February Patch Tuesday: Disable Windows Update

By bmhumeNews, Patch Management, Patch TuesdayOne Comment

February Patch Tuesday: Disable Windows Update

It's the second Tuesday of February, which means it's time for another round of Patch Tuesday security updates from Microsoft.

Microsoft has released almost 80 security patches today covering IE, Edge, Exchange, Windows, .NET Framework and Office. There are only 20 rated Critical, 54 rated Important, and 3 are rated Moderate in severity.

Four of the updates released CVE-2019-0636, CVE-2019-0686, CVE-2019-0646 and CVE-2019-0647 are marked as “Publicly Disclosed” meaning there is an increased risk of attack in the near future. Although they are marked Important, we would highly recommend these updates be prioritized this month.

Why should you disable Windows Update?

Many of our customers are concerned that updates released by Microsoft cause significant user disruption, and are simply unable to keep up with the constant fire fighting bad patches give an IT department.

The first reaction is not to patch. This places your environment and users’ identity at risk of exposure, and risk a total network breach. Leaving Windows Update enabled in its default setting downloads and installs all updates released by Microsoft on the same day they are released, leaving your IT department no time to test.

Our clients like the way Syxsense provides the control over when and where the scanning and deployment of updates takes place, providing much relieved stress to any IT department. Ask us how Maintenance Windows can help schedule any patch deployment over high dispersed environments.

Adobe Releases Over 70 Updates

Acrobat and Reader from version 2019.010.20069 and earlier for both Windows and Mac OS are affected. All updates carry a Priority Rating of 2 meaning there is an elevated risk of exploit although no active exploits are known to exist in the wild.

Robert Brown, Director of Services said, “Adobe use their Priority Rating to illustrate how quickly users should update their systems, in this case they recommend within 30 days. Users using Mac OS who usually update their systems manually can truly benefit from the remote patching capability of Syxsense which enables automation over a typical otherwise manual method.”

Of the 71 updates released today, 43 are rating Critical. If exploited, this would allow malicious native-code to execute, potentially without a user being aware.

Is it time to replace IE?

Over the past several months there is an increasing amount of “Actively Exploited” updates being fixed by Microsoft. CVE-2019-0676 is no exception, and as it involved Internet Explorer which is still highly used we would recommend this update be one of your top priorities.

If you wish to replace IE with another browser, Syxsense can deploy the software throughout your environment, and better still your new browser can be kept up date using the Patch Manager solution. Replace your IE browser before an exploit ruins your Valentine’s Day.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Patch Tuesday Release

