Microsoft released the Security Bulletin for June July 2014, and recommended that the dongle be repaired in a timely manner.

Source: Internet
Author: User

The software released the Security Bulletin on July 15, July 2014 on time. It mainly Fixed Multiple Security Vulnerabilities (up to 29 in total) in IE browser and Windows Components ). Including remote code execution, Elevation of Privilege, and denial of service. Server Security dogs have also pushed these patches. To prevent hackers from exploiting the latest vulnerabilities, we recommend that you fix them in time to prevent hacker intrusion!

 

The following is a summary of July 2014 security vulnerabilities:

 

1. MS14-038: vulnerabilities in Windows diaries may allow remote code execution (kb2971850)

Description: This security update resolves a secret report vulnerability in Microsoft Windows. This vulnerability may allow remote code execution if you open a specially crafted diary file. Users with fewer system user permissions configured for accounts are less affected than users with administrative user permissions.

 

2. MS14-037: Internet Explorer Cumulative Security Update (kb2962872)

Description: This security update resolves a public vulnerability in Internet Explorer and a vulnerability reported by 23 secrets. The most serious vulnerability may allow remote code execution when users use Internet Explorer to view specially crafted webpages. Attackers who successfully exploit these vulnerabilities can obtain the same user permissions as the current user. Those Users whose accounts are configured with less system user permissions are less affected than those who have user management permissions.

 

3. MS14-039: vulnerabilities in the keyboard may allow Elevation of Privilege (kb2973201)

Description: This security update resolves a secret report vulnerability in Microsoft Windows. If an attacker uses a vulnerability in a low-integrity process to execute an on-screen keyboard (osk) and upload a special program to the target system, the vulnerability may allow Elevation of Privilege.

 

4. MS14-040: vulnerabilities in helper drivers (AFD) May Allow Elevation of Privilege (kb2961072)

Description: This security update resolves a secret report vulnerability in Microsoft Windows. If attackers log on to the system and run special applications, this vulnerability may allow Elevation of Privilege. Attackers must have valid logon creden。 and can log on locally to exploit this vulnerability.

 

5. MS14-041: vulnerabilities in DirectShow may allow Elevation of Privilege (kb2972280)

Description: This security update resolves a secret report vulnerability in Microsoft Windows. If an attacker first exploits another vulnerability in a low-integrity process and then uses this vulnerability to execute specially crafted code in the logon user context, the vulnerability may allow Elevation of Privilege.

 

The security update also includes MS14-042: vulnerabilities in Microsoft service bus that may allow denial of service (2972621)

This security update addresses a public disclosure vulnerability in Microsoft Service Bus for Windows Server. If an authenticated remote attacker creates and runs a program to send a series of specially crafted Advanced Message Queue Service protocol (amqp) messages to the target system, the vulnerability may allow dos.

 

For more information about Windows security vulnerabilities in July, refer to Microsoft Security Bulletin: https://technet.microsoft.com/library/security/ms14-jul


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.