Zero-day vulnerability affects all versions of Windows

On Tuesday, October 14, 2014, iSIGHT Partners – in close collaboration with Microsoft – announced the discovery of a zero-day vulnerability impacting all supported versions of Microsoft Windows and Windows Server 2008 and 2012.

Researchers at iSIGHT Partners said that the team, which they’ve dubbed Sandworm, likely has been active since 2009.

Microsoft is making a patch for this vulnerability available as part of patch updates on the 14th – CVE-2014-4114.

Zero-day Vulnerability Security Bypass in all versions of Microsoft Windows

Severity Rating: Critical
Availability Corrections: Yes
Number of vulnerabilities: 1
CVSSv2 Rating: (AV: N / AC: M / Au: N / C: P / I: P / A: P / E: H / RL: O / RC: C) = Base: 6.8 / Temporal: 5.9
CVE ID: CVE-2014-4114

Vector operation: Remote
Impact: Security Bypass
The availability of the exploit: active exploitation of the vulnerability

Affected Products: Microsoft Windows 7, Microsoft Windows 8, Microsoft Windows 8.1, Microsoft Windows Server 2008, Microsoft Windows Server 2012

Affected versions: Microsoft Windows all versions, Microsoft Windows Server 2008,
Microsoft Windows Server 2012


The zero-day vulnerability allows a remote user to bypass security restrictions in all versions of Microsoft Windows.

The zero-day vulnerability is caused due to an unspecified error. Details were not disclosed.
Note: The vulnerability is actively exploited in the present moment.

Solution: Install the latest version from the manufacturer’s website when it is available.