Skip to main content
Tag

Microsoft Patch Tuesday

||

Microsoft’s November 2019 Patch Tuesday Fixes IE Zero-Day

By News, Patch Management, Patch Tuesday

Microsoft’s November 2019 Patch Tuesday Fixes IE Zero-Day

Microsoft has released 74 Patch Tuesday updates, including 13 Critical updates and a fix for a remote code execution vulnerability in Internet Explorer.

November 2019 Patch Tuesday: What to Expect

Microsoft has released 74 updates today – there are 13 Critical and 61 Important updates to deal with.

CVE-2019-1429 has been released to solve a bug that is being weaponized! This vulnerability should be treated as an ‘Out-of-Band’ update for anyone still using Internet Explorer. Previously, we have suggested moving away from IE—this is yet another reason to look for a safer browser for your business.

Robert Brown, Director of Services for Syxsense said, “The biggest risk our customers can take, is not treating weaponized vulnerabilities seriously enough. Weaponized vulnerabilities are often not the highest severity and aren’t prioritized enough by IT managers and security administrators. In this case, the severity is critical. If the vulnerability was exploited, it could easily be used to spread ransomware or take over a system. Please patch this now.”

Not Critical, But High Priority Patches

CVE-2019-1384 and CVE-2019-1424 have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these 8.5 and 8.1 respectively. CVE-2019-1384 is a vulnerability impacting all Windows operating systems from Windows 7 to Windows Server 2019 where an attacker could obtain key and sign in messages making some security login audit records redundant. It can also infect other machines.

We believe CVE-2019-1424 is particularly dangerous. If exposed, this vulnerability could downgrade the secure communications channel leading to communications messages being sent to Windows improperly—possibly even intercepted and recorded.

Latest Adobe Patches

Adobe released four patches for Adobe Animate CC, Illustrator CC, Bridge CC, and Media Encoder. The Media Encoder patch includes a critical fix for an out-of-bounds (OOB) that could allow code execution. Both Syxsense and Adobe recommend this Out-of-Band update be deployed within the next 7 days.

November 2019 Patch Tuesday Update

Based on the vendor severity and CVSS score, we have made a few recommendations for what to prioritize this month. Pay close attention to those under Publicly Aware and Weaponized.

 

CVE Ref. Description Vendor Severity CVSS Base Score Publicly Aware Weaponised Syxsense Secure Recommended
CVE-2019-1429 Scripting Engine Memory Corruption Vulnerability Critical 7.5 No Yes YES
CVE-2019-1373 Microsoft Exchange Remote Code Execution Vulnerability Critical NA No No YES
CVE-2019-1457 Microsoft Office Excel Security Feature Bypass Important NA Yes No YES
CVE-2019-1384 Microsoft Windows Security Feature Bypass Vulnerability Important 8.5 No No YES
CVE-2019-1424 NetLogon Security Feature Bypass Vulnerability Important 8.1 No No YES
CVE-2019-0721 Hyper-V Remote Code Execution Vulnerability Critical 8 No No YES
CVE-2019-1419 OpenType Font Parsing Remote Code Execution Vulnerability Critical 7.8 No No YES
CVE-2019-1379 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1380 Microsoft splwow64 Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1382 Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1383 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1385 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1388 Windows Certificate Dialog Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1393 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1394 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1395 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1396 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1405 Windows UPnP Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1407 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1408 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1415 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1416 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1417 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1420 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1422 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1423 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1456 OpenType Font Parsing Remote Code Execution Vulnerability Important 7.8 No No YES
CVE-2019-1389 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1397 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1398 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1390 VBScript Remote Code Execution Vulnerability Critical 7.5 No No YES
CVE-2019-1430 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Critical 7.3 No No YES
CVE-2019-1370 Open Enclave SDK Information Disclosure Vulnerability Important 7 No No YES
CVE-2019-1392 Windows Kernel Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1433 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1434 Win32k Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1435 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1437 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1438 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1441 Win32k Graphics Remote Code Execution Vulnerability Critical 6.7 No No YES
CVE-2019-1406 Jet Database Engine Remote Code Execution Vulnerability Important 6.7 No No
CVE-2019-1381 Microsoft Windows Information Disclosure Vulnerability Important 6.6 No No
CVE-2019-0712 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1309 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1310 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1374 Windows Error Reporting Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1391 Windows Denial of Service Vulnerability Important 5.5 No No
CVE-2019-1409 Windows Remote Procedure Call Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1436 Win32k Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1399 Windows Hyper-V Denial of Service Vulnerability Important 5.4 No No
CVE-2019-1324 Windows TCP/IP Information Disclosure Vulnerability Important 5.3 No No
CVE-2019-1412 OpenType Font Driver Information Disclosure Vulnerability Important 5 No No
CVE-2019-1440 Win32k Information Disclosure Vulnerability Important 5 No No
CVE-2018-12207 Windows Kernel Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-11135 Windows Kernel Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-1439 Windows GDI Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-1411 DirectWrite Information Disclosure Vulnerability Important 4.4 No No
CVE-2019-1432 DirectWrite Information Disclosure Vulnerability Important 4.4 No No
CVE-2019-1413 Microsoft Edge Security Feature Bypass Vulnerability Important 4.3 No No
CVE-2019-1426 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1427 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1428 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1418 Windows Modules Installer Service Information Disclosure Vulnerability Important 3.5 No No
CVE-2019-1234 Azure Stack Spoofing Vulnerability Important NA No No
CVE-2019-1402 Microsoft Office Information Disclosure Vulnerability Important NA No No
CVE-2019-1425 Visual Studio Elevation of Privilege Vulnerability Important NA No No
CVE-2019-1442 Microsoft Office Security Feature Bypass Vulnerability Important NA No No
CVE-2019-1443 Microsoft SharePoint Information Disclosure Vulnerability Important NA No No
CVE-2019-1445 Microsoft Office Online Spoofing Vulnerability Important NA No No
CVE-2019-1446 Microsoft Excel Information Disclosure Vulnerability Important NA No No
CVE-2019-1447 Microsoft Office Online Spoofing Vulnerability Important NA No No
CVE-2019-1448 Microsoft Excel Remote Code Execution Vulnerability Important NA No No
CVE-2019-1449 Microsoft Office ClickToRun Security Feature Bypass Vulnerability Important NA No No
CVE-2019-1454 Windows User Profile Service Elevation of Privilege Vulnerability Important NA No No

