Microsoft Security Bulletin Summary for November 2014 / Admin Rights related vulnerabilities

by Viewfinity 9. December 2014 11:20
Microsoft Security Bulletin Summary for November 2014 / Admin Rights related vulnerabilities
  • Microsoft Security Bulletin MS14-064 – Critical . Vulnerabilities in Windows OLE Could Allow Remote Code Execution
    This security update resolves two privately reported vulnerabilities in Microsoft Windows Object Linking and Embedding . The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • Microsoft Security Bulletin MS14-065 – Critical . Cumulative Security Update for Internet Explorer
    This security update resolves seventeen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
  • Microsoft Security Bulletin MS14-067 – Critical. Vulnerability in XML Core Services Could Allow Remote Code Execution
    This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a logged-on user visits a specially crafted website that is designed to invoke Microsoft XML Core Services (MSXML) through Internet Explorer. In all cases, however, an attacker would have no way to force users to visit such websites. Instead, an attacker would have to convince users to visit a website, typically by getting them to click a link in an email message or in an Instant Messenger request that takes users to the attacker's website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
  • Microsoft Security Bulletin MS14-069 – Important. Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
    This security update resolves three privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected edition of Microsoft Office 2007. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
  • Microsoft Security Bulletin MS14-070 – Important. Vulnerability in TCP/IP Could Allow Elevation of Privilege
    This security update resolves a publically reported vulnerability in TCP/IP that occurs during input/output control (IOCTL) processing. This vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process. If this process runs with administrator privileges, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
  • Microsoft Security Bulletin MS14-073 – Important. Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege
    This security update resolves a privately reported vulnerability in Microsoft SharePoint Server. An authenticated attacker who successfully exploited this vulnerability could run arbitrary script in the context of the user on the current SharePoint site. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit these vulnerabilities and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit these vulnerabilities.
     
  • Microsoft Security Bulletin MS14-078 – Moderate. Vulnerability in IME (Japanese) Could Allow Elevation of Privilege
    This security update resolves a privately reported vulnerability in Microsoft Input Method Editor (IME) (Japanese). The vulnerability could allow sandbox escape based on the application sandbox policy on a system where an affected version of the Microsoft IME (Japanese) is installed. An attacker who successfully exploited this vulnerability could escape the sandbox of a vulnerable application and gain access to the affected system with logged-in user rights. If the affected system is logged in with administrative rights, an attacker could then install programs; view, change or delete data; or create new accounts with full administrative rights.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

#TBT Sony is not the only company with recurring data breaches

by Viewfinity 4. December 2014 16:40

Sony is in the news for another high profile data breach; this time hackers were able to infiltrate their servers, denying service and leaking proprietary information about scripts and even releasing upcoming films. While many are quick to point the finger at Sony for being underprepared, we’re standing with journalist Wayne Rash of eWeek.  In his article published yesterday Rash stated “the fact is all enterprises are just as vulnerable as Sony.”

Sony is not the first enterprise to get breached more than once. While traditional IT security practices should definitely be investigated and bolstered if necessary we think that the answer lies not in fool proof protection, which simply doesn’t exist, but in proper incident response and analysis which can enable an organization to adapt and move past a breach, better protecting against them in the future. Visibility into an IT environment allows for accelerated incident response, which can drastically diminish dwell time. Solutions like continuous monitoring and forensic analysis are the tools needed to respond to the ever adapting hackers and malware of today.

For more information on how you can protect your infrastructure before, during, and after an attack check out this whitepaper: Utilizing Pervasive Application Monitoring and File Origin Tracking in IT Security.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

SC Magazine: New POS Malware Appears to be in Beta Testing Phase

by Viewfinity 2. December 2014 15:10

New POS Malware Appears to be in Beta Testing Phase

 

Read the full article from SC Magazine here.

Contact us if you'd like to know how we can help protect POS Systems.

Here are two more articles which address this problem as well, they are worth the read.

