Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Microsoft Patch Tuesday, March 2014

March's Patch Tuesday includes five bulletins, two rated "Critical" and three rated "Important". The first of the two "Critical" bulletins is MS14-012. This patch fixes many memory corruption vulnerabilities including a zeroday vulnerability in Internet Explorer being exploited in the wild.

Three other patches affect the Windows operating systems and probably represent the last patches we will see for the Windows XP platforms. Official support for Windows XP as well as Office 2003 is ending on April 8th and we recommend that users upgrade immediately. An update for Silverlight also marks the rare occasion where Patch Tuesday affects the Mac OS X platform.

 

MS14-012 (KB2925418)
CRITICAL
Vulnerabilities in Internet Explorer
CVE-2014-0298, CVE-2014-0299, CVE-2014-0302, CVE-2014-0303, CVE-2014-0304, CVE-2014-0305, CVE-2014-0306, CVE-2014-0307, CVE-2014-0308, CVE-2014-0309, CVE-2014-0311, CVE-2014-0312, CVE-2014-0313, CVE-2014-0314, CVE-2014-0321, CVE-2014-0322, CVE-2014-0324

This bulletin covers 18 critical CVEs in Internet Explorer. All of them are memory corruption vulnerabilities. Researchers discovered one of them, CVE-2014-0322, as a part of an in-the-wild exploit targeting the vulnerability in Internet Explorer 10. Trustwave SpiderLabs' Rami Kogan wrote a technical breakdown of the vulnerability and how it is being exploited. You can read his technical breakdown here: http://blog.spiderlabs.com/2014/02/internet-explorer-zero-day-cve-2014-0322.html. CVE-2014-0324 has been exploited in-the-wild targeting installations of Internet Explorer 8.

This security update affects all versions of Internet Explorer 6 through 11.

 

MS14-013 (KB2929961)
CRITICAL
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
CVE-2014-0301

This vulnerability in Microsoft DirectShow could allow a specially crafted JPEG image to remotely execute arbitrary code. An attacker could host a malicious image on a website or in a document. Code will be executed as DirectShow parses the image and will occur using the same user rights as the current user.

This security update affects Windows XP, Vista, 7, 8, 8.1, RT as well as Windows Server 2003, 2008, 2012

 

MS14-014 (KB2932677)
IMPORTANT
Vulnerability in Silverlight Could Allow Security Feature Bypass
CVE-2014-0319

Silverlight is Microsoft's answer to Adobe's Flash technology in that it provides rich applications and content streaming over the Internet. The vulnerability allows an attacker to bypass memory security controls DEP (Data Execution Prevention) and Address Space Layout Randomization (ASLR). While the vulnerability alone doesn't allow for remote code execution, it could be combined with a separate remote code execution vulnerability in order to raise the success rate of an exploit. Since Silverlight is a cross-platform product, both Mac and Windows platforms will need to apply this patch. Users can verify which version they have installed by visiting: http://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx

This security update affects all versions of Silverlight prior to version 5.1.30214.0 on Mac and all supported releases of Microsoft Windows.

 

MS14-015 (KB2930275)
IMPORTANT
Vulnerabilities in Windows Kernel Mode Driver Could Allow Elevation of Privilege
CVE-2014-0300, CVE-2014-0323

This bulletin covers two CVEs that affect the Windows Kernel Mode Driver, Win32k.sys. CVE-2014-0300 is a privilege elevation vulnerability. If an attacker has a valid logged-in session they can execute a malicious application that will give them full administrative rights to the system. CVE-2014-0323 can allow improper disclosure of objects in memory.

This security update affects Windows XP, Vista, 7, 8, 8.1, RT as well as Windows Server 2003, 2008, 2012

 

MS14-016 (KB2934418)
IMPORTANT
Vulnerability in Microsoft Remote Protocol Could Allow Security Feature Bypass
CVE-2014-0317

This vulnerability exists in the Security Account Manager Remote (SAMR) protocol and allows an attacker to cause Windows to incorrectly validate user lockout states.

An attacker would exploit this vulnerability in conjunction with a brute force attack. By preventing a correct check on an account lockout state the attacker could try as many passwords as they like in order to breach a user's credentials.

This security update affects Windows XP and Vista as well as Windows Server 2003, 2008, 2012

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo