Microsoft Patch Tuesday - July
Overview of the July 2014 Microsoft patches and their status.
# | Affected | Contra Indications - KB | Known Exploits | Microsoft rating(**) | ISC rating(*) | |
---|---|---|---|---|---|---|
clients | servers | |||||
MS14-037 | Cumulative Security Update for Internet Explorer | |||||
Microsoft Windows, Internet Explorer CVE-2014-1763 CVE-2014-1765 CVE-2014-2785 CVE-2014-2786 CVE-2014-2787 CVE-2014-2788 CVE-2014-2789 CVE-2014-2790 CVE-2014-2791 CVE-2014-2792 CVE-2014-2794 CVE-2014-2795 CVE-2014-2797 CVE-2014-2798 CVE-2014-2800 CVE-2014-2801 CVE-2014-2802 CVE-2014-2803 CVE-2014-2804 CVE-2014-2806 CVE-2014-2807 CVE-2014-2809 CVE-2014-2813 CVE-2014-1763 CVE-2014-1765 CVE-2014-2783 CVE-2014-2785 CVE-2014-2786 CVE-2014-2787 CVE-2014-2788 CVE-2014-2789 CVE-2014-2790 CVE-2014-2791 CVE-2014-2792 CVE-2014-2794 CVE-2014-2795 CVE-2014-2797 CVE-2014-2798 CVE-2014-2800 CVE-2014-2801 CVE-2014-2802 CVE-2014-2803 CVE-2014-2804 CVE-2014-2806 CVE-2014-2807 CVE-2014-2809 CVE-2014-2813 |
KB 2975687 | Yes! | Severity:Critical Exploitability: 1 |
Critical | Important | |
MS14-038 | Vulnerability in Windows Journal Could Allow Remote Code Execution | |||||
Microsoft Windows CVE-2014-1824 |
KB 2975689 | No | Severity:Critical Exploitability: 1 |
Critical | Critical | |
MS14-039 | Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege | |||||
Microsoft Windows CVE-2014-2781 |
KB 2975685 | No | Severity:Important Exploitability: 1 |
Important | Important | |
MS14-040 | Vulnerability in Ancillary Function Driver | |||||
Microsoft Windows CVE-2014-1767 |
KB 2975684 | No | Severity:Important Exploitability: 1 |
Important | Important | |
MS14-041 | Vulnerability in DirectShow Could Allow Elevation of Privilege | |||||
Microsoft Windows CVE-2014-2780 |
KB 2975681 | No | Severity:Important Exploitability: 1 |
Important | Important | |
MS14-042 | Vulnerability in Microsoft Service Bus Could Allow Denial of Service | |||||
Microsoft Server Software CVE-2014-2814 |
KB 2972621 | Yes! | Severity:Moderate Exploitability: 1 |
Less Urgent | Less Urgent |
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
- We use 4 levels:
- PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
- Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
- Important: Things where more testing and other measures can help.
- Less Urgent: Practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
- The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threatatches.
--
Alex Stanford - GIAC GWEB,
Research Operations Manager,
SANS Internet Storm Center
Hardcoded Netgear Prosafe Switch Password
Update: Cert.org corrected it's advisory. The GS105PE is affected, not the GS108PE as indicated earlier. The NVD CVE entry still lists the old model number [2].
Yet another hard coded password. This time it's Netgear's Prosafe Switch (GS105PE) running firmware version 1.2.0.5 and earlier [1]. The pre-configured username is "ntgruser" and the password is "debugpassword". If you have any Netgear equipment, it may be worthwhile checking for this username and password even if your device isn't listed as vulnerable.
Sadly, at this point there doesn't appear to be a solution to the problem, other then returning the switch to the store and buying another one if you can.
CVE Number: CVE-2014-2969 [2]
[1] http://www.kb.cert.org/vuls/id/143740
[2] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2969
Comments