Skip to main content
Tag

internet explorer

||

Microsoft’s February 2020 Patch Tuesday Fixes 99 Security Issues

By Patch Management, Patch TuesdayNo Comments

Microsoft’s February 2020 Patch Tuesday Fixes 99 Security Issues

The official Patch Tuesday updates have arrived for February, including 99 vulnerability fixes. Catch up on the latest news from Microsoft and start patching.
[vc_empty_space]
[vc_single_image image=”36945″ img_size=”full”]

February Patch Tuesday is Here

Microsoft have released 99 patches today. There are 12 Critical patches with the remaining marked Important.

Support for Windows 7 and Windows Server 2008 (including R2) was officially ended last month, but there are plenty of updates released this month for customers who have purchased an extension agreement.

Zero Day Weaponized Bug for IE

CVE-2020-0674, which carries a Critical vendor severity and High CVSS score, has been documented as being Publicly Aware and actively Weaponized.

This is as close to a Zero Day as you can get, and we encourage all users still using Internet Explorer to update this as soon as possible. This vulnerability affects Windows 7, which officially ended support last month, and Windows 10 through Windows Server 2008 to 2012.

Robert Brown, Director of Services for Syxsense said, “If you are still using Internet Explorer on Windows 7 and have not purchased the CSA / ESU extension, you may wish to consider uninstalling IE and replacing it with another browser immediately due to the critical nature of this vulnerability. It has huge potential to be used to install Ransomware or other software simply by accessing an infected website. Customers using Syxsense Manage or Syxsense Secure will be able to deploy all new Windows 7 content to your licensed Windows 7 systems.”

[vc_single_image image=”36750″ img_size=”full” alignment=”center” onclick=”custom_link” css_animation=”fadeIn” link=”https://www.syxsense.com/internet-explorer-vulnerability-has-massive-security-flaw/”]

Microsoft released a security advisory for an unpatched IE code-execution vulnerability.

Another Adobe Headache

Adobe released 42 updates today—the largest of the year so far. They have fixed bugs in Framemaker, Experience Manager, Adobe Digital Editions, Flash, and Acrobat and Reader. Both Syxsense and Adobe recommend these Critical updates be deployed within the next 7 days.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Syxsense Recommendations

Based on the vendor severity and CVSS score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are Publicly Aware and / or Weaponized.

 

