HP TippingPoint provides protection for new Microsoft bulletins - December 2014

by in Archive: Blogs & Blog Posts

On the second Tuesday of each month, Microsoft announces security updates to fix critical vulnerabilities in their software. This month, Microsoft released seven update bundles to fix two dozen security vulnerabilities in Windows and supported software. Three of the seven updates from Microsoft earned a “critical” rating, which means an exploited vulnerability could allow code execution without user interaction.

 

As an industry-leader in security intelligence and development, HP TippingPoint DVLabs pushes out Digital VaccineRegistered (DV) packages every week, or sooner if warranted, like in the case of “Shellshock” earlier this year. Digital Vaccines are deployed on our next-generation intrusion prevention systems (IPS) and next-generation firewall (NGFW) devices. Our latest DV package includes coverage for the Microsoft Security Bulletins released on December 9, 2014 and provides relevant network security protection for our customers’ networks.

 

The following list maps the HP TippingPoint Digital Vaccine filters to the December Microsoft Bulletins:

 

Microsoft Bulletin MS14-075: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)

Maximum Severity Rating and Vulnerability Impact: Important

This security update resolves four privately reported vulnerabilities in Microsoft Exchange Server. We provide protection to our customers through the following Digital Vaccine filters:

  • 17102
  • 17128

 

Microsoft Bulletin MS14-080: Cumulative Security Update for Internet Explorer (3008923)

Maximum Severity Rating and Vulnerability Impact: Critical

This security update resolves fourteen privately reported vulnerabilities in Internet Explorer. We provide protection to our customers through the following Digital Vaccine filters:

  • 16716
  • 16739
  • 16740
  • 16742
  • 16743
  • 17103
  • 17104
  • 17110
  • 17112
  • 17124
  • 17133
  • 17138
  • 17151

 

Microsoft Bulletin MS14-081: Vulnerabilities in Microsoft Word and Microsoft Office Web Apps Could Allow Remote Code Execution (3017301)

Maximum Severity Rating and Vulnerability Impact: Critical

This security update resolves two privately reported vulnerabilities in Microsoft Word and Microsoft Office Web Apps. We provide protection to our customers through the following Digital Vaccine filters:

  • 17105
  • 17137

 

Microsoft Bulletin MS14-082: Vulnerability in Microsoft Office Could Allow Remote Code Execution (3017349)

Maximum Severity Rating and Vulnerability Impact: Important

This security update resolves one privately reported vulnerability in Microsoft Office. We provide protection to our customers through the following Digital Vaccine filter:

  • 17153

 

Microsoft Bulletin MS14-083 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (3017347)

Maximum Severity Rating and Vulnerability Impact: Important

This security update resolves two privately reported vulnerabilities in Microsoft Excel. We provide protection to our customers through the following Digital Vaccine filters:

  • 17132
  • 17134

 

Microsoft Bulletin MS14-084: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)

Maximum Severity Rating and Vulnerability Impact: Critical

This security update resolves a privately reported vulnerability in the VBScript scripting engine in Microsoft Windows. We provide protection to our customers through the following Digital Vaccine filter:

  • 17135

 

Microsoft Bulletin MS14-085: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126)

Maximum Severity Rating and Vulnerability Impact: Important

This security update resolves a publicly disclosed vulnerability in Microsoft Windows. We provide protection to our customers through the following Digital Vaccine filter:

  • 17127

 

HP TippingPoint customers can visit the HP TippingPoint Threat Management Center for more information on the latest Digital Vaccine package.

Anonymous