BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Retina Vulnerability Audits – June 2014 Patch Tuesday

Posted June 11, 2014    BeyondTrust Research Team

The following is a list of Retina vulnerability audits for this June 2014 Patch Tuesday.

Format: Retina Audit ID – Audit Name

MS14-030 – Vulnerability in Remote Desktop Could Allow Tampering (2969259)
34326 – Microsoft Remote Desktop Tampering Vulnerability (2969259) Both KB 8.1/2012R2
34332 – Microsoft Remote Desktop Tampering Vulnerability (2969259) KB2965788 No 81/20122

MS14-031 – Vulnerability in TCP Protocol Could Allow Denial of Service (2962478)
34323 – Microsoft TCP Protocol Denial-of-Service (DoS) Vulnerability (2962478)

MS14-032 – Vulnerability in Microsoft Lync Server Could Allow Information Disclosure (2969258)
34337 – Microsoft Lync Server Information Disclosure Vulnerability (2969258) – Lync 2010
34338 – Microsoft Lync Server Information Disclosure Vulnerability (2969258) – Lync 2013

MS14-033 – Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)
34329 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 2003
34330 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 Vis/2K8
34331 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 7/2K8R2
34333 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 8/2012
34334 – Microsoft XML Core Services Information Disclosure (2966061) KB2939576 8.1/20122
34335 – Microsoft XML Core Services Information Disclosure (2966061) KB2966631 8.1/20122
34336 – Microsoft XML Core Services Information Disclosure (2966061) KB2957482 2003

MS14-034 – Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)
34324 – Microsoft Word Remote Code Execution Vulnerability (2969261) – Word 2007
34325 – Microsoft Word Remote Code Execution Vulnerability (2969261) – Word 2007 x86
34327 – Microsoft Word Remote Code Execution Vulnerability (2969261) – Compat Pack
34328 – Microsoft Word Remote Code Execution Vulnerability (2969261) – Compat Pack x86

MS14-035 – Cumulative Security Update for Internet Explorer (2969262)
34318 – Microsoft Internet Explorer Cumulative Security Update – KB2957689 IE6/7/9/10/11
34319 – Microsoft Internet Explorer Cumulative Security Update – KB2957689 IE8 2K3
34320 – Microsoft Internet Explorer Cumulative Security Update – KB2957689 IE8 Other
34321 – Microsoft Internet Explorer Cumulative Security Update – KB2963950

MS14-036 – Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (2967487)
34339 – Microsoft Graphics Component Remote Code Execution (2967487) 2878233 Off 2K7
34340 – Microsoft Graphics Component Remote Code Execution (2967487) 2863942 Off 2010
34341 – Microsoft Graphics Component Remote Code Execution (2967487) – Lync 2013
34342 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2964718 dwrite
34343 – Microsoft Graphics Component Remote Code Execution (2967487) – gdiplus Other
34344 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2957509 usp10
34345 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2964736 gdi32
34346 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2965155 gdi32
34347 – Microsoft Graphics Component Remote Code Execution (2967487) – KB2965161 dwrite
34348 – Microsoft Graphics Component Remote Code Execution (2967487) – Lync 2010
34349 – Microsoft Graphics Component Code Execution (2967487) – Lync Attendee (Admin)
34351 – Microsoft Graphics Component Code Execution (2967487) – Lync Attendee (User)
34355 – Microsoft Graphics Component Remote Code Execution (2967487) – gdiplus 2003
34357 – Microsoft Graphics Component Remote Code Execution (2967487) – Live Meeting 2007
34358 – Microsoft Graphics Component Remote Code Execution (2967487) KB2957509 usp10 64
34359 – Microsoft Graphics Component Remote Code Execution (2967487) – Off 2K7 usp10
34360 – Microsoft Graphics Component Remote Code Execution (2967487) – Off 2010 usp10
34361 – Microsoft Graphics Component Remote Code Execution (2967487) 2878233 Off 2K7 64
34362 – Microsoft Graphics Component Remote Code Execution (2967487) – Off 2K7 usp10 64
34363 – Microsoft Graphics Component Remote Code Execution (2967487) 2863942 Off 2010 64
34364 – Microsoft Graphics Component Remote Code Execution (2967487) – Off 2010 usp10 64
34366 – Microsoft Graphics Component Remote Code Execution (2967487) – Lync 2013 64
34377 – Microsoft Graphics Component Remote Code Execution (2967487) – Lync 2010 64

Tags:
, , ,

Leave a Reply

Additional articles

Are Your Data Security Efforts Focused in the Right Area?

Posted January 28, 2015    Scott Lang

Vormetric Data Security recently released an insider threat report, with research conducted by HarrisPoll and analyzed by Ovum. Based on the survey responses, it is apparent that there is still a great deal of insecurity over data. However, the results also show that there may be misplaced investments to address those insecurities. I will explain…

Tags:
ghost

GHOST Vulnerability…Scary Indeed

Posted January 28, 2015    BeyondTrust Research Team

A vulnerability discovered by Qualys security researchers has surfaced within the GNU C Library that affects virtually all Linux operating systems. The vulnerability lies within the various gethostbyname*() functions and, as such, has been dubbed “GHOST.” GHOST is particularly nasty considering remote, arbitrary code execution can be achieved. In an effort to avoid taxing DNS lookups, glibc developers introduced…

Tags:
,
dave-shackleford-headshot

Your New Years Resolution: Controlling Privileged Users

Posted January 27, 2015    Dave Shackleford

Is 2015 the year you get a better handle on security? The news last year was grim – so much so, in fact, that many in the information security community despaired a bit. Really, the end-of-the-year infosec cocktail parties were a bit glum. OK, let’s be honest, infosec cocktail parties are usually not that wild…

Tags:
, , ,