CVE Ref. Description Vendor Severity CVSS Base Score Counter-measure Publicly Aware Weaponized Syxsense Recommended
CVE-2020-0674 Scripting Engine Memory Corruption Vulnerability Critical 7.5 No Yes Yes Yes
CVE-2020-0689 Microsoft Secure Boot Security Feature Bypass Vulnerability Important 8.2 No Yes No Yes
CVE-2020-0683 Windows Installer Elevation of Privilege Vulnerability Important 7 No Yes No Yes
CVE-2020-0686 Windows Installer Elevation of Privilege Vulnerability Important 7 No Yes No Yes
CVE-2020-0706 Microsoft Browser Information Disclosure Vulnerability Important 4.3 No Yes No Yes
CVE-2020-0738 Media Foundation Memory Corruption Vulnerability Critical 8.8 No No No Yes
CVE-2020-0662 Windows Remote Code Execution Vulnerability Critical 8.6 No No No Yes
CVE-2020-0729 LNK Remote Code Execution Vulnerability Critical 7.5 No No No Yes
CVE-2020-0681 Remote Desktop Client Remote Code Execution Vulnerability Critical 7.5 No No No Yes
CVE-2020-0734 Remote Desktop Client Remote Code Execution Vulnerability Critical 7.5 No No No Yes
CVE-2020-0673 Scripting Engine Memory Corruption Vulnerability Critical 7.5 No No No Yes
CVE-2020-0767 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0710 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0712 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0713 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0711 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0757 Windows SSH Elevation of Privilege Vulnerability Important 8.2 No No No Yes
CVE-2020-0655 Remote Desktop Services Remote Code Execution Vulnerability Important 8 No No No Yes
CVE-2020-0740 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0741 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0742 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0743 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0749 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0750 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0727 Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0703 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0701 Windows Client License Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0657 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0747 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0659 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0737 Windows Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0739 Windows Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0753 Windows Error Reporting Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0754 Windows Error Reporting Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0678 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0679 Windows Function Discovery Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0680 Windows Function Discovery Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0682 Windows Function Discovery Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0745 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0707 Windows IME Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0668 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0669 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0670 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0671 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0672 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0666 Windows Search Indexer Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0667 Windows Search Indexer Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0735 Windows Search Indexer Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0752 Windows Search Indexer Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0704 Windows Wireless Network Manager Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0708 Windows Imaging Library Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2020-0660 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important 7.5 No No No
CVE-2020-0709 DirectX Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0732 DirectX Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0720 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0721 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0722 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0723 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0725 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0726 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0731 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0719 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0724 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0685 Windows COM Server Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0792 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0715 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0661 Windows Hyper-V Denial of Service Vulnerability Important 6.8 No No No
CVE-2020-0665 Active Directory Elevation of Privilege Vulnerability Important 6.6 No No No
CVE-2020-0730 Windows User Profile Service Elevation of Privilege Vulnerability Important 6.3 No No No
CVE-2020-0751 Windows Hyper-V Denial of Service Vulnerability Important 6 No No No
CVE-2020-0746 Microsoft Graphics Components Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0717 Win32k Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0716 Win32k Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0658 Windows Common Log File System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0744 Windows GDI Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0698 Windows Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0736 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0675 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0676 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0677 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0748 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0755 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0756 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0705 Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0691 Win32k Elevation of Privilege Vulnerability Important 4.7 No No No
CVE-2020-0714 DirectX Information Disclosure Vulnerability Important 4.7 No No No
CVE-2020-0663 Microsoft Edge Elevation of Privilege Vulnerability Important 4.2 No No No
CVE-2020-0728 Windows Modules Installer Service Information Disclosure Vulnerability Important 3.3 No No No
CVE-2020-0692 Microsoft Exchange Server Elevation of Privilege Vulnerability Important TBC No No No
CVE-2020-0733 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability Important TBC No No No
CVE-2020-0759 Microsoft Excel Remote Code Execution Vulnerability Important TBC No No No
CVE-2020-0688 Microsoft Exchange Memory Corruption Vulnerability Important TBC No No No
CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability Important TBC No No No
CVE-2020-0696 Microsoft Outlook Security Feature Bypass Vulnerability Important TBC No No No
CVE-2020-0702 Surface Hub Security Feature Bypass Vulnerability Important TBC No No No
CVE-2020-0695 Microsoft Office Online Server Spoofing Vulnerability Important TBC No No No
CVE-2020-0697 Microsoft Office Tampering Vulnerability Important TBC No No No
CVE-2020-0693 Microsoft Office SharePoint XSS Vulnerability Important TBC No No No
CVE-2020-0694
||||

Internet Explorer Has Massive Security Flaw

By Blog, Patch ManagementNo Comments

Internet Explorer Has Massive Security Flaw

Microsoft recently released a security advisory alerting its users of an unpatched code-execution vulnerability in Internet Explorer.
[vc_empty_space]
[vc_single_image image=”36752″ img_size=”full”]

What is the IE Vulnerability?

Microsoft recently released a security advisory alerting its users of an unpatched code-execution vulnerability in Internet Explorer.

The vulnerability (CVE-2020-0674), which is listed as high as critical in severity for Internet Explorer version 11 and moderate in severity for Internet Explorer versions 9 and 10, “exists in the way that the scripting engine handles objects in memory in Internet Explorer”, Microsoft stated in its advisory.

“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights,” Microsoft went on to explain in the advisory.

“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.”

How the IE Vulnerability was Discovered

Microsoft stated they had learned about the vulnerability by Clément Lecigne of Google’s Threat Analysis Group (TAG) and Ella Yu from Qihoo 360, which have apparently seen the weakness being exploited in limited, targeted attacks.

Google’s Threat Analysis Group has previously reported several vulnerabilities to Microsoft, including one in the Windows 7/2008R2 architecture (CVE-2019-0808) as well as another Internet Explorer exploit (CVE-2019-1367).

