BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Retina Vulnerability Audits – June 2014 Patch Tuesday

Posted June 11, 2014    BeyondTrust Research Team

The following is a list of Retina vulnerability audits for this June 2014 Patch Tuesday.

Format: Retina Audit ID – Audit Name

MS14-030 - Vulnerability in Remote Desktop Could Allow Tampering (2969259)
34326 – Microsoft Remote Desktop Tampering Vulnerability (2969259) Both KB 8.1/2012R2
34332 – Microsoft Remote Desktop Tampering Vulnerability (2969259) KB2965788 No 81/20122

MS14-031 - Vulnerability in TCP Protocol Could Allow Denial of Service (2962478)
34323 – Microsoft TCP Protocol Denial-of-Service (DoS) Vulnerability (2962478)

MS14-032 - Vulnerability in Microsoft Lync Server Could Allow Information Disclosure (2969258)
34337 – Microsoft Lync Server Information Disclosure Vulnerability (2969258) – Lync 2010
34338 – Microsoft Lync Server Information Disclosure Vulnerability (2969258) – Lync 2013

MS14-033 - Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)
34329 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 2003
34330 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 Vis/2K8
34331 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 7/2K8R2
34333 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 8/2012
34334 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 8.1/20122
34335 – Microsoft XML Core Services Information Disclosure (2966061) KB2966631 8.1/20122
34336 – Microsoft XML Core Services Information Disclosure (2966061) KB2957482 2003

MS14-034 - Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)
34324 – Microsoft Word Remote Code Execution Vulnerability (2969261) – Word 2007
34325 – Microsoft Word Remote Code Execution Vulnerability (2969261) – Word 2007 x86
34327 – Microsoft Word Remote Code Execution Vulnerability (2969261) – Compat Pack
34328 – Microsoft Word Remote Code Execution Vulnerability (2969261) – Compat Pack x86

MS14-035 - Cumulative Security Update for Internet Explorer (2969262)
34318 – Microsoft Internet Explorer Cumulative Security Update – KB2957689 IE6/7/9/10/11
34319 – Microsoft Internet Explorer Cumulative Security Update – KB2957689 IE8 2K3
34320 – Microsoft Internet Explorer Cumulative Security Update – KB2957689 IE8 Other
34321 – Microsoft Internet Explorer Cumulative Security Update – KB2963950

MS14-036 - Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (2967487)
34339 – Microsoft Graphics Component Remote Code Execution (2967487) 2878233 Off 2K7
34340 – Microsoft Graphics Component Remote Code Execution (2967487) 2863942 Off 2010
34341 – Microsoft Graphics Component Remote Code Execution (2967487) – Lync 2013
34342 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2964718 dwrite
34343 – Microsoft Graphics Component Remote Code Execution (2967487) – gdiplus Other
34344 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2957509 usp10
34345 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2964736 gdi32
34346 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2965155 gdi32
34347 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2965161 dwrite
34348 – Microsoft Graphics Component Remote Code Execution (2967487) – Lync 2010
34349 – Microsoft Graphics Component Code Execution (2967487) – Lync Attendee (Admin)
34351 – Microsoft Graphics Component Code Execution (2967487) – Lync Attendee (User)
34355 – Microsoft Graphics Component Remote Code Execution (2967487) – gdiplus 2003
34357 – Microsoft Graphics Component Remote Code Execution (2967487) – Live Meeting 2007
34358 – Microsoft Graphics Component Remote Code Execution (2967487) KB2957509 usp10 64
34359 – Microsoft Graphics Component Remote Code Execution (2967487) – Off 2K7 usp10
34360 – Microsoft Graphics Component Remote Code Execution (2967487) – Off 2010 usp10
34361 – Microsoft Graphics Component Remote Code Execution (2967487) 2878233 Off 2K7 64
34362 – Microsoft Graphics Component Remote Code Execution (2967487) – Off 2K7 usp10 64
34363 – Microsoft Graphics Component Remote Code Execution (2967487) 2863942 Off 2010 64
34364 – Microsoft Graphics Component Remote Code Execution (2967487) – Off 2010 usp10 64
34366 – Microsoft Graphics Component Remote Code Execution (2967487) – Lync 2013 64
34377 – Microsoft Graphics Component Remote Code Execution (2967487) – Lync 2010 64

Tags:
, , ,

Leave a Reply

Additional articles

PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,
darren-mar-elia

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

Posted August 20, 2014    Chris Burd

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management…

Tags:
, , , , , , ,