  • Jon Oltsik, Senior Principle Analysts for ESG
       “If Target used some type of application controls (from Bit 9, Kaspersky, McAfee, Viewfinity etc.)… it may have bad a better fighting chance.”       In Reducing Attack Surface with Application Control, we look at the double-edged sword of application control, detail a number of use cases where it fits well, and define selection criteria to consider for the technology.

 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

1 Week Until Black Friday – 25 Gadget Gift Ideas

by Viewfinity 21. November 2014 15:49

With only one week left until the biggest shopping day of the year we wanted to share this great gadget gift guide for all of our tech-loving readers out there. Whether you’re computer illiterate or tech savy, these gifts will please anyone.

Holiday Gift Guide 2014: 25 Gadgets That Make Great Gifts

Have you started your holiday shopping yet? Be sure to check out this recent blog post on keeping your credit card safe before you do.

1 Week Until Black Friday – 25 Gadget Gift Ideas

by Viewfinity 21. November 2014 15:29

With only one week left until the biggest shopping day of the year we wanted to share this great gadget gift guide for all of our tech-loving readers out there. Whether you’re computer illiterate or tech savvy, these gifts will please anyone.

Holiday Gift Guide 2014: 25 Gadgets That Make Great Gifts

Have you started your holiday shopping yet? Be sure to check out this recent blog post on keeping your credit card safe before you do.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

#TBT: A Brief Note on the History of Hacking

by Viewfinity 20. November 2014 15:49

Hackers, Data Breach, Security Infiltration – all words that have come to be part of everyday life. It seems that each day we here more news about yet another hacker breaking through yet another barrier. Whether it’s a large scale corporate espionage or personal emails getting compromised, almost all of us have experienced hacking in one way or another. However, what most people don’t realize is just how old this concept is. In fact, the very 1st hack was over 110 years ago.

The first well known instance of hacking can be traced back to 1903, when an inventor named Nevil Maskelyne took it upon himself to interrupt a wireless telegraph message being sent by John Ambrose Fleming. Maskelyne sent insulting messages about Guglielmo Marconi, the inventor of the telegraph, via Morse code during Fleming’s public presentation of the technology. (Read the full story here.)

Thus the idea of hacking and trolling was born. Since then people have managed to hack into anything and everything possible, from emails and computers to cars and refrigerators. Who knows what will be next.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

#TBT – Let’s take it all the way back to 1984 and The Karate Kid

by Viewfinity 13. November 2014 15:19

Let’s set the stage; It’s 1984, Los Angeles California, and the All Valley Karate Tournament is coming to a close. We all know how it goes; wrought with tension and emotion, against all odds, the hurt and exhausted Daniel Larusso musters up his strength to defeat Johnny Lawrence with a simple yet harrowing Crane Kick, to win the championship.

 

 

 

This very Crane Kick has become an iconic 80’s movie scene, which has been copied and parodied countless times. This week one of our Waltham, Mass. neighbors, Boston Dynamics, found a new and exciting way to pay homage to this powerful movie moment. The company recently posted a video of their robot, Ian, performing that very same crane kick stance.

 

 Ian is no Terminator, another iconic 1984 character, but one thing is definitely for sure, there is no way even Mr. Miyagi could have predicted the amazing technology that would allow this robot to move with such flow and precision.

 

 

 

So here’s the ultimate question – who do you think would win in a fight, Daniel-San or the Terminator?

Share with us your best Throw Back Thursday technologies and we will post them on our blog too!

 

 

 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

Get Ready For the Holiday Season with Tips for Keeping Your Credit Card Protected

by Viewfinity 3. November 2014 13:46

It's November, which means, brisk air, warm clothes, and lots of shopping as the holidays will be here in the blink of an eye. We came across a great article that weighs out some different payment methods that you can use this year, and the best steps to take to keep your credit cards safe while shopping. There is nothing that brings down holiday cheer more than having your accounts compromised. Take a look at this article, it's very helpful.

