Clculate Windows of Vulneravilty
What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.
Advisory Number:
2755801
2501696
2588513
2639658
2659883
2. Do any vulnerabilities involve privilege elevation? Is this considered a high priority issue?
Yes, 2639658 Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege, but not a high priority issue.
3. Identify and document at least three vulnerabilities and the solutions related to the client configurations.
Advisory Number: 2719662
Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Apply the Microsoft Fix it solution that blocks the attack vector for this vulnerability. Disable Sidebar in Group Policy. Disable the Sidebar in the system registry.
Advisory Number: 2737111
Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Disable WebReady document view for Exchange.
Advisory Number: 2755801
Solution: Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update. Prevent Adobe Flash Player from running. Prevent Adobe Flash Player from running on Internet Explorer 10 through Group Policy on Windows 8 and Windows Server 2012. Prevent Adobe Flash Player from running in Office 2010 on Windows 8 and Windows Server 2012. Prevent ActiveX controls from running in Office 2007 and Office 2010. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone.
Advisory Number:
2755801
2501696
2588513
2639658
2659883
2. Do any vulnerabilities involve privilege elevation? Is this considered a high priority issue?
Yes, 2639658 Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege, but not a high priority issue.
3. Identify and document at least three vulnerabilities and the solutions related to the client configurations.
Advisory Number: 2719662
Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Apply the Microsoft Fix it solution that blocks the attack vector for this vulnerability. Disable Sidebar in Group Policy. Disable the Sidebar in the system registry.
Advisory Number: 2737111
Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Disable WebReady document view for Exchange.
Advisory Number: 2755801
Solution: Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update. Prevent Adobe Flash Player from running. Prevent Adobe Flash Player from running on Internet Explorer 10 through Group Policy on Windows 8 and Windows Server 2012. Prevent Adobe Flash Player from running in Office 2010 on Windows 8 and Windows Server 2012. Prevent ActiveX controls from running in Office 2007 and Office 2010. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone.