Microsoft’s December 2019 Patch Tuesday Fixes Actively Exploited Zero-Day

What’s in December’s Patch Tuesday Update?

Microsoft has given users an easier holiday season by releasing only 36 updates today. There are 7 Critical, 28 Important and 1 Moderate updates to deal with.

If you’re counting the small number of patches, that would appear to be accurate, however, underneath this list is a number of updates you should be very concerned about.

Hello XP, My Old Friend

Can it be true? Yes, in fact—an important Remote Desktop Protocol vulnerability for Windows XP has been identified (CVE-2019-1489) in this release. The problem is that updates are not actually available for this operating system as it became end of life in 2014.

Robert Brown, Director of Services for Syxsense said. “Windows XP is still in used today, many organizations which use legacy software or hardware that only supports this operating system should pay particular attention. One of the attacker’ favorite methods of entry is via the Remote Desktop Protocol. If your organization is large enough, please take all reasonable steps to protect your environment.”

CVE-2019-1458 has been released to solve a bug which is being weaponized! This vulnerability should be treated as an ‘Out-of-Band’ as it impacts Windows 7 onwards and has no known countermeasure to mitigate your risk. This type of vulnerability has regularly appeared throughout this year, so patch this as soon as possible.

Not Critical Severity, But Still High Priority

CVE-2019-1476, CVE-2019-1477, CVE-2019-1478, CVE-2019-1483, CVE-2019-1484, CVE-2019-1453, CVE-2019-1485 and CVE-2019-1384 have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these between 7.5 and up to 7.8 which would indicate these are important enough to prioritize.

Based on those CVSS scores, they rank alongside some of Critical ones ranked by Microsoft.

New Adobe Updates

Adobe released a record number of 25 updates for Adobe Reader, Bracket, Fusion and Photoshop. Adobe Reader has the bulk of these fixes however Photoshop and Fusion contain the Critical updates. Both Syxsense and Adobe recommend these Critical updates be deployed within the next 7 days.

December 2019 Patch Tuesday Update

Based on the vendor severity and CVSS score, we have made a few recommendations for what to prioritize this month.

 

CVE Ref.	Description	Vendor Severity	CVSS Base Score	Counter-measure	Publicly Aware	Weaponised	Syxsense Secure Recommended
CVE-2019-1458	Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	Yes	Yes
CVE-2019-1468	Win32k Graphics Remote Code Execution Vulnerability	Critical	8.4	No	No	No	Yes
CVE-2019-1471	Windows Hyper-V Remote Code Execution Vulnerability	Critical	8.2	No	No	No	Yes
CVE-2019-1476	Windows Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2019-1477	Windows Printer Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2019-1478	Windows COM Server Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2019-1483	Windows Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2019-1484	Windows OLE Remote Code Execution Vulnerability	Important	7.8	No	No	No	Yes
CVE-2019-1453	Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability	Important	7.5	No	No	No	Yes
CVE-2019-1485	VBScript Remote Code Execution Vulnerability	Important	7.5	No	No	No	Yes
CVE-2019-1349	Git for Visual Studio Remote Code Execution Vulnerability	Critical	TBA	No	No	No	Yes
CVE-2019-1350	Git for Visual Studio Remote Code Execution Vulnerability	Critical	TBA	No	No	No	Yes
CVE-2019-1352	Git for Visual Studio Remote Code Execution Vulnerability	Critical	TBA	No	No	No	Yes
CVE-2019-1354	Git for Visual Studio Remote Code Execution Vulnerability	Critical	TBA	No	No	No	Yes
CVE-2019-1387	Git for Visual Studio Remote Code Execution Vulnerability	Critical	TBA	No	No	No	Yes
CVE-2019-1470	Windows Hyper-V Information Disclosure Vulnerability	Important	6	No	No	No
CVE-2019-1465	Windows GDI Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2019-1466	Windows GDI Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2019-1467	Windows GDI Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2019-1469	Win32k Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2019-1472	Windows Kernel Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2019-1474	Windows Kernel Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2019-1480	Windows Media Player Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2019-1481	Windows Media Player Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2019-1488	Microsoft Defender Security Feature Bypass Vulnerability	Important	3.3	No	No	No
CVE-2019-1332	Microsoft SQL Server Reporting Services XSS Vulnerability	Important	TBA	No	No	No
CVE-2019-1400	Microsoft Access Information Disclosure Vulnerability	Important	TBA	No	No	No
CVE-2019-1461	Microsoft Word Denial of Service Vulnerability	Important	TBA	No	No	No
CVE-2019-1462	Microsoft PowerPoint Remote Code Execution Vulnerability	Important	TBA	No	No	No
CVE-2019-1463	Microsoft Access Information Disclosure Vulnerability	Important	TBA	No	No	No
CVE-2019-1464	Microsoft Excel Information Disclosure Vulnerability	Important	TBA	No	No	No
CVE-2019-1486	Visual Studio Live Share Spoofing Vulnerability	Important	TBA	No	No	No
CVE-2019-1487	Microsoft Authentication Library for Android Information Disclosure Vulnerability	Important	TBA	No	No	No
CVE-2019-1489	Remote Desktop Protocol Information Disclosure Vulnerability	Important	TBA	No	No	No
CVE-2019-1490	Skype for Business and Lync Spoofing Vulnerability	Important	TBA	No	No	No
CVE-2019-1351	Git for Visual Studio Tampering Vulnerability	Moderate	TBA	No	No	No

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.