Skip to main content
Tag

2018 patch news

||

December Patch Tuesday: Disclosed & Exploited

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image image=”26013″ img_size=”full”]

Patch Tuesday Release: The Latest News

Microsoft has released half the updates they released last month: 39 security patches total.

Thee cover Internet Explorer (IE), Edge, ChakraCore, Hyper-V, Exchange, Windows components, .NET Core, SQL Server, and Microsoft Office.  9 of these are listed as Critical with the remaining 30 as Important.

Adobe Fixes Many Vulnerabilities

Adobe on the other have released almost 90 updates today, and all are marked Important for Adobe Acrobat and Reader. To our knowledge none of the updates released today are being exposed in the wild, but we would recommend you implement these as part of your third-party patching strategy.

Several Vulnerabilities Require Your Attention: Turn Off Windows Update

CVE-2018-8611 and CVE-2018-8517 are two important updates you need to prioritize this month. Not because they have the highest severity, but because these are publicly disclosed and actively being exploited.

CVE-2018-8611 is an update being exposed by malware which is exposing networks all over the world. Robert Brown, Director of Services for Verismic said, “Just this week we have learned one of Italy’s oil and gas exploration giants have suffered a relentless cyber-attack causing server infrastructure to go offline. Often it’s these companies who think by leaving Windows Update in its default mode are protecting their environment from zero day attacks and sophisticated espionage.”

The Best Patch Strategy

We recommend our Syxsense clients take a safe and calculated approach to managing their security. Turn off the default Windows patching mode and implementing a fully rigorous, selective but fully secure patching strategy.

Button Text
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

[vc_single_image image=”26020″ img_size=”full”]
CVE ID Description Severity Public Exploited Recommended
CVE-2018-8611 Windows Kernel Elevation of Privilege Vulnerability Important No Yes Yes
CVE-2018-8517 .NET Framework Denial Of Service Vulnerability Important Yes No Yes
CVE-2018-8540 .NET Framework Remote Code Injection Vulnerability Critical No No Yes
CVE-2018-8583 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8617 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8618 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8624 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8626 Windows DNS Server Heap Overflow Vulnerability Critical No No Yes
CVE-2018-8629 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8631 Internet Explorer Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8634 Microsoft Text-To-Speech Remote Code Execution Vulnerability Critical No No Yes
CVE-2018-8477 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2018-8514 Remote Procedure Call runtime Information Disclosure Vulnerability Important No No
CVE-2018-8580 Microsoft SharePoint Information Disclosure Vulnerability Important No No
CVE-2018-8587 Microsoft Outlook Remote Code Execution Vulnerability Important No No
CVE-2018-8595 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2018-8596 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2018-8597 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2018-8598 Microsoft Excel Information Disclosure Vulnerability Important No No
CVE-2018-8599 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Important No No
CVE-2018-8604 Microsoft Exchange Server Tampering Vulnerability Important No No
CVE-2018-8612 Connected User Experiences and Telemetry Service Denial of Service Vulnerability Important No No
CVE-2018-8619 Internet Explorer Remote Code Execution Vulnerability Important No No
CVE-2018-8621 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2018-8622 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2018-8625 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2018-8627 Microsoft Excel Information Disclosure Vulnerability Important No No
CVE-2018-8628 Microsoft PowerPoint Remote Code Execution Vulnerability Important No No
CVE-2018-8635 Microsoft SharePoint Server Elevation of Privilege Vulnerability Important No No
CVE-2018-8636 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2018-8637 Win32k Information Disclosure Vulnerability Important No No
CVE-2018-8638 DirectX Information Disclosure Vulnerability Important No No
CVE-2018-8639 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2018-8641 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2018-8643 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2018-8649 Windows Denial of Service Vulnerability Important No No
CVE-2018-8650 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2018-8651 Microsoft Dynamics NAV Cross Site Scripting Vulnerability Important No No
CVE-2018-8652 Windows Azure Pack Cross Site Scripting Vulnerability Important No No
[vc_btn title=”Start Your Free Trial of Syxsense → ” style=”custom” custom_background=”#f19b2c” custom_text=”#ffffff” size=”lg” align=”center” button_block=”true” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||”]
||

November Patch Tuesday: Windows Zero-Day Exploit Patched

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image image=”25731″ img_size=”full”]

Patch Tuesday Release: The Latest News

Microsoft has released 62 security patches today covering Internet Explorer (IE), Edge, ChakraCore, Hyper-V, Exchange, Windows components, .NET Core, SQL Server, and Microsoft Office.  12 of the 62 are listed as Critical.

