3823_7103_securitybulletin_thumb_32407BF9_thumb_12CC8186

It’s been a busy time lately with lots of updates coming out for Windows 8.1 and Windows Server 2012 R2.  Well now it’s time to get back to the business of keeping up to date with patches.  Please see below for details of this month’s security updates and make sure you apply these updates where it’s applicable in your environments.

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity Rating and Vulnerability Impact

Restart Requirement

Affected Software

MS14-021
(Released out-of-band on May 1, 2014)

Security Update for Internet Explorer (2965111)

This security update resolves a publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Critical 
Remote Code Execution

Requires restart

Microsoft Windows,
Internet Explorer

MS14-029

Security Update for Internet Explorer (2962482)

This security update resolves two privately reported vulnerabilities in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Critical 
Remote Code Execution

Requires restart

Microsoft Windows,
Internet Explorer

MS14-022

Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166)

This security update resolves multiple privately reported vulnerabilities in Microsoft Office server and productivity software. The most severe of these vulnerabilities could allow remote code execution if an authenticated attacker sends specially crafted page content to a target SharePoint server.

Critical 
Remote Code Execution

May require restart

Microsoft Server Software,
Productivity Software

MS14-023

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2961037)

This security update resolves two privately reported vulnerabilities in Microsoft Office. The most severe vulnerability could allow remote code execution if a user opens an Office file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Important 
Remote Code Execution

May require restart

Microsoft Office

MS14-025

Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486)

This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if Active Directory Group Policy preferences are used to distribute passwords across the domain - a practice that could allow an attacker to retrieve and decrypt the password stored with Group Policy preferences.

Important 
Elevation of Privilege

May require restart

Microsoft Windows

MS14-026

Vulnerability in .NET Framework Could Allow Elevation of Privilege (2958732)

This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow elevation of privilege if an authenticated attacker sends specially crafted data to an affected workstation or server that uses .NET Remoting. .NET Remoting is not widely used by applications; only custom applications that have been specifically designed to use .NET Remoting would expose a system to the vulnerability.

Important 
Elevation of Privilege

May require restart

Microsoft Windows,
Microsoft .NET Framework

MS14-027

Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege (2962488)

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application that uses ShellExecute. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

Important 
Elevation of Privilege

Requires restart

Microsoft Windows

MS14-028

Vulnerability in iSCSI Could Allow Denial of Service (2962485)

This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow denial of service if an attacker sends large amounts of specially crafted iSCSI packets over the target network. This vulnerability only affects servers for which the iSCSI target role has been enabled.

Important 
Denial of Service

May require restart

Microsoft Windows

MS14-024

Vulnerability in a Microsoft Common Control Could Allow Security Feature Bypass (2961033)

This security update resolves one privately reported vulnerability in an implementation of the MSCOMCTL common controls library. The vulnerability could allow security feature bypass if a user views a specially crafted webpage in a web browser capable of instantiating COM components, such as Internet Explorer. In a web-browsing attack scenario, an attacker who successfully exploited this vulnerability could bypass the Address Space Layout Randomization (ASLR) security feature, which helps protect users from a broad class of vulnerabilities. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this ASLR bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability that could take advantage of the ASLR bypass to run arbitrary code.

Important 
Security Feature Bypass

May require restart

Microsoft Office

I’ve listed just the summaries in the above table.  If you want to dive deeper and learn more then check out the full summary here.  It contains much more detailed information than I’ve listed here.

Jeffa