Skip to main content
Patch ManagementPatch Tuesday

December Patch Tuesday Fixes Actively Exploited Zero-Day

By December 11, 2019November 14th, 2022No Comments
||

Microsoft’s December 2019 Patch Tuesday Fixes Actively Exploited Zero-Day

The final Patch Tuesday of the decade fixes 36 vulnerabilities, including 7 that are rated "Critical."

What’s in December’s Patch Tuesday Update?

Microsoft has given users an easier holiday season by releasing only 36 updates today. There are 7 Critical, 28 Important and 1 Moderate updates to deal with.

If you’re counting the small number of patches, that would appear to be accurate, however, underneath this list is a number of updates you should be very concerned about.

Hello XP, My Old Friend

Can it be true? Yes, in fact—an important Remote Desktop Protocol vulnerability for Windows XP has been identified (CVE-2019-1489) in this release. The problem is that updates are not actually available for this operating system as it became end of life in 2014.

Robert Brown, Director of Services for Syxsense said. “Windows XP is still in used today, many organizations which use legacy software or hardware that only supports this operating system should pay particular attention. One of the attacker’ favorite methods of entry is via the Remote Desktop Protocol. If your organization is large enough, please take all reasonable steps to protect your environment.”

CVE-2019-1458 has been released to solve a bug which is being weaponized! This vulnerability should be treated as an ‘Out-of-Band’ as it impacts Windows 7 onwards and has no known countermeasure to mitigate your risk. This type of vulnerability has regularly appeared throughout this year, so patch this as soon as possible.

Not Critical Severity, But Still High Priority

CVE-2019-1476, CVE-2019-1477, CVE-2019-1478, CVE-2019-1483, CVE-2019-1484, CVE-2019-1453, CVE-2019-1485 and CVE-2019-1384 have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these between 7.5 and up to 7.8 which would indicate these are important enough to prioritize.

Based on those CVSS scores, they rank alongside some of Critical ones ranked by Microsoft.

New Adobe Updates

Adobe released a record number of 25 updates for Adobe Reader, Bracket, Fusion and Photoshop. Adobe Reader has the bulk of these fixes however Photoshop and Fusion contain the Critical updates. Both Syxsense and Adobe recommend these Critical updates be deployed within the next 7 days.

December 2019 Patch Tuesday Update

Based on the vendor severity and CVSS score, we have made a few recommendations for what to prioritize this month.

 

CVE Ref. Description Vendor Severity CVSS Base Score Counter-measure Publicly Aware Weaponised Syxsense Secure Recommended
CVE-2019-1458 Win32k Elevation of Privilege Vulnerability Important 7.8 No No Yes Yes
CVE-2019-1468 Win32k Graphics Remote Code Execution Vulnerability Critical 8.4 No No No Yes
CVE-2019-1471 Windows Hyper-V Remote Code Execution Vulnerability Critical 8.2 No No No Yes
CVE-2019-1476 Windows Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2019-1477 Windows Printer Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2019-1478 Windows COM Server Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2019-1483 Windows Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2019-1484 Windows OLE Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2019-1453 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important 7.5 No No No Yes
CVE-2019-1485 VBScript Remote Code Execution Vulnerability Important 7.5 No No No Yes
CVE-2019-1349 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1350 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1352 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1354 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1387 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1470 Windows Hyper-V Information Disclosure Vulnerability Important 6 No No No
CVE-2019-1465 Windows GDI Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1466 Windows GDI Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1467 Windows GDI Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1469 Win32k Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1472 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1474 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1480 Windows Media Player Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1481 Windows Media Player Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1488 Microsoft Defender Security Feature Bypass Vulnerability Important 3.3 No No No
CVE-2019-1332 Microsoft SQL Server Reporting Services XSS Vulnerability Important TBA No No No
CVE-2019-1400 Microsoft Access Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1461 Microsoft Word Denial of Service Vulnerability Important TBA No No No
CVE-2019-1462 Microsoft PowerPoint Remote Code Execution Vulnerability Important TBA No No No
CVE-2019-1463 Microsoft Access Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1464 Microsoft Excel Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1486 Visual Studio Live Share Spoofing Vulnerability Important TBA No No No
CVE-2019-1487 Microsoft Authentication Library for Android Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1489 Remote Desktop Protocol Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1490 Skype for Business and Lync Spoofing Vulnerability Important TBA No No No
CVE-2019-1351 Git for Visual Studio Tampering Vulnerability Moderate TBA No No No

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Leave a Reply