Security
Headlines
HeadlinesLatestCVEs

Headline

Assessing risk for the July 2014 security updates

Today we released six security bulletins addressing 29 unique CVE’s. Two bulletins have a maximum severity rating of Critical, three have maximum severity Important, and one is Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max exploit-ability Likely first 30 days impact Platform mitigations and key notes MS14-037(Internet Explorer) Victim browses to a malicious webpage.

msrc-blog
#vulnerability#web#windows#rce

Today we released six security bulletins addressing 29 unique CVE’s. Two bulletins have a maximum severity rating of Critical, three have maximum severity Important, and one is Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment.

Bulletin

Most likely attack vector

Max Bulletin Severity

Max exploit-ability

Likely first 30 days impact

Platform mitigations and key notes

MS14-037(Internet Explorer)

Victim browses to a malicious webpage.

Critical

1

Likely to see reliable exploits developed within next 30 days.

Addresses 23 remote code execution issues and one lower severity Security Feature Bypass vulnerability.

MS14-038(Windows Journal)

Victim opens malicious .JNT file or navigates with Explorer to a WebDAV share under attacker control where a malicious .JNT file is automatically rendered.

Critical

1

Likely to see reliable exploits developed within next 30 days.

MS14-040(AFD.sys)

Attacker running code at low privilege runs exploit binary to elevate to SYSTEM.

Important

1

Likely to see reliable exploits developed within next 30 days.

MS14-041(Sandbox escape via DirectShow)

Attacker running code at low integrity level runs exploit binary to elevate to context of logged-on user.

Important

1

Likely to see reliable exploits developed within next 30 days.

MS14-039(Sandbox escape via on-screen keyboard)

Attacker running code at low integrity level runs exploit binary to elevate to context of logged-on user.

Important

1

Likely to see reliable exploits developed within next 30 days.

MS14-042(Service Bus)

Attacker could cause Service Bus to stop responding to incoming AMQP messages.

Moderate

n/a

Lower severity issue unlikely to see significant attacker interest.

Windows Azure not affected.

- Jonathan Ness, MSRC

msrc-blog: Latest News

Securing AI and Cloud with the Zero Day Quest