Multiple vulnerabilities have been discovered in Microsoft Windows Object Linking and Embedding (OLE) that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Windows 8 and Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Windows RT and Windows RT 8.1
Server Core installation option
Multiple vulnerabilities has been discovered in Microsoft Windows Object Linking and Embedding (OLE) that could allow an attacker to take complete control of an affected system. The details of these vulnerabilities are as follows:
An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. - CVE-2014-6332
A remote code execution vulnerability exists in the context of the current user that is caused when a user downloads, or receives, and then opens a specially crafted Microsoft Office file that contains OLE objects. - CVE-2014-6352
We recommend the following actions be taken:
Apply the Microsoft Fix it solution, "OLE packager Shim Workaround", that prevents exploitation of the vulnerability.
Do not open Microsoft PowerPoint files, or other files, from untrusted sources.
Apply the principle of Least Privilege to all services.
Deploy the Enhanced Mitigation Experience Toolkit 5.0 and configure Attack Surface Reduction.