorer Use After Free”
  • CVE-2014-6339 Internet Explorer ASLR Bypass Vulnerability
    IPS: 5943 “Internet Explorer Out of Bound access(MS14-065)”
  • CVE-2014-6340 Internet Explorer Cross-domain Information Disclosure Vulnerability
    IPS: 5955 “Internet Explorer Information Disclosure (MS14-065)”
  • CVE-2014-6341 Internet Explorer Memory Corruption Vulnerability
    IPS: 5957 “Microsoft Internet Explorer Use After Free(MS14-065) 1”
  • CVE-2014-6342 Internet Explorer Memory Corruption Vulnerability
    IPS: 5959 “Internet Explorer Out of Bound access(MS14-065) 2”
  • CVE-2014-6343 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2014-6344 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2014-6345 Internet Explorer Cross-domain Information Disclosure Vulnerability
    IPS: 5962 “Internet Explorer Cross-domain Information Disclosure (MS14-065) 2”
  • CVE-2014-6346 Internet Explorer Cross-domain Information Disclosure Vulnerability
    IPS: 5958 “Internet Explorer Cross-domain Information Disclosure (MS14-065) 1”
  • CVE-2014-6347 Internet Explorer Memory Corruption Vulnerability
    IPS: 5915 “Internet Explorer Memory Corruption Vulnerability (MS14-065) 1”
  • CVE-2014-6348 Internet Explorer Memory Corruption Vulnerability
    IPS: 5918 “Internet Explorer Memory Corruption Vulnerability (MS14-065) 2”
  • CVE-2014-6349 Internet Explorer Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2014-6350 Internet Explorer Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2014-6351 Internet Explorer Memory Corruption Vulnerability
    IPS: 5924 “Internet Explorer Memory Corruption Vulnerability (MS14-065) 3”
  • CVE-2014-6353 Internet Explorer Memory Corruption Vulnerability
    IPS: 5934 “Internet Explorer Memory Corruption Vulnerability (MS14-065) 4”

MS14-066 Vulnerability in Schannel Could Allow Remote Code Execution (2992611)

  • CVE-2014-6321
    IPS: 5963 “Microsoft Schannel Remote Code Execution (MS14-066)”

MS14-067 Vulnerability in XML Core Services Could Allow Remote Code Execution (2993958)

  • CVE-2014-4118 MSXML Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS14-069 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)

  • CVE-2014-6333 Microsoft Office Double Delete Remote Code Execution Vulnerability
    IPS: 5954 “Microsoft Office Remote Code Execution (MS14-069) 1”
  • CVE-2014-6334 Microsoft Office Bad Index Remote Code Execution Vulnerability
    IPS: 5956 “Microsoft Office Remote Code Execution (MS14-069) 2”
  • CVE-2014-6335 Microsoft Office Invalid Pointer Remote Code Execution Vulnerability
    IPS: 1578 “Microsoft Word Invalid Pointer Remote Code Execution (MS14-069)”

MS14-070 Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935)

  • CVE-2014-4076 TCP/IP Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS14-071 Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (3005607)

  • CVE-2014-6322 Windows Audio Service Vulnerability
    There are no known exploits in the wild.

MS14-072 Vulnerability in .NET Framework Could Allow Elevation of Privilege (3005210)

  • CVE-2014-4149 TypeFilterLevel Vulnerability
    There are no known exploits in the wild.

MS14-073 Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)

  • CVE-2014-4116 SharePoint Elevation of Privilege Vulnerability
    IPS: 6753 “Cross-Site Scripting (XSS) Attack 8”

MS14-074 Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)

  • CVE-2014-6318 Remote Desktop Protocol (RDP) Failure to Audit Vulnerability
    There are no known exploits in the wild.

MS14-076 Vulnerability in Internet Information Services (IIS) Could Allow Security Feature Bypass (2982998)

  • CVE-2014-4078 IIS Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

MS14-077 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3003381)

  • CVE-2014-6331 Active Directory Federation Services Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS14-078 Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719)

  • CVE-2014-4077 Microsoft IME (Japanese) Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS14-079 Vulnerability in Kernel Mode Driver Could Allow Denial of Service (3002885)

  • CVE-2014-6317 Denial of Service in Windows Kernel Mode Driver Vulnerability
    There are no known exploits in the wild.
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.