Offentliche Verwaltung Deutschland Group

 View Only

SANDWORM - New Zero Day in OLE Package Manager in Windows and Server 

Oct 15, 2014 01:41 AM

BCS SECURITY NEWSFLASH.jpg

  • What is happening?:

    iSIGHT disclosed information about a previously unknown vulnerability in Microsoft Windows. This is receiving some attention in the news, and a significant number of customers are making contact to inquire about “sandworm”.
     
  • Why is this vulnerability significant?

    The vulnerability CVE-2014-4114 impacts all versions of Windows from Vista SP2 to Windows 8.1 and Windows Server versions 2008 and 2012. It has been actively used in limited targeted attacks since September.
     
  • Is there a patch?

    Microsoft has Released Security Bulletins for October 2014
    Microsoft has released their monthly Security Bulletin for October 2014. It is posted here:
    https://technet.microsoft.com/en-us/library/security/ms14-oct.aspx

 

  • Is Symantec making any public statement about this?

https://www-secure.symantec.com/connect/blogs/sandworm-windows-zero-day-vulnerability-being-actively-exploited-targeted-attacks

Coverage
AV
Exploit:   Trojan.Mdropper           20141014.006 Seq 158074
Payload: Backdoor.Lancafdo.A   20141014.006 Seq 158074

IPS
Exploit File: 27956 Attack: Malicious File Download - TBD

Additional Information
See the TechNote below for further information:
Symantec product detections for Microsoft monthly Security Advisories –October 2014
http://www.symantec.com/business/support/index?page=content&id=TECH225407

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.