Zscaler Security Advisories
Zscaler Protects against Microsoft Office Remote Code Execution, Exchange Server Privilege Elevation, Microsoft Graphics Component Information Disclosure, and Internet Explorer Memory Corruption Vulnerabilities
Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 17 vulnerabilities included in the December 2014 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections as necessary.
MS14-075 - Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege
Severity: Important
Affected Software
- Microsoft Exchange Server 2013 SP1
CVE-2014-6325 - OWA XSS Vulnerability
Description: Elevation of privilege vulnerabilities exist when Microsoft Exchange Server does not properly validate input. An attacker who successfully exploited these vulnerabilities could run script in the context of the current user. An attacker could, for example, read content that the attacker is not authorized to read, use the victim's identity to take actions on the Outlook Web Access site on behalf of the victim, such as change permissions and delete content, and inject malicious content in the browser of the victim. Any system that is used to access an affected version of Outlook Web Access would potentially be at risk to attack. The update addresses the vulnerabilities by ensuring that URLs are properly sanitized.
MS14-080 - Cumulative Security Update for Internet Explorer
Severity: Important
Affected Software
- Internet Explorer 6-11
CVE-2014-6328 - Internet Explorer XSS Filter Bypass Vulnerability
CVE-2014-6329 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6330 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6363 - VBScript Memory Corruption Vulnerability
CVE-2014-6365 - Internet Explorer XSS Filter Bypass Vulnerability
CVE-2014-6366 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6369 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6373 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6374 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6375 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-6376 - Internet Explorer Memory Corruption Vulnerability
CVE-2014-8966 - Internet Explorer Memory Corruption Vulnerability
Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. The update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.
MS14-082 - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
Severity: Important
Affected Software
- Microsoft Office 2007
- Microsoft Office 2010
- Microsoft Office 2013
CVE-2014-6364 - Microsoft Office Component Use After Free Vulnerability
Description: A remote code execution vulnerability exists in the context of the current user that is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS14-083 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
Severity: Important
Affected Software
- Microsoft Office 2007
- Microsoft Office 2010
- Microsoft Office 2013
CVE-2014-6360 - Global Free Remote Code Execution in Excel Vulnerability
CVE-2014-6361 - Excel Invalid Pointer Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Excel does not properly handle objects in memory while parsing specially crafted Office files. System memory may be corrupted in such a way that an attacker could execute arbitrary code.
MS14-085 - Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure
Severity: Important
Affected Software
- Windows Server 2003 SP2
- Windows Vista SP2
- Windows Server 2008 SP2
- Windows 7 SP1
- Windows 8
- Windows 8.1
- Windows Server 2012
CVE-2014-6355 - Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists in the Microsoft Graphics Component that could allow an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. The vulnerability is caused when the Microsoft Graphics Component improperly handles the decoding of JPEG images in memory. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system.
MS14-083 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
Severity: Important
Affected Software
- Microsoft Office 2007
- Microsoft Office 2010
- Microsoft Office 2013
CVE-2014-6360 - Global Free Remote Code Execution in Excel Vulnerability
CVE-2014-6361 - Excel Invalid Pointer Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Excel does not properly handle objects in memory while parsing specially crafted Office files. System memory may be corrupted in such a way that an attacker could execute arbitrary code.
MS14-085 - Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure
Severity: Important
Affected Software
- Windows Server 2003 SP2
- Windows Vista SP2
- Windows Server 2008 SP2
- Windows 7 SP1
- Windows 8
- Windows 8.1
- Windows Server 2012
CVE-2014-6355 - Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists in the Microsoft Graphics Component that could allow an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. The vulnerability is caused when the Microsoft Graphics Component improperly handles the decoding of JPEG images in memory. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system.