Original Publication Date: 11-07-2014
To mitigate the vulnerabilities identified by CVE IDs mentioned in the table below, Cyberoam has released IPS Signature Versions 3.11.75 and 5.11.75. Read the Release Notes for IPS Signature Versions 3.11.75 and 5.11.75.
Cyberoam IPS Signature Name
Microsoft Internet Explorer CVE-2014-1765 Use After Free
Microsoft Internet Explorer CVE-2014-2787 Remote Memory Corruption Vulnerability
Microsoft Internet Explorer CVE-2014-2795 Remote Memory Corruption Vulnerability
Microsoft Internet Explorer CVE-2014-2797 Remote Memory Corruption Vulnerability
Microsoft Internet Explorer CVE-2014-2801 Remote Memory Corruption Vulnerability
Microsoft Internet Explorer CVE-2014-2804 Use After Free
The following table provides general information on the vulnerabilities described in the Microsoft Security Bulletins.
Microsoft Security Bulletin
Microsoft Security Bulletin MS14-037
Cumulative Security Update for Internet Explorer
An attacker could host a specially crafted website that is designed to exploit these vulnerabilities through Internet Explorer, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit these vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by getting them to open an attachment sent through email.
Internet Explorer,Microsoft Windows
Microsoft Security Bulletin MS14-038
Vulnerability in windows Journal Could Allow Remote Code Execution
An attacker could exploit the vulnerability by sending a specially crafted Journal file to the user and by convincing the user to open the file.
Microsoft Security Bulletin MS14-039
Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege
An attacker would have to first use a vulnerability in a low integrity process to execute the On-Screen Keyboard and then have a method of uploading a specially crafted program to the target system.
Microsoft Security Bulletin MS14-040
Vulnerability in Ancillary Function Driver (AFD) could Allow Elevation of Privilege
An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Microsoft Security Bulletin MS14-041
Vulnerability in DirectShow Could Allow Elevation of Privilege
To exploit this vulnerability an attacker would first have to have successfully exploit another vulnerability in a low integrity process and then use this vulnerability to execute specially crafted code in the context of the logged on user.
11 July 2014
Initial public release containing information on the the vulnerabilities described in the Microsoft Security Bulletins.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.