Skip to main content
Tag

April Patch Tuesday

||

April Patch Tuesday: Stop Active Exploits

By News, Patch Management, Patch Tuesday

April Patch Tuesday: Stop Active Exploits

Microsoft's security release for April covers 74 vulnerabilities in a wide range of products, including two actively exploited zero-days.

Microsoft have released 74 patches today covering IE, Edge, Exchange, Windows and Office. There are 13 rated Critical and 61 are Important. In this release there are no Moderate or Low in severity but this is up over last month’s release of 64 updates, this release will keep you busy.

Prioritize Active Exploits

Two of the updates CVE-2019-0803 and CVE-2019-0859 are “Being Exploited” meaning you should  prioritise them now. Robert Brown, Director of Services for Verismic said, “You should treat these updates with the highest importance because a similar vulnerability this year in Win32k elevation caused some significant global intrusions via malware infections.”

Adobe Updates

Adobe have released 8 updates today, for Reader, Flash, Shockwave, InDesign and Dreamweaver and a few others. The update for Flash is Critical meaning IT Admins should install these updates within the next 30 days.

Some Features Updates are Now Retired

Act now to keep your environment future proofed as updates will automatically uninstall.

Today the Windows 10 feature update version 1709 (and previous) is retired on Home, Pro and Pro for Workstations editions. If you try to deploy any security updates / patches to Windows 10 which are no longer supported, those updates will uninstall the next time the PC restarts. Ask your account manager how Syxsense can help you deploy your Windows 10 Feature Updates.

We have made a few recommendations below which you should prioritize, use Syxsense to organize and deploy Windows, third-party, Mac OS, and Linux updates to keep your environment safe.

Patch Tuesday Release

Verismic Recommended ID Description Severity Publicly Disclosed Actively being Exploited
Yes CVE-2019-0803 Win32k Elevation of Privilege Vulnerability Important No Yes
Yes CVE-2019-0859 Win32k Elevation of Privilege Vulnerability Important No Yes
Yes CVE-2019-0739 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0786 SMB Server Elevation of Privilege Vulnerability Critical No No
Yes CVE-2019-0791 MS XML Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0792 MS XML Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0793 MS XML Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0806 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0810 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0812 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0829 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0845 Windows IOleCvt Interface Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0853 GDI+ Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0860 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0861 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
CVE-2019-0685 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-0688 Windows TCP/IP Information Disclosure Vulnerability Important No No
CVE-2019-0730 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0731 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0732 Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-0735 Windows CSRSS Elevation of Privilege Vulnerability Important No No
CVE-2019-0752 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0753 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0764 Microsoft Browsers Tampering Vulnerability Important No No
CVE-2019-0790 MS XML Remote Code Execution Vulnerability Important No No
CVE-2019-0794 VBScript Remote Code Execution Vulnerability Important No No
CVE-2019-0795 MS XML Remote Code Execution Vulnerability Important No No
CVE-2019-0796 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0801 Office Remote Code Execution Vulnerability Important No No
CVE-2019-0802 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0805 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0813 Windows Admin Center Elevation of Privilege Vulnerability Important No No
CVE-2019-0814 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0815 ASP.NET Core Denial of Service Vulnerability Important No No
CVE-2019-0817 Microsoft Exchange Spoofing Vulnerability Important No No
CVE-2019-0822 Microsoft Graphics Components Remote Code Execution Vulnerability Important No No
CVE-2019-0823 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0824 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0825 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0826 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0827 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0828 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2019-0830 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0831 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0833 Microsoft Edge Information Disclosure Vulnerability Important No No
CVE-2019-0835 Microsoft Scripting Engine Information Disclosure Vulnerability Important No No
CVE-2019-0836 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0837 DirectX Information Disclosure Vulnerability Important No No
CVE-2019-0838 Windows Information Disclosure Vulnerability Important No No
CVE-2019-0839 Windows Information Disclosure Vulnerability Important No No
CVE-2019-0840 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0841 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0842 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0844 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0846 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0847 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0848 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0849 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0851 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0856 Windows Remote Code Execution Vulnerability Important No No
CVE-2019-0857 Team Foundation Server Spoofing Vulnerability Important No No
CVE-2019-0858 Microsoft Exchange Spoofing Vulnerability Important No No
CVE-2019-0862 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0866 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0867 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0868 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0869 Team Foundation Server HTML Injection Vulnerability Important No No
CVE-2019-0870 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0871 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0874 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0875 Azure DevOps Server Elevation of Privilege Vulnerability Important No No
CVE-2019-0876 Open Enclave SDK Information Disclosure Vulnerability Important No No
CVE-2019-0877 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0879 Jet Database Engine Remote Code Execution Vulnerability Important No No

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
April 9, 2019
Love0
|||

April Patch Tuesday: Don’t Get Burned Twice

By News, Patch Tuesday

Manage Your Vulnerabilities

As we explored in our Total Meltdown article, some updates actually made Windows 7 less secure in the last round of Microsoft Patch Tuesday. Even worse, some caused significant performance issues on older hardware models. Many industry experts are recommending you disable Windows updates, or delay any other form of patch management in anticipation of another bad batch of updates.

Robert Brown, Director of Services for Verismic said, “We trust our technology and we trust the experts leading our security teams. Design a patch management release process which includes time for the necessary testing before global deployment. Not doing patch management only helps the hackers who are looking to expose your network.”

Adobe Patches Critical Bugs in Flash

Adobe fixed four critical vulnerabilities in its Flash Player and InDesign products as part of its regularly scheduled release. In all, Adobe released 13 patches for products including Adobe Experience Manager, Adobe InDesign CC, Adobe Digital Editions and the Adobe PhoneGap Push Plugin. According to Adobe, None of these updates have active exploits in the wild for any of the issues addressed in these updates.

Ransomware Attackers are Targeting Servers over Desktops

According to Verizon, ransomware was found in 39% of cases involving malware. Experts believe ransomware has become so prevalent due to easy deployment, even for less skilled cybercriminals. The risks and costs associated with conducting an operation are also relatively small for the attacker.

Cybercriminals have increasingly started using ransomware to target mission-critical systems, such as file servers and databases. This causes more damage to the targeted organization compared to only desktop systems getting compromised. According to the latest DBIR, financially-motivated attacks remain the most common and accounted for 76% of breaches analyzed in 2017. Cyber espionage is the second most common type of attack, accounting for 13% of breaches.

Robert Brown, Director of Services for Verismic said, “When we onboard our clients with Syxsense, we focus not only on protecting the desktops, instead focus on a viable patching strategy which includes all endpoints within the business, including servers. Syxsense has industry experts to help clients protect their environment with a proactive approach to Windows, Linux and Mac OS patch management.”

Patch Tuesday Release

Microsoft addressed 65 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service (DoS) condition. We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

CVE Number Vulnerability Alert CVSS Score Recommended
CVE-2018-1010 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1012 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1013 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1015 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1016 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-0870 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0956 Microsoft Windows HTTP.sys Denial of Service Vulnerability 7.5 Yes
CVE-2018-0981 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0988 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0996 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0997 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1000 Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability 7.5 Yes
CVE-2018-1001 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1018 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1020 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1028 Microsoft Office Graphics Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0957 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0964 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-1003 Microsoft Windows JET Database Engine Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0963 Microsoft Windows Kernel Elevation of Privilege Vulnerability 7 Yes
CVE-2018-1008 Microsoft Adobe Type Font Driver Privilege Escalation Vulnerability 7 Yes
CVE-2018-1009 Microsoft DirectX Graphics Kernel Subsystem Privilege Escalation Vulnerability 7 Yes
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
April 10, 2018
Love0