Cybersecurity Insurance Checklist - Meet Insurance Requirements with BeyondTrust PAM Download for Free

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

February 2014 Patch Tuesday

February 11, 2014

  • Blog
  • Archive
February’s Patch Tuesday comes to us with patches for XML Core Services, IPv6, Direct2D, Forefront, .NET, Internet Explorer, and VBScript. There are a total of seven bulletins (4 critical, 3 important) addressing 31 unique vulnerabilities. Most notable this month is the patch for Internet Explorer, MS14-010, which fixes 24 vulnerabilities: over two thirds of this month's patched vulnerabilities. Every supported version of Internet Explorer is affected (versions 6 through 11). Multiple types of bugs are fixed in this patch, including memory corruptions (1 of which was publicly disclosed), an elevation of privileges vulnerability that permits escalation from low integrity to user privileges, and a cross-domain information disclosure vulnerability. Also noteworthy is CVE-2014-0271, a VBScript memory corruption vulnerability, which is only fixed in Internet Explorer 9 with this bulletin. For all other affected versions of Internet Explorer, CVE-2014-0271 can be addressed by installing MS14-011. It is important to roll both MS14-010 and MS14-011 out as soon as possible. Going back to the beginning of the bulletin list, we have MS14-005, a patch for Microsoft XML Core Services. This vulnerability, CVE-2014-0266, has been publicly disclosed and used in targeted attacks, seen in November 2013 during the IE zero-day watering hole attacks, as reported by FireEye. The vulnerability lies only within XML Core Services version 3.0, leaving versions 4.0, 5.0, and 6.0 unaffected. This bulletin affects every supported version of Windows because XML Core Services 3.0 is shipped with every version of Windows. Since this vulnerability has exploited in targeted attacks, it is important to roll it out as soon as possible. The next critical bulletin is MS14-007, which fixes a vulnerability in Direct2D, a graphics component in Windows. This patch applies to Windows 7, 8, 8.1, RT, RT 8.1, Server 2008 R2, Server 2012, and Server 2012 R2. Additionally, exploitation can be achieved by delivering malicious 2D geometric figures through Internet Explorer. Therefore, attackers will be very interested in it, given that it affects the latest versions of Windows and can be exploited via drive-by mechanisms. Deploy this patch as soon as possible. MS14-008 addresses a critical vulnerability in Microsoft Forefront Protection for Exchange. This vulnerability could allow an attacker to execute arbitrary code on the Exchange server when a malicious email is scanned by Forefront. Code would be executed in the context of the configured service account. This does not affect all Forefront solutions: it only affects Forefront Protection 2010 for Exchange Server. Nonetheless, it is important to get this patch deployed as soon as possible, because attackers will be interested in any way to potentially compromise an Exchange server. The IPv6 component in Windows 8, RT, and Server 2012 is receiving a fix with MS14-006. This publicly disclosed vulnerability can be used by attackers to cause targeted systems to stop responding. The attacker would need to send a large amount of malicious packets to the affected system in order to achieve the denial of service condition. While this sounds like an ominous vulnerability, the attacker must be on the same subnet as the victim, so this greatly increases the barrier to properly exploiting this vulnerability. The .NET Framework is receiving a patch this month, MS14-009, which addresses multiple vulnerabilities: a denial of service vulnerability, a type traversal vulnerability, and an ASLR bypass vulnerability. The denial of service vulnerability and the ASLR bypass were both publicly disclosed, and the ASLR bypass has been used in targeted attacks. The denial of service vulnerability would be used to target ASP.NET servers, whereas the other two vulnerabilities could be targeted in any .NET application. Be sure to patch Internet Explorer (MS14-010), VBScript (MS14-011), XML Core Services (MS14-005), Direct2D (MS14-007), and Forefront Protection for Exchange (MS14-008) as soon as possible, followed by the rest of the patches. Also, be sure to join us for the Vulnerability Expert Forum tomorrow, Wednesday, February 12 at 1pm PT, where we cover these patches, as well as other security news. Sign up here. >> Hello VEF Attendees! Participate in our monthly giveaway here. Answer the question in the comments to win a Nexus 7! We frequently mention Chrome as an alternative to Internet Explorer. Has your organization made strides towards adopting a safer browser like Chrome? If not, what is stopping you? Legacy systems? Learning curve? Policies? Most insightful and/or awesome answer wins! >> VEF News Articles NSA's 'Dishfire' program said to capture nearly 200M texts a day Spam From Your Fridge Don't Believe Everything You Read (Webroot/Novell/Target) Target Hackers Broke in Via HVAC Company China Operating System Microsoft Announces Brussels Transparency Center at Munich Security Conference >> VEF Questions & Comments Jay wanted to know, "How are some of these newest exploits related to leveraging off the recent amplification attacks for UDP?" Although some of this Patch Tuesday's bulletins were networking related (IPv6), none of them were associated with recent amplification DDoS attacks we have been seeing in the wild. The DDoS that we've been seeing has to do with a known weakness in NTP (Network Time Protocol), which allowed attackers to generate a massive amount of traffic directed toward targeted hosts. Cloudflare was mitigating the attack and has technical details of the attack on their blog. Thank you to all who attended this month’s VEF! We appreciate all the questions and comments. If there was a question you asked that we did not answer on the VEF, or did not mention in this blog post, please contact us directly research@BeyondTrust.com.
Photograph of Scott Lang

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Microsoft Vulnerabilities Report 2021

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.