Skip to main content
NewsPatch ManagementPatch Tuesday

August Patch Tuesday: The HBO Hackers

By August 8, 2017June 22nd, 2022No Comments
||
[vc_single_image source=”featured_image” img_size=”medium”]

Winter isn’t coming. Winter is here!

The recent HBO hack may have exposed up to 1.5 terabytes of data. This is 7 times what Sony lost in the 2014 cyberattack.

The script of the upcoming episode of Game of Thrones and other episodes of popular HBO series have also been released by the hackers. What still awaits to be released by the hackers remains unclear.

“As most of you have probably heard by now, there has been a cyber incident directed at the company which has resulted in some stolen proprietary information, including some of our programming.”

Richard Plepler, HBO CEO in an email published by Entertainment Weekly.

Robert Brown, Director of Services for Verismic says, “I wonder if they will be reading our Avoiding Patch Doomsday whitepaper as part of their security review? With this whitepaper, they can stop reacting to these kinds of threats and start predicting them. I’m sure this exposure has put a chill in their summer.”

Masses of common flaws crack open 55% of Corporate Networks Corporate information systems became more vulnerable in 2016, even as user awareness regarding information security significantly increased. That’s the word from Positive Technologies, which found in an overview of security audit findings that critical vulnerabilities were detected in 47% of investigated corporate systems last year.

[vc_single_image image=”12545″ img_size=”220×220 px”]

Implementing a proactive patching process should be one of the most important tasks being performed by your IT Security teams, especially since ransomware shuts down on average one in five small business after it hits.

“The human factor is the most likely weakness and often the cause of exposures for small to medium sized businesses,” says Robert Brown, Director of Services at Verismic. “These issues can be alleviated with the right patch management tool.”

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

WoSign and StartCom revoked from the Trust Root Program

Microsoft has concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed to maintain the standards required by their Trusted Root Program, observing unacceptable security practices include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certificate revocation, duplicate certificate serial numbers, and multiple CAB Forum Baseline Requirements (BR) violations.

Microsoft will begin the natural deprecation of WoSign and StartCom certificates by setting a “NotBefore” date of 26 September 2017. This means all existing certificates will continue to function until they self-expire. Windows 10 will not trust any new certificates from these CAs after September 2017. Microsoft values the global Certificate Authority community and only makes these decisions after careful consideration as to what is best for the security of our users.

Microsoft addressed 48 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SQL Server, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain escalated privileges, bypass security protections, view sensitive information, or cause a denial of service. Full details of the complete Security Update Guide can be found here.

Microsoft Updates

We have chosen a few updates to prioritize this month. This recommendation has been made using evidence from industry experts (including our own), anticipated business impact and the independent CVSS score for the vulnerability. The independent CVSS scores used in the table below range from 0 to 10. Vulnerabilities with a base score in the range 7.0-10.0 are High, those in the range 4.0-6.9 as Medium, and 0-3.9 as Low.

ID Vulnerability Alert CVSS Base Score Recommended
CVE-2017-8620 Microsoft Windows Search Arbitrary Code Execution Vulnerability 9 Yes
CVE-2017-8591 Microsoft Windows Input Method Editor Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2017-8593 Microsoft Windows Win32k Kernel Driver Privilege Escalation Vulnerability 8.8 Yes
CVE-2017-8624 Microsoft Windows Common Log File System Privilege Escalation Vulnerability 8.8 Yes
CVE-2017-0250 Microsoft Windows Jet Database Engine Arbitrary Code Execution Vulnerability 8.3 Yes
CVE-2017-0293 Microsoft Windows PDF Handling Arbitrary Code Execution Vulnerability 8.3 Yes
CVE-2017-8625 Microsoft Internet Explorer Security Bypass Vulnerability 8.3 Yes
CVE-2017-8634 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8635 Microsoft Edge and Internet Explorer Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8636 Microsoft Internet Explorer and Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8638 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8639 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8640 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8641 Microsoft Edge and Internet Explorer Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8645 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8646 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8647 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8651 Microsoft Internet Explorer Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8653 Microsoft Internet Explorer Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8655 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8656 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8657 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8661 Microsoft Edge Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8669 Microsoft Edge and Internet Explorer Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8670 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8671 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8672 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 8.3 Yes
CVE-2017-8674 Microsoft Edge Memory Corruption Vulnerability 8.3 Yes
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]

Leave a Reply