September Patch Tuesday: Escaping the Equi-Hack

Money Well Spent

Every dollar of fraud to merchants and firms in the retail and financial services sector is estimated to cost $2.66 on average, said a new fraud report.

The LexisNexis Fraud Multiplier estimates the total amount of loss a business incurs, based on chargebacks, fees, interest, merchandise replacement and redistribution.

The study also investigates fraud costs as a percentage of revenues, as reported by survey respondents, to be nearly 2 percent (1.90 percent) across retail, e-commerce, financial services and digital lending businesses. Businesses that sell digital goods and/or conduct transactions primarily through remote channels take an even harder hit to their bottom line at 2.51 percent of revenues.

Robert Brown, Director of Services for Verismic says, “It’s astonishing how much money is being lost because critical systems are not being kept up to date. Updating critical systems is so easy using Syxsense. We recommend starting a trial to see how it can work for you.” Full article can be found here.

As recent as last Wednesday, a U.S. government website was hosting malicious ransomware. It has been wildly speculated that either the site was hacked, or it possibly stores attachments from government officials’ emails and the downloader was archived.

The ransomware had similarities to the Blank Slate spam campaign which earlier this year was spreading Cerber. Emails in that campaign contained only a double-zip archive with the second containing either a malicious JavaScript file or a malicious Microsoft Word document. The emails contain no text, and experts believed then that all of this combined to evade detection.

Researcher Ankit Anubhav of NewSky Security tweeted the discovery Wednesday, and within hours, the malware link was taken down. It’s unknown whether anyone was infected through the site, full article can be found here.START FREE TRIAL

Check your Equifax Credit Report and Score Now

Victims of the massive Equifax breach may have to wait days to find out if they were impacted. Americans who either applied for new jobs, loans, or just wanted to check their credit score via Equifax are having a difficult time getting answers as to whether they are part of the breach of 143 million records that occurred Thursday.

Details of how this breach happened is still very unclear, however with companies suffering the same fate over the past year, the root cause is likely to be via a sophisticated cyberattack exposed using vulnerable software or operating systems.

Robert Brown, Director of Services for Verismic says, “We recommend clients download our ‘5 Biggest Patch Mistakes‘ whitepaper.

Microsoft published its monthly security updates on September 12, 2017. Microsoft addressed 81 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service. Full details of the complete Security Update Guide can be found here.

Microsoft Updates

We have chosen a few updates to prioritize this month. This recommendation has been made using evidence from industry experts (including our own), anticipated business impact and the independent CVSS score for the vulnerability. The independent CVSS scores used in the table below range from 0 to 10. Vulnerabilities with a base score in the range 7.0-10.0 are High, those in the range 4.0-6.9 as Medium, and 0-3.9 as Low.

