Microsoft’s December 2019 Patch Tuesday Fixes Actively Exploited Zero-Day
The final Patch Tuesday of the decade fixes 36 vulnerabilities, including 7 that are rated "Critical."
What’s in December’s Patch Tuesday Update?
Microsoft has given users an easier holiday season by releasing only 36 updates today. There are 7 Critical, 28 Important and 1 Moderate updates to deal with.
If you’re counting the small number of patches, that would appear to be accurate, however, underneath this list is a number of updates you should be very concerned about.
Hello XP, My Old Friend
Can it be true? Yes, in fact—an important Remote Desktop Protocol vulnerability for Windows XP has been identified (CVE-2019-1489) in this release. The problem is that updates are not actually available for this operating system as it became end of life in 2014.
Robert Brown, Director of Services for Syxsense said. “Windows XP is still in used today, many organizations which use legacy software or hardware that only supports this operating system should pay particular attention. One of the attacker’ favorite methods of entry is via the Remote Desktop Protocol. If your organization is large enough, please take all reasonable steps to protect your environment.”
CVE-2019-1458 has been released to solve a bug which is being weaponized! This vulnerability should be treated as an ‘Out-of-Band’ as it impacts Windows 7 onwards and has no known countermeasure to mitigate your risk. This type of vulnerability has regularly appeared throughout this year, so patch this as soon as possible.
Not Critical Severity, But Still High Priority
CVE-2019-1476, CVE-2019-1477, CVE-2019-1478, CVE-2019-1483, CVE-2019-1484, CVE-2019-1453, CVE-2019-1485 and CVE-2019-1384 have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these between 7.5 and up to 7.8 which would indicate these are important enough to prioritize.
Based on those CVSS scores, they rank alongside some of Critical ones ranked by Microsoft.
New Adobe Updates
Adobe released a record number of 25 updates for Adobe Reader, Bracket, Fusion and Photoshop. Adobe Reader has the bulk of these fixes however Photoshop and Fusion contain the Critical updates. Both Syxsense and Adobe recommend these Critical updates be deployed within the next 7 days.
December 2019 Patch Tuesday Update
Based on the vendor severity and CVSS score, we have made a few recommendations for what to prioritize this month.
|CVE Ref.||Description||Vendor Severity||CVSS Base Score||Counter-measure||Publicly Aware||Weaponised||Syxsense Secure Recommended|
|CVE-2019-1458||Win32k Elevation of Privilege Vulnerability||Important||7.8||No||No||Yes||Yes|
|CVE-2019-1468||Win32k Graphics Remote Code Execution Vulnerability||Critical||8.4||No||No||No||Yes|
|CVE-2019-1471||Windows Hyper-V Remote Code Execution Vulnerability||Critical||8.2||No||No||No||Yes|
|CVE-2019-1476||Windows Elevation of Privilege Vulnerability||Important||7.8||No||No||No||Yes|
|CVE-2019-1477||Windows Printer Service Elevation of Privilege Vulnerability||Important||7.8||No||No||No||Yes|
|CVE-2019-1478||Windows COM Server Elevation of Privilege Vulnerability||Important||7.8||No||No||No||Yes|
|CVE-2019-1483||Windows Elevation of Privilege Vulnerability||Important||7.8||No||No||No||Yes|
|CVE-2019-1484||Windows OLE Remote Code Execution Vulnerability||Important||7.8||No||No||No||Yes|
|CVE-2019-1453||Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability||Important||7.5||No||No||No||Yes|
|CVE-2019-1485||VBScript Remote Code Execution Vulnerability||Important||7.5||No||No||No||Yes|
|CVE-2019-1349||Git for Visual Studio Remote Code Execution Vulnerability||Critical||TBA||No||No||No||Yes|
|CVE-2019-1350||Git for Visual Studio Remote Code Execution Vulnerability||Critical||TBA||No||No||No||Yes|
|CVE-2019-1352||Git for Visual Studio Remote Code Execution Vulnerability||Critical||TBA||No||No||No||Yes|
|CVE-2019-1354||Git for Visual Studio Remote Code Execution Vulnerability||Critical||TBA||No||No||No||Yes|
|CVE-2019-1387||Git for Visual Studio Remote Code Execution Vulnerability||Critical||TBA||No||No||No||Yes|
|CVE-2019-1470||Windows Hyper-V Information Disclosure Vulnerability||Important||6||No||No||No|
|CVE-2019-1465||Windows GDI Information Disclosure Vulnerability||Important||5.5||No||No||No|
|CVE-2019-1466||Windows GDI Information Disclosure Vulnerability||Important||5.5||No||No||No|
|CVE-2019-1467||Windows GDI Information Disclosure Vulnerability||Important||5.5||No||No||No|
|CVE-2019-1469||Win32k Information Disclosure Vulnerability||Important||5.5||No||No||No|
|CVE-2019-1472||Windows Kernel Information Disclosure Vulnerability||Important||5.5||No||No||No|
|CVE-2019-1474||Windows Kernel Information Disclosure Vulnerability||Important||5.5||No||No||No|
|CVE-2019-1480||Windows Media Player Information Disclosure Vulnerability||Important||5.5||No||No||No|
|CVE-2019-1481||Windows Media Player Information Disclosure Vulnerability||Important||5.5||No||No||No|
|CVE-2019-1488||Microsoft Defender Security Feature Bypass Vulnerability||Important||3.3||No||No||No|
|CVE-2019-1332||Microsoft SQL Server Reporting Services XSS Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1400||Microsoft Access Information Disclosure Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1461||Microsoft Word Denial of Service Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1462||Microsoft PowerPoint Remote Code Execution Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1463||Microsoft Access Information Disclosure Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1464||Microsoft Excel Information Disclosure Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1486||Visual Studio Live Share Spoofing Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1487||Microsoft Authentication Library for Android Information Disclosure Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1489||Remote Desktop Protocol Information Disclosure Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1490||Skype for Business and Lync Spoofing Vulnerability||Important||TBA||No||No||No|
|CVE-2019-1351||Git for Visual Studio Tampering Vulnerability||Moderate||TBA||No||No||No|
Experience the Power of Syxsense
Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.