MS Advisory (2963983) Vulnerability in Internet Explorer Could Allow Remote Code Execution

  Severity: CRITICAL
  CVE Identifier: CVE-2014-1776
  Advisory Date: APR 26, 2014

  DESCRIPTION

This Microsoft security advisory reports a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.

The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

  SOLUTION

  PATCH: https://technet.microsoft.com/library/security/2963983

  Trend Micro Deep Security DPI Rule Number: 1006045
  Trend Micro Deep Security DPI Rule Name: 1006045 - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-1776) - 1

  AFFECTED SOFTWARE AND VERSION

  • Windows Server 2003 Service Pack 2 (Internet Explorer 6)
  • Windows Server 2003 Service Pack 2 (Internet Explorer 7)
  • Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 6)
  • Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 7)
  • Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 8)
  • Windows Vista Service Pack 2 (Internet Explorer 9)
  • Windows Vista x64 Edition Service Pack 2 (Internet Explorer 7)
  • Windows Vista x64 Edition Service Pack 2 (Internet Explorer 8)
  • Windows Vista x64 Edition Service Pack 2 (Internet Explorer 9)
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Internet Explorer 7)
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Internet Explorer 8)
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Internet Explorer 9)
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Internet Explorer 7)
  • Windows Server 2008 for Itanium-based Systems Service Pack 2 (Internet Explorer 7)
  • Windows 7 for x64-based Systems Service Pack 1 (Internet Explorer 9)
  • Windows 8 for 32-bit Systems (Internet Explorer 10)
  • Windows 8 for x64-based Systems (Internet Explorer 10)
  • Windows Server 2012 (Internet Explorer 10)
  • Windows RT (Internet Explorer 10)
  • Windows 8.1 for 32-bit Systems (Internet Explorer 11)
  • Windows Server 2003 Service Pack 2 (Internet Explorer 8)
  • Windows Server 2003 with SP2 for Itanium-based Systems (Internet Explorer 6)
  • Windows Server 2003 with SP2 for Itanium-based Systems (Internet Explorer 7)
  • Windows Vista Service Pack 2 (Internet Explorer 7)
  • Windows Vista Service Pack 2 (Internet Explorer 8)
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Internet Explorer 8)
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Internet Explorer 9)
  • Windows 7 for 32-bit Systems Service Pack 1 (Internet Explorer 8)
  • Windows 7 for 32-bit Systems Service Pack 1 (Internet Explorer 9)
  • Windows 7 for 32-bit Systems Service Pack 1 (Internet Explorer 10)
  • Windows 7 for 32-bit Systems Service Pack 1 (Internet Explorer 11)
  • Windows 7 for x64-based Systems Service Pack 1 (Internet Explorer 8)
  • Windows 7 for x64-based Systems Service Pack 1 (Internet Explorer 10)
  • Windows 7 for x64-based Systems Service Pack 1 (Internet Explorer 11)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Internet Explorer 8)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Internet Explorer 9)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Internet Explorer 10)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Internet Explorer 11)
  • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (Internet Explorer 8)
  • Windows 8.1 for x64-based Systems (Internet Explorer 11)
  • Windows Server 2012 R2 (Internet Explorer 11)
  • Windows RT 8.1 (Internet Explorer 11)