Managing the IE Vulnerability

Although the vulnerability sounds intense, Microsoft stated it’s not present in the supported versions of Internet Explorer (which uses Jscrip9.dll) and they instead took a firm stance on waiting until next month’s Patch Tuesday to produce remediation.

“Microsoft is aware of this vulnerability and working on a fix,” Microsoft stated at the end of their advisory. “Our standard policy is to release security updates on Update Tuesday, the second Tuesday of each month. This predictable schedule allows for partner quality assurance and IT planning, which helps maintain the Windows ecosystem as a reliable, secure choice for our customers.”

For those that require a quick fix, Microsoft detailed a workaround that leverages administrative commands to restrict access to the vulnerable scripting library. It should be noted that the workaround may result in reduced functionality for components or features that rely on jscript.dll.

Security professionals have also advised users to simply stop using Internet Explorer and instead switch to a more reliable and secure solution; however, this may not be easy for all as some existing web-based software still requires outdated version of Internet Explorer. Microsoft has even recently launched its own Chromium-based Edge browser to provide better compatibility to its customers.

Syxsense Manage and Syxsense Secure can easily resolve vulnerabilities across your entire environment. Find peace of mind by trusting your Syxsense and set up a free trial today.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

Microsoft’s November 2019 Patch Tuesday Fixes IE Zero-Day

By News, Patch Management, Patch TuesdayNo Comments

Microsoft’s November 2019 Patch Tuesday Fixes IE Zero-Day

Microsoft has released 74 Patch Tuesday updates, including 13 Critical updates and a fix for a remote code execution vulnerability in Internet Explorer.
[vc_empty_space]
[vc_single_image image=”35622″ img_size=”full”]

November 2019 Patch Tuesday: What to Expect

Microsoft has released 74 updates today – there are 13 Critical and 61 Important updates to deal with.

CVE-2019-1429 has been released to solve a bug that is being weaponized! This vulnerability should be treated as an ‘Out-of-Band’ update for anyone still using Internet Explorer. Previously, we have suggested moving away from IE—this is yet another reason to look for a safer browser for your business.

Robert Brown, Director of Services for Syxsense said, “The biggest risk our customers can take, is not treating weaponized vulnerabilities seriously enough. Weaponized vulnerabilities are often not the highest severity and aren’t prioritized enough by IT managers and security administrators. In this case, the severity is critical. If the vulnerability was exploited, it could easily be used to spread ransomware or take over a system. Please patch this now.”

Not Critical, But High Priority Patches

CVE-2019-1384 and CVE-2019-1424 have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these 8.5 and 8.1 respectively. CVE-2019-1384 is a vulnerability impacting all Windows operating systems from Windows 7 to Windows Server 2019 where an attacker could obtain key and sign in messages making some security login audit records redundant. It can also infect other machines.

We believe CVE-2019-1424 is particularly dangerous. If exposed, this vulnerability could downgrade the secure communications channel leading to communications messages being sent to Windows improperly—possibly even intercepted and recorded.

Latest Adobe Patches

Adobe released four patches for Adobe Animate CC, Illustrator CC, Bridge CC, and Media Encoder. The Media Encoder patch includes a critical fix for an out-of-bounds (OOB) that could allow code execution. Both Syxsense and Adobe recommend this Out-of-Band update be deployed within the next 7 days.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

November 2019 Patch Tuesday Update

Based on the vendor severity and CVSS score, we have made a few recommendations for what to prioritize this month. Pay close attention to those under Publicly Aware and Weaponized.

 