CVE-2018-8589 with a severity of Important and a CVSS score of 7.8 is being actively exploited.  The most likely exploitation of this type of vulnerability is thought by many experts to be by global malware making this a very serious vulnerability.  We would highly recommend this be a priority for your IT Manager this month.

Patch Tuesday needed to fix file association bug

A cumulative update for Windows 10 from April 2018 has broken the file association settings with certain applications.

If this has impacted your users, we would recommend you include the patch in your next round of patch deployments. We have learned some third-party updates by Notepad++, which is a popular application used by software developers, loses its association with certain text file formats.

Robert Brown, Director of Services for Verismic said, “From our own experience of deploying tens of millions of updates worldwide, it is always the smallest bugs which impact your users the most and cause huge disruption in your users’ productivity.  We encourage all of our customers to have a robust testing process to ensure interruption to your workforce is minimized.

Adobe Fixes Critical Vulnerabilities

Adobe released their monthly patch list early this month, three additional updates have been released affecting Flash, Adobe Photoshop & Acrobat / Reader.

One of the three vulnerabilities identified as CVE-2018-15979 is currently being exploited, so if you are using Acrobat or Reader on your devices we would highly recommend this patch be prioritized.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

CVE Reference  Title   Severity   Publicly Disclosed   Actively Exploited  Recommended
 CVE-2018-8589  Windows Win32k Elevation of Privilege Vulnerability  Important  No  Yes  Yes
 CVE-2018-8584  Windows ALPC Elevation of Privilege Vulnerability  Important  Yes   No Yes
 CVE-2018-8566  BitLocker Security Feature Bypass Vulnerability  Important  Yes   No Yes
 CVE-2018-8476  Windows Deployment Services TFTP Server Remote Code Execution Vulnerability  Critical   No  No Yes
 CVE-2018-8553  Microsoft Graphics Components Remote Code Execution Vulnerability  Critical   No  No Yes
 CVE-2018-8588  Chakra Scripting Engine Memory Corruption Vulnerability  Critical   No  No Yes
 CVE-2018-8541  Chakra Scripting Engine Memory Corruption Vulnerability  Critical   No  No Yes
 CVE-2018-8542  Chakra Scripting Engine Memory Corruption Vulnerability  Critical   No  No Yes
 CVE-2018-8543  Chakra Scripting Engine Memory Corruption Vulnerability  Critical   No  No Yes
 CVE-2018-8544  Windows VBScript Engine Remote Code Execution Vulnerability  Critical   No  No Yes
 CVE-2018-8555  Chakra Scripting Engine Memory Corruption Vulnerability  Critical   No  No Yes
 CVE-2018-8556  Chakra Scripting Engine Memory Corruption Vulnerability  Critical   No  No Yes
 CVE-2018-8557  Chakra Scripting Engine Memory Corruption Vulnerability  Critical   No  No Yes
 CVE-2018-8551  Chakra Scripting Engine Memory Corruption Vulnerability  Critical   No  No Yes
CVE-2018-8609 Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability  Critical   No  No Yes
CVE-2018-8600  Azure App Service Cross-site Scripting Vulnerability  Important  No  No
CVE-2018-8602  Team Foundation Server Cross-site Scripting Vulnerability  Important  No  No
CVE-2018-8605  Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability  Important  No  No
CVE-2018-8606  Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability  Important  No  No
CVE-2018-8607  Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability  Important  No  No
CVE-2018-8608  Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability  Important  No  No
 CVE-2018-8471  Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8485  DirectX Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8554  DirectX Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8561  DirectX Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8562  Win32k Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8572  Microsoft SharePoint Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8581  Microsoft Exchange Server Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8550  Windows COM Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8552  Windows VBScript Engine Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8568  Microsoft SharePoint Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8592  Windows Elevation Of Privilege Vulnerability  Important  No  No
 CVE-2018-8567  Microsoft Edge Elevation of Privilege Vulnerability  Important  No  No
 CVE-2018-8563  DirectX Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8407  MSRPC Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8454  Windows Audio Service Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8565  Win32k Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8558  Microsoft Outlook Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8408  Windows Kernel Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8545  Microsoft Edge Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8578  Microsoft SharePoint Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8579  Microsoft Outlook Information Disclosure Vulnerability  Important  No  No
 CVE-2018-8256  PowerShell Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8522  Microsoft Outlook Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8576  Microsoft Outlook Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8524  Microsoft Outlook Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8539  Microsoft Word Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8573  Microsoft Word Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8574  Microsoft Excel Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8575  Microsoft Project Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8582  Microsoft Outlook Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8450  Windows Search Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8577  Microsoft Excel Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8570  Internet Explorer Memory Corruption Vulnerability  Important  No  No
 CVE-2018-8417  Microsoft JScript Security Feature Bypass Vulnerability  Important  No  No
 CVE-2018-8549  Windows Security Feature Bypass Vulnerability  Important  No  No
 CVE-2018-8564  Microsoft Edge Spoofing Vulnerability  Important  No  No
 CVE-2018-8547  Active Directory Federation Services XSS Vulnerability  Important  No  No
CVE-2018-8529  Team Foundation Server Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8569  Yammer Desktop Application Remote Code Execution Vulnerability  Important  No  No
 CVE-2018-8415  Microsoft Powershell Tampering Vulnerability  Important  No  No
 CVE-2018-8416  .NET Core Tampering Vulnerability  Moderate  No  No
 CVE-2018-8546  Microsoft Skype for Business Denial of Service Vulnerability
[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” btn_width=”btn_full_width” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START FREE TRIAL[/dt_default_button]
||||

