Where to Buy Trend Micro Products

For Home

For Small Business

1-888-762-8736
(M-F 8:00am-5:00pm CST)

For Enterprise

1-877-218-7353
(M-F 8:00am-5:00pm CST)

Not in the United States?
Select the country/language of your choice:

Asia Pacific Region

Europe

The Americas

Not in the United States?
Select the country/language of your choice:

Asia/Pacific

Europe

America

Login

For Home

For Business

For Partners

Threat Encyclopedia

April 2014 - Microsoft Releases 4 Security Advisories

SEVERITY

HIGH

//  ADVISORY DATE

08 APR 2014


DESCRIPTION

Microsoft addresses the following vulnerabilities in its April batch of patches:

  • (MS14-017) Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2949660)
    Risk Rating: Critical

    This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a specially crafted file is opened or previewed in an affected version of Microsoft Office software.


  • (MS14-018) Cumulative Security Update for Internet Explorer (2950467)
    Risk Rating: Critical

    This security update resolves six privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.


  • (MS14-019) Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2922229)
    Risk Rating: Important

    This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user runs specially crafted .bat and .cmd files from a trusted or semi-trusted network location.


  • (MS14-020) Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (2950145)
    Risk Rating: Important

    This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted file in an affected version of Microsoft Publisher.

TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

MS Bulletin ID Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability and IDF Compatibility
MS14-017 CVE-2014-1761 1005990 Microsoft Word RTF Remote Code Execution Vulnerability (CVE-2014-1761) 26-Mar-14 YES
MS14-017 CVE-2014-1761 1006000 Microsoft Word RTF Remote Code Execution Vulnerability (CVE-2014-1761) - 1 8-Apr-14 YES
MS14-017 CVE-2014-1761 1005989 1005989 - Identified Malicious C&C Server SSL Certificate 8-Apr-14 YES
MS14-018 CVE-2014-1751 1005991 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-1751) 8-Apr-14 YES
MS14-018 CVE-2014-1752 1005992 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-1752) 8-Apr-14 YES
MS14-018 CVE-2014-1753 1005995 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-1753) 8-Apr-14 YES
MS14-018 CVE-2014-1755 1005996 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-1755) 8-Apr-14 YES

SOLUTION

Featured Stories

Connect with us on