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 13, 2019
Love0

Patch Tuesday: October Update Includes Sleeper Vulnerability

By News, Patch Management, Patch Tuesday

Patch Tuesday: October Update Includes Sleeper Vulnerability

Microsoft released 59 updates for its monthly Patch Tuesday Update. Beware of a sleeper vulnerability and a patch that is being weaponized.

Microsoft’s October 2019 Patch Tuesday Fixes 59 Vulnerabilities

Microsoft has released 59 updates for its monthly Patch Tuesday Update, much less than September’s release of 80 updates. However, that doesn’t mean you can be complacent—there are still 9 Critical and 49 Important updates to deal with.

CVE-2019-1367 has been re-released and is being weaponized! This out-of-band update was actually released at the end of September, but following several misguided attempts to reassure customers, Microsoft released it to WSUS on October 7 and have released it again today. They also noted the updated patch addresses some ‘quality issues’ in the first versions of the patch. Customers of Syxsense had all versions available to them—including the uninstalls.

Our expert onboarding team helps implement a successful patching strategy to complement every customer’s environment with Syxsense, including the ability to roll back problematic updates.

Beware of a Sleeper Vulnerability

CVE-2019-1311 is only marked as Important, but this could have a huge impact if not addressed. It carries a CVSS score of 7.8 and could allow a sophisticated attack using the same credentials as the victim if exposed.

To exploit the vulnerability, an attacker needs to convince a user to open a specially crafted .WIM file. If you are concerned about moving to newer versions of Windows 10 and being vulnerable to the same attack, we recommend prioritizing this update.

CVE-2019-1340 Windows AppX Deployment Server and CVE-2019-1358 Windows Jet Database Engine also carry high CVSS severities which we recommend prioritizing.

Protect Roaming Users

A recent study revealed that companies are more concerned with protecting corporate networks that they took their eyes off roaming users. Roaming users, especially C-Level executives, were most vulnerable when using hotel or home networks which do not have the highest secure network level firewalls or Host Intrusion Prevention tools.

When choosing a cyber security solution, ensure the security of roaming users whenever they are connected to the internet—you cannot trust your users to connect into VPN.

Adobe Updates

There are no Adobe updates released today. However, keep your eyes peeled because Adobe does not always release updates on the same day as Microsoft.

