Skip to main content
Tag

March Patch Tuesday

||

March Patch Tuesday: Eliminate the Exploits

By News, Patch Management, Patch TuesdayNo Comments

March Patch Tuesday: Eliminate the Exploits

It's the second Tuesday of March, which means it's time for another round of Patch Tuesday security updates.

Microsoft has released 64 patches today covering IE, Edge, Exchange, Windows and Office. There are 17 rated Critical, 45 rated Important, 1 is rated Moderate and is rated Low in severity—this is much less than last month’s release of over 80 updates, however there are still some surprises in this release to keep you busy.

Prioritize Now: Public Announced and Current Exploits

Four of the updates CVE-2019-0683, CVE-2019-0754, CVE-2019-0757 and CVE-2019-0809 are marked as “Publicly Disclosed” meaning there is an increased risk of attack in the very near future, and two updates CVE-2019-0797 & CVE-2019-0808 are marked as “Being Exploited” meaning you should prioritize them now.

Robert Brown, Director of Services for Verismic said, “You should treat these 6 updates with the highest importance, and you should especially treat CVE-2019-0797 & CVE-2019-0808 as a Zero Day because active exploits means actual attempts on your networks by those who wish to expose your data.”

Adobe Patches Flash, Photoshop and Digital Editions

Adobe has given a slight reprieve to IT managers this month by releasing only 3 updates: one for Flash, Photoshop and Digital Editions. Although these updates carry a Critical severity, they are ranked by Adobe with a Priority of 3 meaning administrators should install these updates at their discretion.

Features Updates Due for Retirement

On April 9, the Windows 10 feature update version 1709 will be due for retirement on Home, Pro and Pro for Workstations editions. If you are still using Enterprise or Education editions, you have another year to plan your upgrade.

Use Syxsense to organize and deploy Windows, third-party, Mac OS and Linux updates to keep your environment safe. Our clients love having control over when and where the scanning and deployment of updates takes place, providing peace of mind to any IT department.

Patch Tuesday Release

ID Description Severity Publicly Announced Actively Exploited Recommended
CVE-2019-0797 Win32k Elevation of Privilege Vulnerability Important No Yes Yes
CVE-2019-0808 Win32k Elevation of Privilege Vulnerability Important No Yes Yes
CVE-2019-0683 Active Directory Elevation of Privilege Vulnerability Important Yes No Yes
CVE-2019-0754 Windows Denial of Service Vulnerability Important Yes No Yes
CVE-2019-0757 NuGet Package Manager Tampering Vulnerability Important Yes No Yes
CVE-2019-0809 Visual Studio Remote Code Execution Vulnerability Important Yes No Yes
CVE-2019-0592 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0603 Windows Deployment Services TFTP Server Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0609 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0639 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0666 Windows VBScript Engine Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0667 Windows VBScript Engine Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0680 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0697 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0698 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0726 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0756 MS XML Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0763 Internet Explorer Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0769 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0770 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0771 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0773 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0784 Windows ActiveX Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0612 Microsoft Edge Security Feature Bypass Vulnerability Important No No
CVE-2019-0614 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0617 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0665 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0678 Microsoft Edge Elevation of Privilege Vulnerability Important No No
CVE-2019-0682 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0689 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0690 Windows Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0692 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0693 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0694 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0695 Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0696 Windows Kernel Elevation of Privilege Vulnerability Important No No
CVE-2019-0701 Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0702 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0703 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0704 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0748 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0755 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0759 Windows Print Spooler Information Disclosure Vulnerability Important No No
CVE-2019-0761 Windows Security Zone Bypass Vulnerability Important No No
CVE-2019-0762 Microsoft Browsers Security Feature Bypass Vulnerability Important No No
CVE-2019-0765 Comctl32 Remote Code Execution Vulnerability Important No No
CVE-2019-0766 Microsoft Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0767 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0768 Internet Explorer Security Feature Bypass Vulnerability Important No No
CVE-2019-0772 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0774 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0775 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0776 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0778 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0779 Microsoft Edge Memory Corruption Vulnerability Important No No
CVE-2019-0782 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0783 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0798 Skype for Business and Lync Spoofing Vulnerability Important No No
CVE-2019-0821 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0611 Chakra Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0746 Chakra Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0780 Microsoft Browser Memory Corruption Vulnerability Important No No
CVE-2019-0816 Azure SSH Keypairs Security Feature Bypass Vulnerability Moderate No No
CVE-2019-0777 Team Foundation Server Cross-site Scripting Vulnerability Low No No

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
March 12, 2019
Love0
|||

March Patch Tuesday: Is the IoT Spying on You?

By News, Patch TuesdayNo Comments

Are you ready for IoT Patching?

Tech firm Hanwha Techwin is racing to fix 13 critical security holes found in its popular line of SmartCam security cameras. The patch rollout is part of public disclosure of the vulnerabilities set for today by researchers who discovered the bugs.