CVE ID	Patch Description	Severity	Publicly Disclosed	Active Exploited	Recommended
CVE-2019-0676	Internet Explorer Information Disclosure Vulnerability	Important	No	Yes	Yes
CVE-2019-0636	Windows Information Disclosure Vulnerability	Important	Yes	No	Yes
CVE-2019-0686	Microsoft Exchange Server Elevation of Privilege Vulnerability	Important	Yes	No	Yes
CVE-2019-0646	Team Foundation Server Cross-site Scripting Vulnerability	Important	Yes	No	Yes
CVE-2019-0647	Team Foundation Server Information Disclosure Vulnerability	Important	Yes	No	Yes
CVE-2019-0590	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0591	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0593	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0594	Microsoft SharePoint Remote Code Execution Vulnerability	Critical	No	No	Yes
CVE-2019-0604	Microsoft SharePoint Remote Code Execution Vulnerability	Critical	No	No	Yes
CVE-2019-0605	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0606	Internet Explorer Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0607	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0618	GDI+ Remote Code Execution Vulnerability	Critical	No	No	Yes
CVE-2019-0626	Windows DHCP Server Remote Code Execution Vulnerability	Critical	No	No	Yes
CVE-2019-0634	Microsoft Edge Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0640	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0642	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0644	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0645	Microsoft Edge Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0650	Microsoft Edge Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0651	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0652	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0655	Scripting Engine Memory Corruption Vulnerability	Critical	No	No	Yes
CVE-2019-0662	GDI+ Remote Code Execution Vulnerability	Critical	No	No	Yes
CVE-2019-0540	Microsoft Office Security Feature Bypass Vulnerability	Important	No	No
CVE-2019-0595	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0596	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0597	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0598	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0599	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0600	HID Information Disclosure Vulnerability	Important	No	No
CVE-2019-0601	HID Information Disclosure Vulnerability	Important	No	No
CVE-2019-0602	Windows GDI Information Disclosure Vulnerability	Important	No	No
CVE-2019-0610	Scripting Engine Memory Corruption Vulnerability	Important	No	No
CVE-2019-0613	.NET Framework and Visual Studio Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0615	Windows GDI Information Disclosure Vulnerability	Important	No	No
CVE-2019-0616	Windows GDI Information Disclosure Vulnerability	Important	No	No
CVE-2019-0619	Windows GDI Information Disclosure Vulnerability	Important	No	No
CVE-2019-0621	Windows Kernel Information Disclosure Vulnerability	Important	No	No
CVE-2019-0623	Win32k Elevation of Privilege Vulnerability	Important	No	No
CVE-2019-0625	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0627	Windows Security Feature Bypass Vulnerability	Important	No	No
CVE-2019-0628	Win32k Information Disclosure Vulnerability	Important	No	No
CVE-2019-0630	Windows SMB Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0631	Windows Security Feature Bypass Vulnerability	Important	No	No
CVE-2019-0632	Windows Security Feature Bypass Vulnerability	Important	No	No
CVE-2019-0633	Windows SMB Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0635	Windows Hyper-V Information Disclosure Vulnerability	Important	No	No
CVE-2019-0637	Windows Defender Firewall Security Feature Bypass Vulnerability	Important	No	No
CVE-2019-0648	Scripting Engine Information Disclosure Vulnerability	Important	No	No
CVE-2019-0649	Scripting Engine Elevation of Privileged Vulnerability	Important	No	No
CVE-2019-0654	Microsoft Browser Spoofing Vulnerability	Important	No	No
CVE-2019-0656	Windows Kernel Elevation of Privilege Vulnerability	Important	No	No
CVE-2019-0657	.NET Framework and Visual Studio Spoofing Vulnerability	Important	No	No
CVE-2019-0658	Scripting Engine Information Disclosure Vulnerability	Important	No	No
CVE-2019-0659	Windows Storage Service Elevation of Privilege Vulnerability	Important	No	No
CVE-2019-0660	Windows GDI Information Disclosure Vulnerability	Important	No	No
CVE-2019-0661	Windows Kernel Information Disclosure Vulnerability	Important	No	No
CVE-2019-0664	Windows GDI Information Disclosure Vulnerability	Important	No	No
CVE-2019-0668	Microsoft SharePoint Elevation of Privilege Vulnerability	Important	No	No
CVE-2019-0669	Microsoft Excel Information Disclosure Vulnerability	Important	No	No
CVE-2019-0724	Microsoft Exchange Server Elevation of Privilege Vulnerability	Important	No	No
CVE-2019-0728	Visual Studio Code Remote Code Execution Vulnerability	Important	No	No
CVE-2019-0641	Microsoft Edge Security Feature Bypass Vulnerability	Moderate	No	No
CVE-2019-0643	Microsoft Edge Information Disclosure Vulnerability	Moderate	No	No
CVE-2019-0670	Microsoft SharePoint Spoofing Vulnerability	Moderate	No	No

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

February 13, 2019

Love0

Telegram Messenger Exploited Again

Back in March 2017 we saw “Secure” WhatsApp and Telegram messenger applications being exploited by the user receiving a seemingly harmless image file which actually hosts malicious HTML code.

This code directs them to a webpage specifically crafted to harvest personal data from the user device and hijack their accounts.

Today it seems that Telegram did not learn their lesson. The application has been exploited again using the same flaw, this time with the aim of distributing malicious software to harness the users device for mining cryptocurrencies.

