ゼットスケーラーのセキュリティアドバイザリ

セキュリティ アドバイザリー - February 11, 2014

Zscaler Protects against Vulnerability in Windows XML Core Services, Direct2D, and Internet Explorer Memory Corruption

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 26 vulnerabilities included in the February 2014 Microsoft security bulletins.  Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections as necessary.

MS14-005Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure
Severity: Important
Affected Software

  • Windows XP (All Versions)
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows 8
  • Windows Server 2012
     

    CVE-2014-0266 – MSXML Information Disclosure Vulnerability

    Description: An information disclosure vulnerability exists that could allow an attacker to read files on the local file system of a user, or read content of web domains where a user is currently authenticated. An attacker could exploit this vulnerability when a user views specially crafted web content that is designed to invoke MSXML through Internet Explorer.

    MS14-006Vulnerability in IPv6 Could Allow Denial of Service
    Severity: Important
    Affected Software

  • Windows 8
  • Windows Server 2012
     

    CVE-2014-0254 – TCP/IP Version 6 (IPv6) Denial of Service Vulnerability

    Description: A denial of service vulnerability exists in Windows in the IPv6 implementation of TCP/IP. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding.

    MS14-007Vulnerability in Direct2D Could Allow Remote Code Execution
    Severity: Critical
    Affected Software

  • Windows 7
  • Windows 8
  • Windows Server 2008
  • Windows Server 2012
     

    CVE-2014-0263 – Microsoft Graphics Component Memory Corruption Vulnerability

    Description: A remote code execution vulnerability exists in the way that affected Windows components handle specially crafted 2D geometric figures. The vulnerability could allow remote code execution if a user views files containing such specially crafted figures using Internet Explorer. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

    MS14-009Vulnerability in Direct2D Could Allow Remote Code Execution
    Severity: Important
    Affected Software

  • Windows XP
  • Windows Vista
  • Windows 7
  • Windows 8
  • Windows Server 2003
  • Windows Server 2008
  • Windows Server 2012
     

    CVE-2014-0253 – POST Request DoS Vulnerability

    Description: A denial of service vulnerability exists in Microsoft ASP.NET that could allow an attacker to cause an ASP.NET server to become unresponsive.

    MS14-010Cumulative Security Update for Internet Explorer
    Severity: Important
    Affected Software

  • Internet Explorer 6-11
  • CVE-2014-0267 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0269 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0270 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0271 – VBScript Memory Corruption Vulnerability
    CVE-2014-0272 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0273 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0274 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0275 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0276 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0277 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0278 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0279 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0281 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0283 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0284 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0285 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0286 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0287 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0288 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0289 – Internet Explorer Memory Corruption Vulnerability
    CVE-2014-0290 – Internet Explorer Memory Corruption Vulnerability

    Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses an object in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.  There is also an information disclosure vulnerability that exists in the way that Internet Explorer handles specially crafted web content when generating print previews. An attacker who successfully exploited this vulnerability could gather information from any page that the victim is viewing.

    APSB14-04Vulnerability in Windows Kernel Could Allow Elevation of Privilege
    Severity: Critical
    Affected Software

  • Adobe Flash Player 12.0.0.43 and earlier
  • CVE-2014-0497 – Integer underflow in AVM li32

    Description: Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.