October Patch Tuesday: Windows 10 Disappears Files

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Patch Tuesday: The Latest News

Microsoft has released 49 security patches today covering Internet Explorer (IE), Edge, ChakraCore, Hyper-V, Exchange, Windows components, .NET Core, SQL Server, and Microsoft Office.

12 updates are listed as Critical, 35 are rated Important, one is rated as Moderate and one is rated Low severity.

Windows 10 Feature Updates Paused

The highly anticipated Windows 10 feature update (1809) was hotly awaited by Windows 10 users on October 2 only to find that Microsoft have just halted the release due to a very embarrassing bug. Upon install, 1809 deletes users personal files which cannot be easily restored.

Robert Brown, Director of Services for Verismic said, “We would encourage all of our clients to use our recommended test and deployment strategy for feature updates as they do for normal Windows updates. You have 18 months for each feature update, so there is absolutely no reason to rush into mass deployment without testing the impact on your users first.”

Adobe Fixes Critical Vulnerabilities

Adobe released their monthly patch list early this month, with almost a hundred updates coming out last week. Today a modest four additional updates have been released affecting Flash, Framemaker, Adobe Digital Editions & Adobe Technical Suite.

Vulnerability Requires your Attention

On paper CVE-2018-8453 only carries a severity of Important, however we have learned this is being actively exploited. The most likely exploitation of this type of vulnerability is thought by many experts to be by global malware making this a very serious vulnerability.

We would highly recommend this be a priority for your IT manager this month.

Enhance your approach to patch management with Syxsense. Start your free trial with a cloud-based IT management solution that’s easy to use and powerful.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