Flaws range from the use of an insecure HTTP communications protocol to weak credentials that could allow an attacker to take control of the camera or even use the device as a springboard to launch attacks within a connected network. The most serious flaws opens an attack vector where an adversary can root the camera and spoof the DNS server addresses specified in the camera’s settings, which could then be used as a launch pad to conduct additional attacks on devices sharing the same local network.

“The problem with current IoT device security is that everyone thinks there is no need to secure IoT devices such as security cameras, secure door locks because they are not traditionally used as access points for breaching company networks. You need to know which IoT devices you have in your network, so you need to start with a security toolset which can tell you (full article here).”

Malware found at 160 Applebee’s Restaurants across North America

RMH Franchise Holdings, which owns and operates more than 160 Applebee’s stores across the U.S., said that it recently discovered malware infecting its point of sale systems (POS). The malware may have enabled hackers to steal certain guests’ names, credit or debit card numbers, expiration dates and card verification codes processed during limited time periods. Upon learning of a potential incident,

RMH told Threatpost it promptly launched an investigation, obtained the help of leading cyber security forensics firms, and reported the matter to law enforcement. RMH said it operates its point-of-sale systems isolated from the broader Applebee’s network, and this notice applies only to RMH-owned Applebee’s restaurants. In a statement, RMH urged customers to monitor their bankcard statements (full article here).

Robert Brown, Director of Services for Verismic said, “Most viruses and malware exploit environments which do not implement a robust patching process rather than a lack of virus protection. It is always easier to prevent an attack than to clean up after a serious outbreak.”

Alexa, what’s so funny?

Amazon acknowledged on Wednesday that some of its Alexa-enabled devices have developed a new skill: creeping out their owners with unexpected and unwarranted bursts of robotic laughter.

“We’re aware of this and working to fix it,” Amazon said.

People began reporting the problem with their “smart” speakers on social media in recent weeks. After the publication of this article, Amazon announced a fix and apparent explanation for the ghostly laughter. The company suggested in an email that the laughs had occurred “in rare circumstances” because the speaker was picking up a “false positive” for the command “Alexa, laugh.”

Find out how many of these devices you have in your network by starting a trial of Syxsense.

[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

Microsoft addressed 74 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, Microsoft Exchange, Microsoft Office, and Microsoft ASP.NET. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service condition.

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

[vc_single_image image=”23833″ img_size=”full” alignment=”center”]
CVE ID Alert Description CVSS Score Recommended
CVE-2018-0808 Microsoft ASP.NET Core Denial of Service Vulnerability 7.5 Yes
CVE-2018-0875 Microsoft ASP.NET Core Denial of Service Vulnerability 7.5 Yes
CVE-2018-0889 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0891 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 7.5 Yes
CVE-2018-0903 Microsoft Access Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0935 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0868 Microsoft Windows Installer Privilege Escalation Vulnerability 7.4 Yes
CVE-2018-0888 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0886 Microsoft Windows Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0815 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0816 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0817 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0877 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0880 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0881 Microsoft Windows Video Control Privilege Escalation Vulnerability 7 Yes
CVE-2018-0882 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0977 Microsoft Windows Win32k Privilege Escalation Vulnerability 7 Yes
CVE-2018-0983 Microsoft Windows Storage Services Privilege Escalation Vulnerability 7 Yes
CVE-2018-0885 Microsoft Windows Hyper-V Denial of Service Vulnerability 5.8
CVE-2018-0811 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0813 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0814 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0919 Microsoft Office Information Disclosure Vulnerability 5.5
CVE-2018-0926 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0787 Microsoft ASP.NET Core Privilege Escalation Vulnerability 5.4
CVE-2018-0909 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0910 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0911 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0912 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0913 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0914 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0915 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0916 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0917 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0921 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0923 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0940 Microsoft Exchange Security Bypass Vulnerability 5.4
CVE-2018-0944 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0947 Microsoft SharePoint Privilege Escalation Vulnerability 5.4
CVE-2018-0884 Microsoft Windows Security Feature Bypass Vulnerability 5.3
CVE-2018-0902 Microsoft Windows Kernel Driver Security Feature Bypass Vulnerability 5.3
CVE-2018-0883 Microsoft Windows Shell Arbitrary Code Execution Vulnerability 5
CVE-2018-0894 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0895 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0896 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0897 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0898 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0899 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0900 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0901 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0904 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0907 Microsoft Office Excel Security Bypass Vulnerability 4.4
CVE-2018-0879 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0927 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0929 Microsoft Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0932 Microsoft Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0939 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0941 Microsoft Exchange Information Disclosure Vulnerability 4.3
CVE-2018-0872 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0873 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0874 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0876 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0893 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0922 Microsoft Office Memory Corruption Vulnerability 4.2
CVE-2018-0925 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0930 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0931 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0933 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0934 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0936 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0937 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0878 Microsoft Windows Remote Assistance Information Disclosure Vulnerability 3.1
CVE-2018-0924 Microsoft Exchange Information Disclosure Vulnerability 3.1
CVE-2018-0942 Microsoft Internet Explorer Security Bypass Vulnerability 3
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
March 13, 2018
Love0