Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of May, 2014. A list of issues reported, along with Dell SonicWALL coverage information are as follows:
MS14-021 Security Update for Internet Explorer (2965111)
- CVE-2014-1776 Internet Explorer Memory Corruption Vulnerability
IPS: 3787 “Internet Explorer Memory Corruption Vulnerability (CVE-2014-1776)”
SPY: 3371 “Malformed-File html.MP.6”
SPY: 3372 “Malformed-File html.MP.7”
SPY: 3367 “Malformed-File swf.OT.9”
SPY: 2290 “Malformed-File swf.OT.8”
GAV: 23155 “CVE-2014-1776”
MS14-029 Security Update for Internet Explorer (2962482)
- CVE-2014-1815 Internet Explorer Memory Corruption Vulnerability
IPS: 3869 “Windows IE Memory Corruption Vulnerability (MS14-029) 2”
CVE-2014-0310 Internet Explorer Memory Corruption Vulnerability
IPS: 3867 “Windows IE Memory Corruption Vulnerability (MS14-029) 1”
MS14-022 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166)
- CVE-2014-0251 SharePoint Page Content Vulnerability
There are no known exploits in the wild.
- CVE-2014-1754 SharePoint XSS Vulnerability
IPS: 3868 “Microsoft SharePoint Server XSS 11 (MS14-022)”
IPS: 1369 “Cross-Site Scripting (XSS) Attack 1”
IPS: 6753 “Cross-Site Scripting (XSS) Attack 8”
- CVE-2014-1813 Web Applications Page Content Vulnerability
There are no known exploits in the wild.
MS14-023 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2961037)
- CVE-2014-1756 Microsoft Office Chinese Grammar Checking Vulnerability
There are no known exploits in the wild.
- CVE-2014-1808 Token Reuse Vulnerability
There are no known exploits in the wild.
MS14-025 Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486)
- CVE-2014-1812 Group Policy Preferences Password Elevation of Privilege Vulnerability
There are no known exploits in the wild.
MS14-026 Vulnerability in .NET Framework Could Allow Elevation of Privilege (2958732)
- CVE-2014-1806 TypeFilterLevel Vulnerability
There are no known exploits in the wild.
MS14-027 Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege (2962488)
- CVE-2014-1807 Windows Shell File Association Vulnerability
There are no known exploits in the wild.
MS14-028 Vulnerabilities in iSCSI Could Allow Denial of Service (2962485)
- CVE-2014-0255 iSCSI Target Remote Denial of Service Vulnerability
There are no known exploits in the wild.
- CVE-2014-0256 iSCSI Target Remote Denial of Service Vulnerability
There are no known exploits in the wild.
MS14-024 Vulnerability in a Microsoft Common Control Could Allow Security Feature Bypass (2961033)
- CVE-2014-1809 MSCOMCTL ASLR Vulnerability
There are no known exploits in the wild.