CVE-2014-4114 - RCE ranljive vse verzije windowsev (client/server)

http://www.tripwire.com/state-of-securi...

Kot je nekdo povzel na redditu:

An exposed dangerous method vulnerability exists in the OLE package manager in Microsoft Windows and Server. This is impacting all versions of the Windows operating system from Vista SP2 to Windows 8.1, Windows Server versions 2008 and 2012.
As of right now (7AM EST, 10/14/2014) NVD and MITR have not officially released the details regarding this exploit. Not until the Microsoft patch has been distributed will the exact details be released, but here is what we do know. When exploited, the vulnerability allows an attacker to remotely execute arbitrary code. The vulnerability exists because Windows allows the OLE packager (packager .dll) to download and execute INF files. In the case of the observed exploit, specifically when handling Microsoft PowerPoint files, the packagers allows a Package OLE object to reference arbitrary external files, such as INF files, from untrusted sources. This will cause the referenced files to be downloaded in the case of INF files, to be executed with specific commands An attacker can exploit this vulnerability to execute arbitrary code but will need a specifically crafted file and use social engineering methods (observed in this campaign) to convince a user to open it Microsoft plans to release a patch for the vulnerability on Tuesday patch in security bulletin MS14-060, as part of its monthly “Patch Tuesday” — an organized release of patches to vulnerabilities in the company’s software.