[vc_single_image image=”25192″ img_size=”full”]
CVE ID Description Severity Actively Exploited Highly Recommended
CVE-2018-8460 Internet Explorer Memory Corruption Vulnerability Critical No Yes
CVE-2018-8473 Microsoft Edge Memory Corruption Vulnerability Critical No Yes
CVE-2018-8489 Windows Hyper-V Remote Code Execution Vulnerability Critical No Yes
CVE-2018-8490 Windows Hyper-V Remote Code Execution Vulnerability Critical No Yes
CVE-2018-8491 Internet Explorer Memory Corruption Vulnerability Critical No Yes
CVE-2018-8494 MS XML Remote Code Execution Vulnerability Critical No Yes
CVE-2018-8500 Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8505 Chakra Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8509 Microsoft Edge Memory Corruption Vulnerability Critical No Yes
CVE-2018-8510 Chakra Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8511 Chakra Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8513 Chakra Scripting Engine Memory Corruption Vulnerability Critical No Yes
CVE-2018-8453 Win32k Elevation of Privilege Vulnerability Important Yes Yes
CVE-2018-8423 Microsoft JET Database Engine Remote Code Execution Vulnerability Important No Yes
CVE-2018-8497 Windows Kernel Elevation of Privilege Vulnerability Important No Yes
CVE-2018-8531 Azure IoT Device Client SDK Memory Corruption Vulnerability Important No Yes
CVE-2010-3190 MFC Insecure Library Loading Vulnerability Important No
CVE-2018-8265 Microsoft Exchange Server Elevation of Privilege Vulnerability Important No
CVE-2018-8320 Windows DNS Security Feature Bypass Vulnerability Important No
CVE-2018-8329 Linux On Windows Elevation Of Privilege Vulnerability Important No
CVE-2018-8330 Windows Kernel Information Disclosure Vulnerability Important No
CVE-2018-8333 Microsoft Filter Manager Elevation Of Privilege Vulnerability Important No
CVE-2018-8411 NTFS Elevation of Privilege Vulnerability Important No
CVE-2018-8413 Windows Theme API Remote Code Execution Vulnerability Important No
CVE-2018-8427 Microsoft Graphics Components Information Disclosure Vulnerability Important No
CVE-2018-8432 Microsoft Graphics Components Remote Code Execution Vulnerability Important No
CVE-2018-8448 Microsoft Exchange Server Elevation of Privilege Vulnerability Important No
CVE-2018-8472 Windows GDI Information Disclosure Vulnerability Important No
CVE-2018-8480 Microsoft SharePoint Elevation of Privilege Vulnerability Important No
CVE-2018-8481 Windows Media Player Information Disclosure Vulnerability Important No
CVE-2018-8482 Windows Media Player Information Disclosure Vulnerability Important No
CVE-2018-8484 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important No
CVE-2018-8486 DirectX Information Disclosure Vulnerability Important No
CVE-2018-8488 Microsoft SharePoint Elevation of Privilege Vulnerability Important No
CVE-2018-8492 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability Important No
CVE-2018-8493 Windows TCP/IP Information Disclosure Vulnerability Important No
CVE-2018-8495 Windows Shell Remote Code Execution Vulnerability Important No
CVE-2018-8498 Microsoft SharePoint Elevation of Privilege Vulnerability Important No
CVE-2018-8501 Microsoft PowerPoint Security Feature Bypass Vulnerability Important No
CVE-2018-8502 Microsoft Excel Security Feature Bypass Vulnerability Important No
CVE-2018-8504 Microsoft Word Security Feature Bypass Vulnerability Important No
CVE-2018-8506 Microsoft Windows Codecs Library Information Disclosure Vulnerability Important No
CVE-2018-8512 Microsoft Edge Security Feature Bypass Vulnerability Important No
CVE-2018-8518 Microsoft SharePoint Elevation of Privilege Vulnerability Important No
CVE-2018-8527 SQL Server Management Studio Information Disclosure Important No
CVE-2018-8530 Microsoft Edge Security Feature Bypass Vulnerability Important No
CVE-2018-8532 SQL Server Management Studio Information Disclosure Important No
CVE-2018-8503 Chakra Scripting Engine Memory Corruption Vulnerability Low No
CVE-2018-8533 SQL Server Management Studio Information Disclosure Moderate No
[vc_btn title=”Start Your Free Trial of Syxsense →” style=”gradient-custom” gradient_custom_color_1=”#f19b2c” gradient_custom_color_2=”#f19b2c” size=”lg” align=”center” button_block=”true” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||”]
|||

September Patch Tuesday: The Final Countdown

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image image=”25005″ img_size=”full”]

Patch Tuesday: The Latest News

Microsoft has released 61 security patches and two advisories covering Internet Explorer (IE), Edge, ChakraCore, Azure, Hyper-V, Windows components, .NET Framework, SQL Server, and Microsoft Office.

In the fallout of the British Airways hack this week, which we have learned was caused by an attack from Magecart, the world waits for the suspected Windows Zero Day exploit to be confirmed as CVE-2018-8440.

If so, we would recommend this update be prioritized this month.

Critical Adobe Updates

Adobe’s Patch Tuesday updates for September address a total of 10 vulnerabilities in Flash Player and with six of those Critical in ColdFusion. Only one Critical security issue has been patched in Flash Player, which is a light reprieve from the usual bucket load.

Microsoft will begin charging for updates in 2020

Windows 7 is estimated to be used by 40% of all devices using a Microsoft operating system, so it is a huge surprise that following the extended support in January 2020, Microsoft will start charging customers to continue receiving their Operating System updates.

Robert Brown, Director of Services for Verismic said, “Our clients still using Windows 7 have 2 very important choices. They chose either to commit to migrating to Windows 10, or they invoke a vigorous patch management strategy to begin updating all Windows 7 devices to the latest updates. The deadline is only 13 months away.”