Patch Tuesday Updates

We have made a few recommendations below which you should prioritize this month:

Our Recommendation CVE Reference Description Severity Publicly Announced Actively Exploited
Yes CVE-2019-1060 VBScript Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1238 VBScript Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1239 VBScript Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1307 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1308 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1333 Remote Desktop Client Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1335 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1366 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1372 Azure App Service Elevation of Privilege Vulnerability Critical No No
 Yes CVE-2019-1311 Windows Imaging API Remote Code Execution Vulnerability Important No No
CVE-2019-0608 Microsoft Browser Spoofing Vulnerability Important No No
CVE-2019-1070 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-1166 Windows NTLM Tampering Vulnerability Important No No
CVE-2019-1230 Hyper-V Information Disclosure Vulnerability Important No No
CVE-2019-1313 SQL Server Management Studio Information Disclosure Vulnerability Important No No
CVE-2019-1314 Windows 10 Mobile Security Feature Bypass Vulnerability Important No No
CVE-2019-1315 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important No No
CVE-2019-1316 Microsoft Windows Setup Elevation of Privilege Vulnerability Important No No
CVE-2019-1317 Microsoft Windows Denial of Service Vulnerability Important No No
CVE-2019-1318 Microsoft Windows Transport Layer Security Spoofing Vulnerability Important No No
CVE-2019-1319 Windows Error Reporting Elevation of Privilege Vulnerability Important No No
CVE-2019-1320 Microsoft Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-1321 Microsoft Windows CloudStore Elevation of Privilege Vulnerability Important No No
CVE-2019-1322 Microsoft Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-1323 Microsoft Windows Update Client Elevation of Privilege Vulnerability Important No No
CVE-2019-1326 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important No No
CVE-2019-1327 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2019-1328 Microsoft SharePoint Spoofing Vulnerability Important No No
CVE-2019-1329 Microsoft SharePoint Elevation of Privilege Vulnerability Important No No
CVE-2019-1330 Microsoft SharePoint Elevation of Privilege Vulnerability Important No No
CVE-2019-1331 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2019-1334 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-1336 Microsoft Windows Update Client Elevation of Privilege Vulnerability Important No No
CVE-2019-1337 Windows Update Client Information Disclosure Vulnerability Important No No
CVE-2019-1338 Windows NTLM Security Feature Bypass Vulnerability Important No No
CVE-2019-1339 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important No No
CVE-2019-1340 Microsoft Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-1341 Windows Power Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1342 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important No No
CVE-2019-1343 Windows Denial of Service Vulnerability Important No No
CVE-2019-1344 Windows Code Integrity Module Information Disclosure Vulnerability Important No No
CVE-2019-1345 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-1346 Windows Denial of Service Vulnerability Important No No
CVE-2019-1347 Windows Denial of Service Vulnerability Important No No
CVE-2019-1356 Microsoft Edge based on Edge HTML Information Disclosure Vulnerability Important No No
CVE-2019-1357 Microsoft Browser Spoofing Vulnerability Important No No
CVE-2019-1358 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1359 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1361 Microsoft Graphics Components Information Disclosure Vulnerability Important No No
CVE-2019-1362 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-1363 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1364 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-1365 Microsoft IIS Server Elevation of Privilege Vulnerability Important No No
CVE-2019-1369 Open Enclave SDK Information Disclosure Vulnerability Important No No
CVE-2019-1371 Internet Explorer Memory Corruption Vulnerability Important No No
CVE-2019-1368 Windows Secure Boot Security Feature Bypass Vulnerability Important No No
CVE-2019-1375 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important No No
CVE-2019-1376 SQL Server Management Studio Information Disclosure Vulnerability Important No No
CVE-2019-1325 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability Moderate No No

 

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
October 8, 2019
Love0

Patch Tuesday: Massive September Updates

By News, Patch Management, Patch Tuesday

Patch Tuesday: Massive September Updates

Patch Tuesday is officially here. Microsoft has published 80 security fixes, but which patches should you prioritize this month?

September Patch Tuesday Release

Microsoft have released 80 patches today covering IE, Edge, ChakraCore, Windows and Office. There are 17 rated Critical and 62 Important with only 1 rated Moderate.

Urgent: Public and Exploited

There are a total of 4 vulnerabilities in this Patch Tuesday which are either publicly disclosed or being actively exploited. These vulnerabilities if exploited could allow easy elevation of privilege allowing the spread of malware or ransomware throughout your environment – these should be considered “Zero Day Vulnerabilities.”

