In this video, we have our industry expert, Jon Cassel here to give us an inside look at the newest third-party patch releases. And with that, Jon Cassel. Syxsense is the leading provider of innovative, intuitive technology that sees all and knows everything about every endpoint, in every location, everywhere inside and outside the network, as well as in the cloud. It combines the power of artificial intelligence with industry expertise to manage and secure endpoints by stopping threats before they occur and neutralizing threats when they happen. The Syxsense Endpoint Security Cloud always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm.
Linux Vulnerabilities of the Week: January 29, 2021
Are you caught up on January's Linux vulnerabilities? See this week's top issues and keep your IT environment protected.
1. Samba update for Amzn1 (Amazon AWS), Red Hat Enterprise 6, 7, 8 & Red Hat Storage 3
Vendor Severity: Critical
CVSS Score: 10
A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administrator privileges.
CVE Reference(s): CVE-2020-14318, CVE-2020-14323, CVE-2020-1472
2. Libxslt update for Amzn1 (Amazon AWS)
Vendor Severity: Medium
CVSS Score: 9.8
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. (CVE-2019-11068).
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn’t reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. (CVE-2019-18197).
CVE Reference(s): CVE-2019-11068, CVE-2019-18197
ceph-ansible: insecure ownership on /etc/ceph/iscsi-gateway.conf configuration file (CVE-2020-25677).
CVE Reference(s): CVE-2020-25660, CVE-2020-25677, CVE-2020-27781.
3. Slurm security update for Suse Enterprise 15 SP1
Vendor Severity: Moderate
CVSS Score: 9.8
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
CVE Reference(s): CVE-2020-27745, CVE-2020-27746
4. Kernel security update for Oracle Linux 6 & 7
Vendor Severity: Important
CVSS Score: 8.8
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9009 advisory.
CVE Reference(s): CVE-2020-27673, CVE-2020-29568, CVE-2020-29569, CVE-2020-28374
5. Red Hat Ceph Storage 4.2 Security and Bug Fix update for Red Hat Enterprise 7
Vendor Severity: Critical
CVSS Score: 10
ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila (CVE-2020-27781).
ceph: CEPHX_V2 replay attack protection lost (CVE-2020-25660).
ceph-ansible: insecure ownership on /etc/ceph/iscsi-gateway.conf configuration file (CVE-2020-25677).
CVE Reference(s): CVE-2020-25660, CVE-2020-25677, CVE-2020-27781.
Try Linux Patching with Syxsense
Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
Still Relying on WSUS? Here’s Why You Can’t
In one of the worst patch rollouts in Windows history, Microsoft's surprise zero-day patch for IE was released, but not released, then pushed sporadically, but only in preview, and never explained.
Microsoft’s Patch Disaster
Last week, Microsoft ordered users to immediately download an “emergency” out-of-band security patch meant to close up a security flaw in some versions of Internet Explorer that can be exploited by hackers.
Specifically, the IE zero-day vulnerability (CVE-2019-1367) is a remote code execution flaw that could easily enable an attacker to remotely run malicious code on an affected device and take it over. This vulnerability is so serious that Homeland Security also issued an advisory telling users to download the patch immediately.
But not so fast.
ComputerWorld’s Woody Leonhard reports that, “in what may be the worst rollout in modern Windows patching history, Microsoft rolled all over itself in its handling of IE security hole CVE-2019-1367.” You can read about the full timeline here, but this is what Leonhard concluded:
“September’s surprise zero-day patch for Internet Explorer hole CVE-2019-1367—released, but not released, then pushed sporadically, but only in preview, and never explained.”
In other words, the patch for this serious vulnerability wasn’t available through Windows Update or the Update Server; it was only available as a manual download from the Catalog.
Nevertheless, all Windows users are strongly advised to patch as soon as possible. And remember, if your organization is relying on WSUS to deploy patches, you are still at risk for CVE-2019-1367.
Syxsense can scan all your machines, deploy the patch, and report back the all clear. We take patching seriously, and you can start a trial of our Syxsense here.