If you commit to migrating to Windows 10, you can utilize the Feature Updates functionality in Syxsense to make future proofing your environment a reality.

Windows 10 Feature Update Planning

Only one month to go. If you are using Windows 10, version 1703 then you only have one month left to upgrade before it falls out of the standard ‘End of Service’ on October 9, 2018.

Each Windows 10 version will be serviced with quality updates for up to 18 months from availability. It is important that all quality updates are installed to help keep your device secure.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

[vc_single_image image=”25015″ img_size=”full”]
Vendor Name Vendor Severity Title
Microsoft Critical Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB4339093)
Microsoft Critical Cumulative Security Update for Internet Explorer 11 for Windows 7 (KB4339093)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4338814)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1607 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1607 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for ARM64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for ARM64-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4338814)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for ARM64-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for ARM64-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4338826)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1703 for x86-based Systems (KB4338826)
Microsoft Important Security Update for Skype for Business 2016 (KB4022221) 64-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340558)
Microsoft Important Security Update for Skype for Business 2015 (KB4022225) 32-Bit Edition
Microsoft Important Security Update for Microsoft SharePoint Foundation 2013 (KB4022243)
Microsoft Important Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition
Microsoft Important Security Update for Microsoft Access 2016 (KB4018338) 32-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 (KB4340556)
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 (KB4340004)
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 and Server 2008 R2 for x64 (KB4340004)
Microsoft Important Security Update for Microsoft Office Viewers Microsoft Office Compatibility Pack (KB4011202)
Microsoft Important Security Update for Microsoft Access 2013 (KB4018351) 32-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 and Server 2008 R2 for x64 (KB4340556)
Microsoft Important Security Update for Microsoft Access 2013 (KB4018351) 64-Bit Edition
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340006)
Microsoft Important Security Update for Skype for Business 2016 (KB4022221) 32-Bit Edition
Microsoft Important Security Update for Word Viewer (KB4032214)
Microsoft Important Security Update for Skype for Business 2015 (KB4022225) 64-Bit Edition
Microsoft Important 2018-07 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4338818)
Microsoft Important 2018-07 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4338818)
Microsoft Important 2018-07 Security Only Quality Update for Windows 7 for x64-based Systems (KB4338823)
Microsoft Important 2018-07 Security Only Quality Update for Windows 7 for x86-based Systems (KB4338823)
Microsoft Low Security Update for Microsoft Word 2016 (KB4022218) 64-Bit Edition
Microsoft Low Security Update for Microsoft Word 2010 (KB4022202) 64-Bit Edition
Microsoft Low Security Update for Microsoft Office 2010 (KB4022200) 32-Bit Edition
Microsoft Low Security Update for Microsoft Word 2016 (KB4022218) 32-Bit Edition
Microsoft Low Security Update for Microsoft Office 2010 (KB4022200) 64-Bit Edition
Microsoft Low Security Update for Microsoft Word 2010 (KB4022202) 32-Bit Edition
[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” btn_width=”btn_full_width” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE [/dt_default_button]
|||

April Patch Tuesday: Don’t Get Burned Twice

By News, Patch TuesdayNo Comments
[vc_single_image image=”24001″ img_size=”full”]

Manage Your Vulnerabilities

As we explored in our Total Meltdown article, some updates actually made Windows 7 less secure in the last round of Microsoft Patch Tuesday. Even worse, some caused significant performance issues on older hardware models. Many industry experts are recommending you disable Windows updates, or delay any other form of patch management in anticipation of another bad batch of updates.

Robert Brown, Director of Services for Verismic said, “We trust our technology and we trust the experts leading our security teams. Design a patch management release process which includes time for the necessary testing before global deployment. Not doing patch management only helps the hackers who are looking to expose your network.”

Adobe Patches Critical Bugs in Flash

Adobe fixed four critical vulnerabilities in its Flash Player and InDesign products as part of its regularly scheduled release. In all, Adobe released 13 patches for products including Adobe Experience Manager, Adobe InDesign CC, Adobe Digital Editions and the Adobe PhoneGap Push Plugin. According to Adobe, None of these updates have active exploits in the wild for any of the issues addressed in these updates.

Ransomware Attackers are Targeting Servers over Desktops

According to Verizon, ransomware was found in 39% of cases involving malware. Experts believe ransomware has become so prevalent due to easy deployment, even for less skilled cybercriminals. The risks and costs associated with conducting an operation are also relatively small for the attacker.

