Skip to content

Home 特別報告 Windows OLE 漏洞
Windows OLE 漏洞
週三, 15 十月 2014 17:40

Description:

As of the 15th October 2014, Macau Computer Emergency Response Team (MOCERT) has been made aware that a vulnerability in Windows OLE, that could allow remote code execution, is being used in the wild, under the name “Sandworm”. This advisory is issued to urge users of affected system to ensure they apply the patch as soon as practical.

Vulnerability:

The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object.

Impact:

If the exploit is successful and current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Systems Affected:

Windows Vista/Windows Server 2008/Windows 7/Windows Server 2008 R2/Windows 8 and Windows 8.1/Windows Server 2012 and Windows Server 2012 R2/Windows RT and Windows RT 8.1

Patches:

It is recommended to patch vulnerable systems as soon as possible as there is on going attack using spearphising techniques.

Should a patch not be able to be installed then it is advised to selectively apply a provided workaround as per the original advisory.

Links:

Microsoft MS14-060 https://technet.microsoft.com/library/security/ms14-060

Microsoft KB https://support.microsoft.com/kb/3000869

iSight Partners http://www.isightpartners.com/2014/10/cve-2014-4114/

 
[YOUR IP: 3.94.129.211: 51210] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...