Start a Free Trial
Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
View Any IT Issue at a Glance
Syxsense’s Network Map puts the answer to the IT’s burning questions in a single screen. Can I see every device connected to my network, and how vulnerable to attack are these devices?
Through color coding, critically vulnerable devices alert you to weak links in your security infrastructure.
With a click of a mouse, start a task to immediately patch “Red” devices. Mouse over any device to see exact numbers of how many critical, high, medium or low vulnerabilities you have. Double click to view inventory, a timeline of any changes on the device, and patching history.
By setting up a regular maintenance window, your devices will be fully patched, and a glance at this global network map confirms your compliance. It gives auditors, executives, IT directors and most importantly, you, peace of mind that hackers, phishing, or ransomware cannot exploit your business.
Why choose Syxsense?
1. Detection: With Realtime security information, Syxsense displays the current state of your devices and software. This is a reflection of right now; not minutes or hours ago.
2. Roll Back Patches: Not only can you deploy updates with a strategic method, but the Patch Manager can also uninstall updates. The task can be configured to remove a specific update, or group of updates, from all devices or just a selection of them.
3. Task Status and Reporting: Along with that Realtime data display comes accurate task status information. You can follow along as the task runs and analyze which devices succeeded or failed to implement the update. From there, our reporting section organizes vital information into easy to understand reports. These are perfect for emailing out to prove needed work has been completed effectively.
The Power of Realtime Security
Syxsense Realtime Security manages devices inside and outside your network, roaming laptops, Servers, Desktops, and IoT devices. With Realtime Security we’ve added both this network map and the ability to see and kill virulent malignant processes acting on your network.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
Get Started with Application Packaging
Experience the benefits of a team that has worked on thousands of projects with similar applications, processes and challenges. We guarantee conflict-free packages from a service team built on exceptional quality.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
Linux Patches Security Concerns with Firefox
Almost at urban legend status, Red Hat rarely rates updates as critical. Well, it’s not myth now, as an update is available for Red Hat Enterprise Linux 6 and 7. With a CVSS score of 8.8, we are recommending this update be actioned quickly.
An important fact to note, after installing the update, Firefox must be restarted for the changes to take effect.
This update upgrades Firefox to version 60.5.0 ESR.
Security Fixes:
• Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500)
• Mozilla: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5 (CVE-2018-18501)
• Mozilla: Privilege escalation through IPC channel messages (CVE-2018-18505)
Is your patching strategy ready?
Having a strategic patch roll-out implemented is key to secure software updating. However, your plan and patching software must be flexible enough to deal with a rogue critical update. Will you be ready to jump into action when an emergency security update is released?
With Syxsense, you have the stability of a strategic roll-out, but also the capabilities of a response team. This solution can patch devices with Windows, Mac, or Linux operating systems. Our content library has a wide range of major software vendors.
Learn more about securing your devices in Syxsense Realtime Security.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
Update Your Browsers
New releases for Chrome and Firefox address security concerns.
Two of the most widely used internet browsers, Chrome and Firefox, have released updates for 65 security flaws.
Of these security patches, 4 have a ‘critical’ severity rating and 19 are rated as ‘high’. Chrome 72 will also warn users when they visit a spoofed URL.
These updates are available for both browsers on Linux, Mac, and Windows.
What’s the simplest way to update my browsers?
Keeping internet browsers across your company up to date can be surprisingly easy, with the right solution. Syxsense provides detection and remediation of critical updates.
With a comprehensive patch scan, you’ll see all the devices that require updates. If you are wondering about the status of a specific software, run a targeted scan seeking a specific software. Both are easily set up and can be repeated regularly with our maintenance windows.
From there, it’s simple to set up a task that targets every device that need updates.It’s time to switch to an IT management solution that can deploy any security updates required.
Get started with Syxsense’s patching capabilities and experience all the intuitive features.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
Millions of PCs Are Running Outdated Versions of Popular Software
55% of all programs worldwide are out-of-date
It is 2019, and millions of computers still either have at least one outdated application installed or run outdated operating systems, making themselves vulnerable to online threats and known security vulnerabilities/exploits.