Cybercriminals have increasingly started using ransomware to target mission-critical systems, such as file servers and databases. This causes more damage to the targeted organization compared to only desktop systems getting compromised. According to the latest DBIR, financially-motivated attacks remain the most common and accounted for 76% of breaches analyzed in 2017. Cyber espionage is the second most common type of attack, accounting for 13% of breaches.

Robert Brown, Director of Services for Verismic said, “When we onboard our clients with Syxsense, we focus not only on protecting the desktops, instead focus on a viable patching strategy which includes all endpoints within the business, including servers. Syxsense has industry experts to help clients protect their environment with a proactive approach to Windows, Linux and Mac OS patch management.”

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

Microsoft addressed 65 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service (DoS) condition. We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

[vc_single_image image=”24009″ img_size=”full”]
CVE Number Vulnerability Alert CVSS Score Recommended
CVE-2018-1010 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1012 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1013 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1015 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1016 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-0870 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0956 Microsoft Windows HTTP.sys Denial of Service Vulnerability 7.5 Yes
CVE-2018-0981 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0988 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0996 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0997 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1000 Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability 7.5 Yes
CVE-2018-1001 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1018 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1020 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1028 Microsoft Office Graphics Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0957 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0964 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-1003 Microsoft Windows JET Database Engine Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0963 Microsoft Windows Kernel Elevation of Privilege Vulnerability 7 Yes
CVE-2018-1008 Microsoft Adobe Type Font Driver Privilege Escalation Vulnerability 7 Yes
CVE-2018-1009 Microsoft DirectX Graphics Kernel Subsystem Privilege Escalation Vulnerability 7 Yes
[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” btn_width=”btn_full_width” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
|||

March Patch Tuesday: Is the IoT Spying on You?

By News, Patch TuesdayNo Comments
[vc_single_image image=”23834″ img_size=”full”]

Are you ready for IoT Patching?

Tech firm Hanwha Techwin is racing to fix 13 critical security holes found in its popular line of SmartCam security cameras. The patch rollout is part of public disclosure of the vulnerabilities set for today by researchers who discovered the bugs.

Flaws range from the use of an insecure HTTP communications protocol to weak credentials that could allow an attacker to take control of the camera or even use the device as a springboard to launch attacks within a connected network. The most serious flaws opens an attack vector where an adversary can root the camera and spoof the DNS server addresses specified in the camera’s settings, which could then be used as a launch pad to conduct additional attacks on devices sharing the same local network.

“The problem with current IoT device security is that everyone thinks there is no need to secure IoT devices such as security cameras, secure door locks because they are not traditionally used as access points for breaching company networks. You need to know which IoT devices you have in your network, so you need to start with a security toolset which can tell you (full article here).”

Malware found at 160 Applebee’s Restaurants across North America

RMH Franchise Holdings, which owns and operates more than 160 Applebee’s stores across the U.S., said that it recently discovered malware infecting its point of sale systems (POS). The malware may have enabled hackers to steal certain guests’ names, credit or debit card numbers, expiration dates and card verification codes processed during limited time periods. Upon learning of a potential incident,

RMH told Threatpost it promptly launched an investigation, obtained the help of leading cyber security forensics firms, and reported the matter to law enforcement. RMH said it operates its point-of-sale systems isolated from the broader Applebee’s network, and this notice applies only to RMH-owned Applebee’s restaurants. In a statement, RMH urged customers to monitor their bankcard statements (full article here).

Robert Brown, Director of Services for Verismic said, “Most viruses and malware exploit environments which do not implement a robust patching process rather than a lack of virus protection. It is always easier to prevent an attack than to clean up after a serious outbreak.”

Alexa, what’s so funny?

Amazon acknowledged on Wednesday that some of its Alexa-enabled devices have developed a new skill: creeping out their owners with unexpected and unwarranted bursts of robotic laughter.

“We’re aware of this and working to fix it,” Amazon said.

People began reporting the problem with their “smart” speakers on social media in recent weeks. After the publication of this article, Amazon announced a fix and apparent explanation for the ghostly laughter. The company suggested in an email that the laughs had occurred “in rare circumstances” because the speaker was picking up a “false positive” for the command “Alexa, laugh.”

Find out how many of these devices you have in your network by starting a trial of Syxsense.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

Microsoft addressed 74 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, Microsoft Exchange, Microsoft Office, and Microsoft ASP.NET. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service condition.