CVE Ref. Description Vendor Severity CVSS Base Score Publicly Aware Weaponised Syxsense Secure Recommended
CVE-2019-1429 Scripting Engine Memory Corruption Vulnerability Critical 7.5 No Yes YES
CVE-2019-1373 Microsoft Exchange Remote Code Execution Vulnerability Critical NA No No YES
CVE-2019-1457 Microsoft Office Excel Security Feature Bypass Important NA Yes No YES
CVE-2019-1384 Microsoft Windows Security Feature Bypass Vulnerability Important 8.5 No No YES
CVE-2019-1424 NetLogon Security Feature Bypass Vulnerability Important 8.1 No No YES
CVE-2019-0721 Hyper-V Remote Code Execution Vulnerability Critical 8 No No YES
CVE-2019-1419 OpenType Font Parsing Remote Code Execution Vulnerability Critical 7.8 No No YES
CVE-2019-1379 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1380 Microsoft splwow64 Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1382 Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1383 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1385 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1388 Windows Certificate Dialog Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1393 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1394 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1395 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1396 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1405 Windows UPnP Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1407 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1408 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1415 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1416 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1417 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1420 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1422 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1423 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1456 OpenType Font Parsing Remote Code Execution Vulnerability Important 7.8 No No YES
CVE-2019-1389 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1397 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1398 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1390 VBScript Remote Code Execution Vulnerability Critical 7.5 No No YES
CVE-2019-1430 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Critical 7.3 No No YES
CVE-2019-1370 Open Enclave SDK Information Disclosure Vulnerability Important 7 No No YES
CVE-2019-1392 Windows Kernel Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1433 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1434 Win32k Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1435 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1437 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1438 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1441 Win32k Graphics Remote Code Execution Vulnerability Critical 6.7 No No YES
CVE-2019-1406 Jet Database Engine Remote Code Execution Vulnerability Important 6.7 No No
CVE-2019-1381 Microsoft Windows Information Disclosure Vulnerability Important 6.6 No No
CVE-2019-0712 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1309 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1310 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1374 Windows Error Reporting Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1391 Windows Denial of Service Vulnerability Important 5.5 No No
CVE-2019-1409 Windows Remote Procedure Call Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1436 Win32k Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1399 Windows Hyper-V Denial of Service Vulnerability Important 5.4 No No
CVE-2019-1324 Windows TCP/IP Information Disclosure Vulnerability Important 5.3 No No
CVE-2019-1412 OpenType Font Driver Information Disclosure Vulnerability Important 5 No No
CVE-2019-1440 Win32k Information Disclosure Vulnerability Important 5 No No
CVE-2018-12207 Windows Kernel Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-11135 Windows Kernel Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-1439 Windows GDI Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-1411 DirectWrite Information Disclosure Vulnerability Important 4.4 No No
CVE-2019-1432 DirectWrite Information Disclosure Vulnerability Important 4.4 No No
CVE-2019-1413 Microsoft Edge Security Feature Bypass Vulnerability Important 4.3 No No
CVE-2019-1426 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1427 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1428 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1418 Windows Modules Installer Service Information Disclosure Vulnerability Important 3.5 No No
CVE-2019-1234 Azure Stack Spoofing Vulnerability Important NA No No
CVE-2019-1402 Microsoft Office Information Disclosure Vulnerability Important NA No No
CVE-2019-1425 Visual Studio Elevation of Privilege Vulnerability Important NA No No
CVE-2019-1442 Microsoft Office Security Feature Bypass Vulnerability Important NA No No
CVE-2019-1443 Microsoft SharePoint Information Disclosure Vulnerability Important NA No No
CVE-2019-1445 Microsoft Office Online Spoofing Vulnerability Important NA No No
CVE-2019-1446 Microsoft Excel Information Disclosure Vulnerability Important NA No No
CVE-2019-1447 Microsoft Office Online Spoofing Vulnerability Important NA No No
CVE-2019-1448 Microsoft Excel Remote Code Execution Vulnerability Important NA No No
CVE-2019-1449 Microsoft Office ClickToRun Security Feature Bypass Vulnerability Important NA No No
CVE-2019-1454 Windows User Profile Service Elevation of Privilege Vulnerability Important NA No No
|

Emergency Fix for IE Zero Day

By News, Patch ManagementNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Microsoft Releases Patch to Address Active Exploit

After learning about it from Google, Microsoft has moved to fix CVE-2018-8653. This flaw in Internet Explorer is being actively exploited in the wild.

According to the Microsoft release, this remote code execution issue “could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.”

The vulnerability effects Internet Explorer 11 on Windows 7 to 10 and Windows Server 2012, 2016, and 2019. For Explorer 10, it effects Windows Server 2012. For Explorer 9, it effects Windows Server 2008.

As it is being actively exploited, it’s critical to check that all systems have updated Internet Explorer.