Many outdated applications, including frameworks and tools, contain vulnerabilities and for security reasons should be updated immediately.
For example, in May 2018 7-ZIP fixed an issue in the RAR extraction logic that could allow a DoS attack or execute harmful code embedded in RAR files.
Another popular example is Java: Versions 6, 7 and 8 are still widely installed and no longer up-to-date. Even users who are on the latest Java version 10 release should check for updates regularly to avoid any security issues.
One of the most out-of-date applications is the VLC Media Player. This is likely due to older versions of the software not notifying the users about updates. Skype closely follows, as most users are still on the older version, Skype 7 Classic. Microsoft has not enforced the update to the new Skype 8, but has been gathering user feedback and encouraging users to upgrade.
Most Out-of-Date Programs
1. Adobe Shockwave
2. VLC Media Player
3. Skype
4. Java Runtime Environment 6-8
5. 7-Zip Filemanager
6. Foxit Reader
7. Adobe Air
8. InfranView
9. Mozilla Firefox
10. DivX Plus Web Player
11. WinZip
12. iTunes
13. Nitro PDF Professional 9
14. GOM Media Player
15. WinRAR Archiver
16.Skype 8
17. Java Runtime Environment 10
18. Nitro PDF Professional 10
19. Mozilla Thunderbird
20. Mozilla HP Photo Creations
Use Syxsense to detect and then remediate updates. While you could run a comprehensive scan of all devices on a network, you can also run a targeted scan seeking a specific software. Easily see which devices are running which version of an application that might be at risk. From there, it’s simple to set up a task that targets every device that need the update.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
Latest Third-Party Updates
This month there are several notable updates with CVSS ratings. Apple has released critical fixes for two of their OS platforms. Adobe and Foxit both have patches with high ratings. Prioritize these updates when securing your environment.
Still using WSUS?
If so, how are you deploying third-party security updates?
It’s time to switch to an IT management solution that can deploy any security updates required. Don’t rely on an incomplete tool that can only deploy windows updates. Syxsense can deploy a wide-range of updates, including Windows, Mac, and Linux software.
Third-Party Updates
| Vendor | Category | Patch Version and Release Notes: | CVSS Score and Rating |
| Adobe | Multi-purpose software | Flash Player, ActiveX, and AIR: v32.0.0.114Acrobat and Reader DC: v19.010.20069 | N/A7.8 and High |
| Apple | Operating Systems | macOS: v10.14.3macOS High Sierra: v10.13.6 | 9 and Critical9 and Critical
N/A |
| Don Ho | Text and Source Code Editor | Notepad: v7.6.3 | N/A |
| Evernote | Organization App | Evernote: v6.17.6.8292 | N/A |
| FileZilla | FTP application | FileZilla: v3.40.0 | N/A |
| Foxit Corporation | PDF software | FoxitReader: v9.4.0 | 6.3 and High |
| Browser | Google Earth Pro: v7.3.2.5495 | N/A | |
| KeePass | Open-source password manager | KeePass: v2.41 | N/A |
| Mozilla | Browser and Email Application | Firefox: v64.0.2 | N/A |
| Opera | Web Browser | Opera: v58.0.3135.47 | N/A |
| Oracle | Computer Programing Language | Java: v8u202 | N/A |
| Peter Pawlowski | Audio Player | Foobar2000: v1.4.2 | N/A |
| RealVNC | Remote Access Software | RealVNC Viewer: v6.19.1 | N/A |
| WinSCP | Web Client | WinSCP: v5.13.7 | N/A |
| Wireshark | Open-source packet analyzer | Wireshark: v2.6.6 | N/A |
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
Get Started with Software Update Services
Our expert patch management team provides reliable support with detection and remediation for Windows and third-party software updates. We work closely with you to provide safe and efficient endpoint security with your own systems management tool or ours, Syxsense.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