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

[vc_single_image image=”23833″ img_size=”full” alignment=”center”]
CVE ID Alert Description CVSS Score Recommended
CVE-2018-0808 Microsoft ASP.NET Core Denial of Service Vulnerability 7.5 Yes
CVE-2018-0875 Microsoft ASP.NET Core Denial of Service Vulnerability 7.5 Yes
CVE-2018-0889 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0891 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 7.5 Yes
CVE-2018-0903 Microsoft Access Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0935 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0868 Microsoft Windows Installer Privilege Escalation Vulnerability 7.4 Yes
CVE-2018-0888 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0886 Microsoft Windows Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0815 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0816 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0817 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0877 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0880 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0881 Microsoft Windows Video Control Privilege Escalation Vulnerability 7 Yes
CVE-2018-0882 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0977 Microsoft Windows Win32k Privilege Escalation Vulnerability 7 Yes
CVE-2018-0983 Microsoft Windows Storage Services Privilege Escalation Vulnerability 7 Yes
CVE-2018-0885 Microsoft Windows Hyper-V Denial of Service Vulnerability 5.8
CVE-2018-0811 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0813 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0814 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0919 Microsoft Office Information Disclosure Vulnerability 5.5
CVE-2018-0926 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0787 Microsoft ASP.NET Core Privilege Escalation Vulnerability 5.4
CVE-2018-0909 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0910 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0911 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0912 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0913 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0914 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0915 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0916 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0917 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0921 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0923 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0940 Microsoft Exchange Security Bypass Vulnerability 5.4
CVE-2018-0944 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0947 Microsoft SharePoint Privilege Escalation Vulnerability 5.4
CVE-2018-0884 Microsoft Windows Security Feature Bypass Vulnerability 5.3
CVE-2018-0902 Microsoft Windows Kernel Driver Security Feature Bypass Vulnerability 5.3
CVE-2018-0883 Microsoft Windows Shell Arbitrary Code Execution Vulnerability 5
CVE-2018-0894 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0895 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0896 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0897 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0898 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0899 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0900 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0901 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0904 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0907 Microsoft Office Excel Security Bypass Vulnerability 4.4
CVE-2018-0879 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0927 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0929 Microsoft Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0932 Microsoft Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0939 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0941 Microsoft Exchange Information Disclosure Vulnerability 4.3
CVE-2018-0872 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0873 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0874 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0876 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0893 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0922 Microsoft Office Memory Corruption Vulnerability 4.2
CVE-2018-0925 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0930 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0931 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0933 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0934 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0936 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0937 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0878 Microsoft Windows Remote Assistance Information Disclosure Vulnerability 3.1
CVE-2018-0924 Microsoft Exchange Information Disclosure Vulnerability 3.1
CVE-2018-0942 Microsoft Internet Explorer Security Bypass Vulnerability 3
[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” btn_width=”btn_full_width” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
|||

February Patch Tuesday: Hackers Say Hello

By News, Patch TuesdayNo Comments
[vc_single_image image=”23738″ img_size=”full”]

Telegram Messenger Exploited Again

Back in March 2017 we saw “Secure” WhatsApp and Telegram messenger applications being exploited by the user receiving a seemingly harmless image file which actually hosts malicious HTML code.

This code directs them to a webpage specifically crafted to harvest personal data from the user device and hijack their accounts.

Today it seems that Telegram did not learn their lesson. The application has been exploited again using the same flaw, this time with the aim of distributing malicious software to harness the users device for mining cryptocurrencies.

The 2018 exploit works is by the hacker again sending an image file to be opened by the user which hosts a malicious VB Script. The file would for example be calledphoto_high_re*U+202E*gnp.js.

Note the U+202E part of the name, this is the RLO character which tells Telegram to display the remaining string in reverse hiding the script and keeping the js file extension.

While this exploit primarily targets home users, it is not limited to this audience. Having a capable systems management tool like Syxsense in your environment can help combat these kind of attacks which are becoming more and more frequent.

IoT devices are being targeted by hackers. In the midst of the WannaCry outbreak reports,  a factory was reportedly exploited even though its devices had no direct internet access at the time. The culprit after investigation was found to be a coffee machine with Wi-Fi capability.

James Rowney, Service Manager for Verismic commented: “In this day and age we are seeing more and more convenience devices that are obviously designed to make our lives easier when in fact we are just leaving ourselves open to attack.”

When looking at such appliances, we need to consider the potential fall out if they were to be exploited especially in the workplace. If a coffee machine can take down a factory then anything is possible.