CVE-ID	Vendor Name	Title	CVSS	Recommended
CVE-2018-0825	Microsoft	Microsoft Windows StructuredQuery Arbitrary Code Execution Vulnerability	8.1	Yes
CVE-2018-0844	Microsoft	Microsoft Windows Common Log File System Driver Privilege Escalation Vulnerability	7.8	Yes
CVE-2018-0846	Microsoft	Microsoft Windows Common Log File System Driver Privilege Escalation Vulnerability	7.8	Yes
CVE-2018-0840	Microsoft	Microsoft Edge and Internet Explorer Scripting Engine Memory Corruption Vulnerability	7.5	Yes
CVE-2018-0847	Microsoft	Microsoft Internet Explorer Information Disclosure Vulnerability	7.5	Yes
CVE-2018-0866	Microsoft	Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability	7.5	Yes
CVE-2018-0742	Microsoft	Microsoft Windows Kernel Privilege Escalation Vulnerability	7
CVE-2018-0756	Microsoft	Microsoft Windows Kernel Privilege Escalation Vulnerability	7
CVE-2018-0809	Microsoft	Microsoft Windows Privilege Escalation Vulnerability	7
CVE-2018-0820	Microsoft	Microsoft Windows Kernel Privilege Escalation Vulnerability	7
CVE-2018-0823	Microsoft	Microsoft Windows Named Pipe File System Privilege Escalation Vulnerability	7
CVE-2018-0826	Microsoft	Microsoft Windows Storage Services Privilege Escalation Vulnerability	7
CVE-2018-0842	Microsoft	Microsoft Windows Arbitrary Code Execution Vulnerability	6.7
CVE-2018-0828	Microsoft	Microsoft Windows Privilege Escalation Vulnerability	6.6
CVE-2018-0831	Microsoft	Microsoft Windows Kernel Privilege Escalation Vulnerability	6.6
CVE-2018-0755	Microsoft	Microsoft Windows OpenType Font Information Disclosure Vulnerability	5.5
CVE-2018-0760	Microsoft	Microsoft Windows OpenType Font Information Disclosure Vulnerability	5.5
CVE-2018-0761	Microsoft	Microsoft Windows OpenType Font Information Disclosure Vulnerability	5.5
CVE-2018-0853	Microsoft	Microsoft Office Information Disclosure Vulnerability	5.5
CVE-2018-0855	Microsoft	Microsoft Windows OpenType Font Information Disclosure Vulnerability	5.5
CVE-2018-0864	Microsoft	Microsoft SharePoint Cross-Site Scripting Vulnerability	5.4
CVE-2018-0869	Microsoft	Microsoft SharePoint Cross-Site Scripting Vulnerability	5.4
CVE-2018-0821	Microsoft	Microsoft Windows AppContainer Privilege Escalation Vulnerability	5.3
CVE-2018-0827	Microsoft	Microsoft Windows Security Feature Bypass Vulnerability	5.3
CVE-2018-0833	Microsoft	Microsoft Windows SMB Request Processing Denial of Service Vulnerability	4.8
CVE-2018-0757	Microsoft	Microsoft Windows Kernel Information Disclosure Vulnerability	4.7
CVE-2018-0810	Microsoft	Microsoft Windows Kernel Information Disclosure Vulnerability	4.7
CVE-2018-0829	Microsoft	Microsoft Windows Kernel Information Disclosure Vulnerability	4.7
CVE-2018-0830	Microsoft	Microsoft Windows Kernel Information Disclosure Vulnerability	4.7
CVE-2018-0832	Microsoft	Microsoft Windows Information Disclosure Vulnerability	4.7
CVE-2018-0843	Microsoft	Microsoft Windows Kernel Information Disclosure Vulnerability	4.7
CVE-2018-0839	Microsoft	Microsoft Edge Information Disclosure Vulnerability	4.3
CVE-2018-0850	Microsoft	Microsoft Outlook Security BypassVulnerability	4.3
CVE-2018-0763	Microsoft	Microsoft Edge Information Disclosure Vulnerability	4.2
CVE-2018-0834	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0835	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0836	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0837	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0838	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0841	Microsoft	Microsoft Office Memory Corruption Vulnerability	4.2
CVE-2018-0851	Microsoft	Microsoft Office Memory Corruption Vulnerability	4.2
CVE-2018-0852	Microsoft	Microsoft Outlook Memory Corruption Vulnerability	4.2
CVE-2018-0856	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0857	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0858	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0859	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2
CVE-2018-0860	Microsoft	Microsoft Edge Scripting Engine Memory Corruption Vulnerability	4.2

Feb Patch Tuesday updates