ID	Vulnerability Alert	CVSS Score	Recommended
CVE-2017-8686	Microsoft Windows DHCP Server Remote Code Execution Vulnerability	9.8	Yes
CVE-2017-8630	Microsoft Office Memory Corruption Vulnerability	9.6	Yes
CVE-2017-8631	Microsoft Office Memory Corruption Vulnerability	9.6	Yes
CVE-2017-8632	Microsoft Office Memory Corruption Vulnerability	9.6	Yes
CVE-2017-8725	Microsoft Office Publisher Arbitrary Code Execution Vulnerability	9.6	Yes
CVE-2017-9417	Microsoft Windows HoloLens Wireless Network Driver Arbitrary Code Execution Vulnerability	8.8	Yes
CVE-2017-8567	Microsoft Office Arbitrary Code Execution Vulnerability	8.6	Yes
CVE-2017-8744	Microsoft Office Memory Corruption Vulnerability	8.6	Yes
CVE-2017-8682	Microsoft Windows Graphics Component Remote Code Execution Vulnerability	8.4	Yes
CVE-2017-8742	Microsoft PowerPoint Arbitrary Code Execution Vulnerability	8.3	Yes
CVE-2017-8743	Microsoft PowerPoint Arbitrary Code Execution Vulnerability	8.3	Yes
CVE-2017-0161	Microsoft Windows NetBIOS Packet Processing Arbitrary Code Execution Vulnerability	8.1	Yes
CVE-2017-8628	Microsoft Windows Bluetooth Driver Spoofing Vulnerability	8.1	Yes
CVE-2017-8714	Microsoft Windows Remote Desktop Virtual Host Arbitrary Code Execution Vulnerability	7.8	Yes
CVE-2017-8720	Microsoft Windows Win32k Kernel Driver Privilege Escalation Vulnerability	7.8	Yes
CVE-2017-8759	Microsoft .NET Framework Arbitrary Code Execution Vulnerability	7.8	Yes
CVE-2017-8695	Microsoft Windows Uniscribe Component Information Disclosure Vulnerability	7.5	Yes
CVE-2017-8696	Microsoft Windows Uniscribe Component Arbitrary Code Execution Vulnerability	7.5	Yes
CVE-2017-8702	Microsoft Windows Privilege Escalation Vulnerability	7.5	Yes
CVE-2017-8747	Microsoft Internet Explorer Memory Corruption Vulnerability	7.5	Yes
CVE-2017-8749	Microsoft Internet Explorer Memory Corruption Vulnerability	7.5	Yes
CVE-2017-8750	Microsoft Edge and Internet Explorer Memory Corruption Vulnerability	7.5	Yes
CVE-2017-8706	Microsoft Windows Hyper-V Information Disclosure Vulnerability	7.2	Yes
CVE-2017-8707	Microsoft Windows Hyper-V Information Disclosure Vulnerability	7.2	Yes
CVE-2017-8711	Microsoft Windows Hyper-V Information Disclosure Vulnerability	7.2	Yes
CVE-2017-8712	Microsoft Windows Hyper-V Information Disclosure Vulnerability	7.2	Yes
CVE-2017-8713	Microsoft Windows Hyper-V Information Disclosure Vulnerability	7.2	Yes
CVE-2017-8675	Microsoft Windows Win32k Kernel Driver Privilege Escalation Vulnerability	7	Yes
CVE-2017-8699	Microsoft Windows Shell Command Arbitrary Code Execution Vulnerability	6.4
CVE-2017-8758	Microsoft Exchange Cross-Site Scripting Vulnerability	6.1
CVE-2017-8677	Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability	5.5
CVE-2017-8678	Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability	5.5
CVE-2017-8679	Microsoft Windows Kernel Information Disclosure Vulnerability	5.5
CVE-2017-8680	Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability	5.5
CVE-2017-8681	Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability	5.5
CVE-2017-8683	Microsoft Windows Graphics Component Information Disclosure Vulnerability	5.5
CVE-2017-8684	Microsoft Windows Win32k Graphics Component Information Disclosure Vulnerability	5.5
CVE-2017-8685	Microsoft Windows Win32k Graphics Component Information Disclosure Vulnerability	5.5
CVE-2017-8687	Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability	5.5
CVE-2017-8688	Microsoft Windows Graphics Device Interface Information Disclosure Vulnerability	5.5
CVE-2017-8629	Microsoft SharePoint Cross-Site Scripting Vulnerability	5.4
CVE-2017-8745	Microsoft SharePoint Cross-Site Scripting Vulnerability	5.4
CVE-2017-8704	Microsoft Windows Hyper-V Denial of Service Vulnerability	5.3
CVE-2017-8746	Microsoft Windows Device Guard Security Feature Bypass Vulnerability	5.3
CVE-2017-11761	Microsoft Exchange Information Disclosure Vulnerability	5.3
CVE-2017-8692	Microsoft Windows Uniscribe Component Arbitrary Code Execution Vulnerability	5
CVE-2017-8716	Microsoft Windows Security Feature Bypass Vulnerability	4.9
CVE-2017-8708	Microsoft Windows Kernel Information Disclosure Vulnerability	4.7
CVE-2017-8709	Microsoft Windows Kernel Information Disclosure Vulnerability	4.7
CVE-2017-8719	Microsoft Windows Kernel Information Disclosure Vulnerability	4.7
CVE-2017-8710	Microsoft Windows Kernel Information Disclosure Vulnerability	4.4
CVE-2017-8597	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.3
CVE-2017-8643	Microsoft Edge Information Disclosure Vulnerability	4.3
CVE-2017-8648	Microsoft Edge Scripting Engine Information Disclosure Vulnerability	4.3
CVE-2017-8723	Microsoft Edge Security Bypass Vulnerability	4.3
CVE-2017-8724	Microsoft Edge Spoofing Vulnerability	4.3
CVE-2017-8733	Microsoft Internet Explorer Spoofing Vulnerability	4.3
CVE-2017-8735	Microsoft Edge Spoofing Vulnerability	4.3
CVE-2017-8736	Microsoft Edge and Internet Explorer Information Disclosure Vulnerability	4.3
CVE-2017-8739	Microsoft Edge Scripting Engine Information Disclosure Vulnerability	4.3
CVE-2017-8649	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8660	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8728	Microsoft Windows PDF Document Processing Arbitrary Code Execution Vulnerability	4.2
CVE-2017-8729	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8731	Microsoft Edge Memory Corruption Vulnerability	4.2
CVE-2017-8734	Microsoft Edge Memory Corruption Vulnerability	4.2
CVE-2017-8737	Microsoft Windows PDF Document Processing Arbitrary Code Execution Vulnerability	4.2
CVE-2017-8738	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8740	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8741	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8748	Microsoft Edge and Internet Explorer Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8751	Microsoft Edge Memory Corruption Vulnerability	4.2
CVE-2017-8752	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8753	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8754	Microsoft Edge Security Bypass Vulnerability	4.2
CVE-2017-8755	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8756	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-8757	Microsoft Edge Arbitrary Code Execution Vulnerability	4.2
CVE-2017-11764	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2017-11766	Microsoft Edge Memory Corruption Vulnerability	4.2
CVE-2017-8676	Microsoft Windows Graphics Device Interface Information Disclosure Vulnerability	3.3

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

START YOUR FREE TRIAL OF SYXSENSE