 

Credit.Com News - A Holiday Shopping Season Guide to Protecting Your Credit Card

 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

R.I.P. Security Breaches

by Viewfinity 31. October 2014 09:04

The scary truth is that most organizations will experience a security breach. Yet on a daily basis, we talk to IT security professionals who are committed to securing their environment; however, they are faced with multiple options regarding IT security software. It is clear there isn't a one size fits all solution.In honor of Halloween, the below infographic illustrates methods for closing down security loopholes related to local admin rights and application monitoring. Also be sure to check out our webinar on Wednesday: Steps Hackers Take to Infiltrate Windows Infrastructures and Least Privilege Application Control.

 

 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

The State of POS: Protecting Yourself and Your Company from Devastating Data Breaches

by Viewfinity 23. October 2014 10:50

2013 was labeled “The Year of the Mega Breach” as more and more consumer facing companies were ravaged by devastating POS attacks. 2014 has done nothing but prove that these types of attacks are only getting faster, more frequent, and harder to detect.   

Attend our Nov 5th webinar:
 Steps Hackers Take to Infiltrate Windows Infrastructures and Least Privilege Application Control

The fact is that IT professionals are doing everything they can to prevent these breaches. Unfortunately, as quickly as security practices adapt, so do hackers and advanced malware.  Where there is no one-size-fits-all security solution, here are select insights from industry experts sharing their knowledge, and knowledge is power.

Jon Oltsik, Senior Principle Analysts for ESG

  “If Target used some type of application controls (from Bit 9, Kaspersky, McAfee, Viewfinity etc.)… it may have bad a better fighting chance.”

SANS 5 Quick Wins:  #1 Application whitelisting; #5 Reduce the number of users w/ admin privileges

 

Mike Rothman, Securosis, Reducing Attack Surface with Application Control:  

In Reducing Attack Surface with Application Control, we look at the double-edged sword of application control, detail a number of use cases where it fits well, and define selection criteria to consider for the technology.

Paul Ducklin, 2009 winner of the AusCERT Director’s Award for Individual Excellence in Computer Security
Ducklin stresses the importance of ensuring that 3rd party vendors and contractors are amply protected, especially if the POS vendors access your networks remotely. More here.

Steven Norton, The Wall Street Journal
“Rolling out EMV technology in brick-and-mortar stores is a step in the right direction, but it won’t solve the entire security problem. While it can significantly reduce fraud, it doesn’t take in to account online transactions and may not help companies identify larger threats to the point-of-sale systems.”  Steven Norton: Security Breaches Trigger Retail’s Big Players to Call for Major Tech Challenges

Tracy Kitten, Bank Info Security
“By educating merchants about compliance with the Payment Card Industry Data Security Standard, or, in some cases, even providing network security services to their merchant customers, banking institutions are playing a more aggressive role in ensuring card fraud associated with point-of-sale attacks is contained.” Tracy Kitten: Banks: How to Stop POS Breaches

When it comes to POS and retail security breaches, unfortunately there is no easy button, no simple fix, but the strongest weapon you have is knowledge.  First and foremost organizations should adhere to the principle of least privileges; removing admin rights can eliminate a large number of security loopholes. Application whitelisting on POS devices ensure that only approved applications are running. Finally visibility into these activities with proper monitoring and forensic analysis can help accelerate threat detection and remediation in the event that a breach does occur.       

Powered by BlogEngine.NET 1.4.5.0
Theme by Mads Kristensen

Calendar

<<  December 2014  >>
MoTuWeThFrSaSu
24252627282930
1234567
891011121314
15161718192021
22232425262728
2930311234

View posts in large calendar

About Viewfinity

Viewfinity provides privilege management and application control for desktops, laptops and servers, empowering enterprises to meet compliance mandates, reduce security risks, and lower IT costs. The Viewfinity solution allows enterprises to control end user and privileged user rights for applications and systems which require elevated permissions. Viewfinity's granular-level control enables companies to establish and enforce consistent policies for least privilege Windows-based environments based on segregation of duties. For more information, visit www.viewfinity.com.

Follow us on Twitter: viewfinity
Find us on LinkedIn: www.linkedin.com/companies/viewfinity
Become a fan on Facebook: www.viewfinity.com/facebook