Using Syxsense to Address This Issue

Syxsense is designed to facilitate and simplify any patching strategy. While you can run a comprehensive scan of all devices on a network, you can also run a targeted scan seeking a specific software. The console can easily display which devices are running which version of an application that might be at risk.

From there, it’s simple to set up a task that targets every device that requires the needed update.

With visual gadgets in both the device and task views, an IT manager can track the completion status of the deployment.

With everything being integrated, a report can be generated from the task information. Software can also be completely rolled back, if needed.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Microsoft Releases Out-of-Band Security Updates

By News, Patch Management, Patch TuesdayNo Comments

Microsoft Releases Out-of-Band Security Updates

Microsoft's out-of-band security updates address two vulnerabilities, including a zero-day vulnerability in the Internet Explorer (IE) scripting engine.
[vc_empty_space]
[vc_single_image image=”34294″ img_size=”full”]

Microsoft Urges Users to Install Emergency Patches

Microsoft released an emergency set of cumulative updates for Windows 10 devices running the May 2019 update (Windows 10 version 1903) and earlier.

The out-of-band security updates address two vulnerabilities, including a zero-day vulnerability in the Internet Explorer (IE) scripting engine that has been actively exploited in the wild as well as a Microsoft Defender bug.

The IE zero-day vulnerability (CVE-2019-1367) is a remote code execution flaw that could easily enable an attacker who successfully exploited it to gain the same user rights as the current logged-in user.

“If the current user is logged-on with administrative rights, an attacker who successfully exploited the vulnerability could take control of an affected system,” stated Microsoft.

This flaw could also be exploited remotely and online; the attacker could even potentially host their own website specifically-designed to exploit the vulnerability within IE and then trick the end-user to view said website, via email or other means.

U.S. CERT Warns of Microsoft Vulnerabilities

The other released vulnerability (CVE-2019-1255) is a denial-of-service flaw in Microsoft Defender, Microsoft’s standard antivirus that ships with Windows 8 and later operating systems.

According to Microsoft, “an attacker could exploit the vulnerability to prevent legitimate accounts from executing legitimate system binaries.” The flaw allows an attacker to disable the Defender components from executing. Microsoft has released V1.1.16400.2 to the Microsoft Malware Protection Engine to resolve the concern.

[vc_single_image image=”34291″ img_size=”full” alignment=”center”]

Tweet from U.S. CERT about vulnerabilities

“Microsoft has released out-of-band security updates to address vulnerabilities in Microsoft software,” stated the U.S. Computer Emergency Readiness Team (CERT). “A remote attacker could exploit one of these vulnerabilities to take control of an affected system.”

These updates stand out seeing as Microsoft typically only releases security updates on Patch Tuesday, the second Tuesday of every month. Microsoft rarely changes their frequency of release unless the updates are considered critically important for security issues.

This release is indeed very important and all Windows users are strongly advised to patch as soon as possible. The update for the IE zero-day vulnerability is a manual update while the Defender bug will be patched automatically and silently within 48 hours of its availability.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]
|

Emergency Fix for IE Zero Day

By News, Patch ManagementNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Microsoft Releases Patch to Address Active Exploit

After learning about it from Google, Microsoft has moved to fix CVE-2018-8653. This flaw in Internet Explorer is being actively exploited in the wild.

According to the Microsoft release, this remote code execution issue “could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.”

The vulnerability effects Internet Explorer 11 on Windows 7 to 10 and Windows Server 2012, 2016, and 2019. For Explorer 10, it effects Windows Server 2012. For Explorer 9, it effects Windows Server 2008.

As it is being actively exploited, it’s critical to check that all systems have updated Internet Explorer.

Using Syxsense to Address This Issue

Syxsense is designed to facilitate and simplify any patching strategy. While you can run a comprehensive scan of all devices on a network, you can also run a targeted scan seeking a specific software. The console can easily display which devices are running which version of an application that might be at risk.

From there, it’s simple to set up a task that targets every device that requires the needed update.

With visual gadgets in both the device and task views, an IT manager can track the completion status of the deployment.

With everything being integrated, a report can be generated from the task information. Software can also be completely rolled back, if needed.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]