CVE-2014-4114

Microsoft Windows Vista SP2, Windows Server 2008 SP2 va R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold va R2, Windows RT Gold va 8.1 uzoqdan tajovuzkorlarga Office hujjatidagi OLE ob'ekti orqali o'zboshimchalik bilan kodni amalga oshirish imkonini beradi, chunki iyun oyida vahshiylar hujumidan foydalanilgan. 2014, aka "Windows OLE masofaviy kodini bajarishda zaiflik."

CVSS Vector

Manbalar

• http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-windows-zero-day-vulnerability-cve-2014-4114-aka-sandworm/
• http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx
• http://osvdb.org/show/osvdb/113140
• http://secunia.com/advisories/60972
• http://www.exploit-db.com/exploits/35019