Manage Your Vulnerabilities
As we explored in our Total Meltdown article, some updates actually made Windows 7 less secure in the last round of Microsoft Patch Tuesday. Even worse, some caused significant performance issues on older hardware models. Many industry experts are recommending you disable Windows updates, or delay any other form of patch management in anticipation of another bad batch of updates.
Robert Brown, Director of Services for Verismic said, “We trust our technology and we trust the experts leading our security teams. Design a patch management release process which includes time for the necessary testing before global deployment. Not doing patch management only helps the hackers who are looking to expose your network.”
Adobe Patches Critical Bugs in Flash
Adobe fixed four critical vulnerabilities in its Flash Player and InDesign products as part of its regularly scheduled release. In all, Adobe released 13 patches for products including Adobe Experience Manager, Adobe InDesign CC, Adobe Digital Editions and the Adobe PhoneGap Push Plugin. According to Adobe, None of these updates have active exploits in the wild for any of the issues addressed in these updates.
Ransomware Attackers are Targeting Servers over Desktops
According to Verizon, ransomware was found in 39% of cases involving malware. Experts believe ransomware has become so prevalent due to easy deployment, even for less skilled cybercriminals. The risks and costs associated with conducting an operation are also relatively small for the attacker.
Cybercriminals have increasingly started using ransomware to target mission-critical systems, such as file servers and databases. This causes more damage to the targeted organization compared to only desktop systems getting compromised. According to the latest DBIR, financially-motivated attacks remain the most common and accounted for 76% of breaches analyzed in 2017. Cyber espionage is the second most common type of attack, accounting for 13% of breaches.
Robert Brown, Director of Services for Verismic said, “When we onboard our clients with Syxsense, we focus not only on protecting the desktops, instead focus on a viable patching strategy which includes all endpoints within the business, including servers. Syxsense has industry experts to help clients protect their environment with a proactive approach to Windows, Linux and Mac OS patch management.”
Patch Tuesday Release
Microsoft addressed 65 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service (DoS) condition. We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.
|CVE Number||Vulnerability Alert||CVSS Score||Recommended|
|CVE-2018-1010||Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability||8.8||Yes|
|CVE-2018-1012||Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability||8.8||Yes|
|CVE-2018-1013||Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability||8.8||Yes|
|CVE-2018-1015||Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability||8.8||Yes|
|CVE-2018-1016||Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability||8.8||Yes|
|CVE-2018-0870||Microsoft Internet Explorer Memory Corruption Vulnerability||7.5||Yes|
|CVE-2018-0956||Microsoft Windows HTTP.sys Denial of Service Vulnerability||7.5||Yes|
|CVE-2018-0981||Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability||7.5||Yes|
|CVE-2018-0988||Microsoft Internet Explorer Memory Corruption Vulnerability||7.5||Yes|
|CVE-2018-0996||Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability||7.5||Yes|
|CVE-2018-0997||Microsoft Internet Explorer Memory Corruption Vulnerability||7.5||Yes|
|CVE-2018-1000||Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability||7.5||Yes|
|CVE-2018-1001||Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability||7.5||Yes|
|CVE-2018-1018||Microsoft Internet Explorer Memory Corruption Vulnerability||7.5||Yes|
|CVE-2018-1020||Microsoft Internet Explorer Memory Corruption Vulnerability||7.5||Yes|
|CVE-2018-1028||Microsoft Office Graphics Arbitrary Code Execution Vulnerability||7.5||Yes|
|CVE-2018-0957||Microsoft Windows Hyper-V Information Disclosure Vulnerability||7.2||Yes|
|CVE-2018-0964||Microsoft Windows Hyper-V Information Disclosure Vulnerability||7.2||Yes|
|CVE-2018-1003||Microsoft Windows JET Database Engine Arbitrary Code Execution Vulnerability||7.1||Yes|
|CVE-2018-0963||Microsoft Windows Kernel Elevation of Privilege Vulnerability||7||Yes|
|CVE-2018-1008||Microsoft Adobe Type Font Driver Privilege Escalation Vulnerability||7||Yes|
|CVE-2018-1009||Microsoft DirectX Graphics Kernel Subsystem Privilege Escalation Vulnerability||7||Yes|