Be vigilant, stay protected and consider a systems management tool with IoT tracking capabilities like Syxsense.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

“January 2018 was one of the worst months for patching I have seen since I joined Verismic” said Verismic Service Manager, James Rowney. “The vast amount of patches released last month left in its wake a sea of bluescreened machines, broken applications and inactive Web browsers. February seems to be following suite which will cause headaches for IT admins.”

2017 saw a similar trend with the headache months being February and November primarily but on the whole it seems that last year was significantly worse than 2016. This does seem to coincide with the change in the way Microsoft handled their patch releases. Let’s hope the rest of this year is more fruitful or it may be worth Microsoft considering going back to their old release strategy.

Microsoft addressed 49 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore and Adobe Flash. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service condition.

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

[vc_single_image image=”23735″ img_size=”full” alignment=”center”]
CVE-ID Vendor Name Title CVSS Recommended
CVE-2018-0825 Microsoft Microsoft Windows StructuredQuery Arbitrary Code Execution Vulnerability 8.1 Yes
CVE-2018-0844 Microsoft Microsoft Windows Common Log File System Driver Privilege Escalation Vulnerability 7.8 Yes
CVE-2018-0846 Microsoft Microsoft Windows Common Log File System Driver Privilege Escalation Vulnerability 7.8 Yes
CVE-2018-0840 Microsoft Microsoft Edge and Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0847 Microsoft Microsoft Internet Explorer Information Disclosure Vulnerability 7.5 Yes
CVE-2018-0866 Microsoft Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0742 Microsoft Microsoft Windows Kernel Privilege Escalation Vulnerability 7
CVE-2018-0756 Microsoft Microsoft Windows Kernel Privilege Escalation Vulnerability 7
CVE-2018-0809 Microsoft Microsoft Windows Privilege Escalation Vulnerability 7
CVE-2018-0820 Microsoft Microsoft Windows Kernel Privilege Escalation Vulnerability 7
CVE-2018-0823 Microsoft Microsoft Windows Named Pipe File System Privilege Escalation Vulnerability 7
CVE-2018-0826 Microsoft Microsoft Windows Storage Services Privilege Escalation Vulnerability 7
CVE-2018-0842 Microsoft Microsoft Windows Arbitrary Code Execution Vulnerability 6.7
CVE-2018-0828 Microsoft Microsoft Windows Privilege Escalation Vulnerability 6.6
CVE-2018-0831 Microsoft Microsoft Windows Kernel Privilege Escalation Vulnerability 6.6
CVE-2018-0755 Microsoft Microsoft Windows OpenType Font Information Disclosure Vulnerability 5.5
CVE-2018-0760 Microsoft Microsoft Windows OpenType Font Information Disclosure Vulnerability 5.5
CVE-2018-0761 Microsoft Microsoft Windows OpenType Font Information Disclosure Vulnerability 5.5
CVE-2018-0853 Microsoft Microsoft Office Information Disclosure Vulnerability 5.5
CVE-2018-0855 Microsoft Microsoft Windows OpenType Font Information Disclosure Vulnerability 5.5
CVE-2018-0864 Microsoft Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0869 Microsoft Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0821 Microsoft Microsoft Windows AppContainer Privilege Escalation Vulnerability 5.3
CVE-2018-0827 Microsoft Microsoft Windows Security Feature Bypass Vulnerability 5.3
CVE-2018-0833 Microsoft Microsoft Windows SMB Request Processing Denial of Service Vulnerability 4.8
CVE-2018-0757 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0810 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0829 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0830 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0832 Microsoft Microsoft Windows Information Disclosure Vulnerability 4.7
CVE-2018-0843 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0839 Microsoft Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0850 Microsoft Microsoft Outlook Security BypassVulnerability 4.3
CVE-2018-0763 Microsoft Microsoft Edge Information Disclosure Vulnerability 4.2
CVE-2018-0834 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0835 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0836 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0837 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0838 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0841 Microsoft Microsoft Office Memory Corruption Vulnerability 4.2
CVE-2018-0851 Microsoft Microsoft Office Memory Corruption Vulnerability 4.2
CVE-2018-0852 Microsoft Microsoft Outlook Memory Corruption Vulnerability 4.2
CVE-2018-0856 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0857 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0858 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0859 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0860 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” btn_width=”btn_full_width” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START FREE TRIAL[/dt_default_button]