• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation
Home > Defense > Vulnerabilities 2014: Moving Forward

Vulnerabilities 2014: Moving Forward

January 27, 2015 By Erik

2014 saw the release of a number of critical vulnerabilities that caused media storms and left script kiddies on the edge of their seats in anticipation of public exploits.

These high impact vulnerabilities included, but were not limited to:

  • Heartbleed CVE-2014-0160
  • Various ShellShocks CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278
  • POODLE CVE-2014-3566

Some of the most interesting vulnerabilities were Microsoft specific:

  • MS14-064 vulnerabilities in Windows OLE Could Allow Remote Code Execution
  • MS14-066 Vulnerability is Schannel Could Allow Remote Code Execution
  • MS14-067 Vulnerability in XML Core Services could Allow Remote Code Execution
  • MS14-068 Vulnerability in Kerberos Could Allow Elevation of Privilege

Of these major vulnerabilities, Heartbleed, Shellshock, MS14-064 and MS14-068, now all have publicly-available, weaponized exploits. This makes it significantly easier for an attacker to dominate an insecure network environment. At the moment, unpatched MS14-068 presents a huge security hole for corporate Windows Domains. An attacker who is able to successfully exploit this vulnerability may request a Kerberos certificate with Domain Admin rights; all that is required is a valid domain username and password combination.

Not all critical vulnerabilities were new this past year. MS08-067 still looms large, seven years after its release. Our Attack Team was able to leverage this finding in additional, elevated access on a number of engagements this year.

I know I’m beating a dead horse, but you should definitely…

X ALL THE THINGS - PATCH ALL THE THNGS

As we witnessed in 2014, the next big breach is always just around the corner. Regular, proactive patching helps to remove some of the low hanging fruit from your organization’s attack surface. Make the hackers work for it!

As we move into the new year, expect to see more breaches and more vulnerabilities to be released.

Brace Yourself - Game of Thrones Meme meme

Share this...
  • Reddit
  • Email
  • Facebook
  • Twitter
  • Linkedin

Erik

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • DLL Injection Part 1: SetWindowsHookEx 10.9k views
  • Sophos UTM Home Edition – 3 – The Setup 10.8k views
  • Leveraging MS16-032 with PowerShell Empire 10k views
  • Bypassing Gmail’s Malicious Macro Signatures 9.8k views
  • How to Bypass SEP with Admin Access 8.9k views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2023 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.