Robert Brown, Director of Services for Verismic said, “We highly recommend these be prioritized for immediate deployment. Having an independent severity is essential along with the vendor severity is critically important for transparent prioritization of your next round of patching.”

Guess who’s back?

CVE-2010-3190 which resolves a vulnerability with MFC Insecure Library Loading Vulnerability with Exchange Server has been re-issued. Any customers who have any supported Exchange Server installed (Microsoft Exchange Server 2010 Service Pack 3, Microsoft Exchange Server 2013 or Microsoft Exchange Server 2016) should reinstall KB2565063. KB2565063 is a really old Visual C++ package linked t MS11-025.

Adobe Updates

Adobe have released 3 updates today resolving vulnerabilities with Flash and Application Manager.

Patch Tuesday Updates

We have made a few recommendations below which you should prioritize this month:

Verismic Recommended CVE Reference Description Severity Publicly Announced Actively Exploited
Yes CVE-2019-1214 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important No Yes
Yes CVE-2019-1215 Windows Elevation of Privilege Vulnerability Important No Yes
Yes CVE-2019-1235 Windows Text Service Framework Elevation of Privilege Vulnerability Important Yes No
Yes CVE-2019-1294 Windows Secure Boot Security Feature Bypass Vulnerability Important Yes No
Yes CVE-2019-0787 Remote Desktop Client Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0788 Remote Desktop Client Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1138 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1208 VBScript Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1217 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1221 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1236 VBScript Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1237 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1257 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1280 LNK Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1290 Remote Desktop Client Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1291 Remote Desktop Client Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1295 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1296 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1298 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1300 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1306 Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability Critical No No
CVE-2019-0928 Windows Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-1142 .NET Framework Elevation of Privilege Vulnerability Important No No
CVE-2019-1209 Lync 2013 Information Disclosure Vulnerability Important No No
CVE-2019-1216 DirectX Information Disclosure Vulnerability Important No No
CVE-2019-1219 Windows Transaction Manager Information Disclosure Vulnerability Important No No
CVE-2019-1220 Microsoft Browser Security Feature Bypass Vulnerability Important No No
CVE-2019-1231 Rome SDK Information Disclosure Vulnerability Important No No
CVE-2019-1232 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1233 Microsoft Exchange Denial of Service Vulnerability Important No No
CVE-2019-1240 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1241 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1242 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1243 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1244 DirectWrite Information Disclosure Vulnerability Important No No
CVE-2019-1245 DirectWrite Information Disclosure Vulnerability Important No No
CVE-2019-1246 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1247 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1248 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1249 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1250 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1251 DirectWrite Information Disclosure Vulnerability Important No No
CVE-2019-1252 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1253 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-1254 Windows Hyper-V Information Disclosure Vulnerability Important No No
CVE-2019-1256 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-1258 Azure Active Directory Authentication Library Elevation of Privilege Vulnerability Important No No
CVE-2019-1260 Microsoft SharePoint Elevation of Privilege Vulnerability Important No No
CVE-2019-1261 Microsoft SharePoint Spoofing Vulnerability Important No No
CVE-2019-1262 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-1263 Microsoft Excel Information Disclosure Vulnerability Important No No
CVE-2019-1264 Microsoft Office Security Feature Bypass Vulnerability Important No No
CVE-2019-1265 Microsoft Yammer Security Feature Bypass Vulnerability Important No No
CVE-2019-1266 Microsoft Exchange Spoofing Vulnerability Important No No
CVE-2019-1267 Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability Important No No
CVE-2019-1268 Winlogon Elevation of Privilege Vulnerability Important No No
CVE-2019-1269 Windows ALPC Elevation of Privilege Vulnerability Important No No
CVE-2019-1270 Microsoft Windows Store Installer Elevation of Privilege Vulnerability Important No No
CVE-2019-1271 Windows Media Elevation of Privilege Vulnerability Important No No
CVE-2019-1272 Windows ALPC Elevation of Privilege Vulnerability Important No No
CVE-2019-1273 Active Directory Federation Services XSS Vulnerability Important No No
CVE-2019-1274 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-1277 Windows Audio Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1278 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-1282 Windows Common Log File System Driver Information Disclosure Vulnerability Important No No
CVE-2019-1283 Microsoft Graphics Components Information Disclosure Vulnerability Important No No
CVE-2019-1284 DirectX Elevation of Privilege Vulnerability Important No No
CVE-2019-1285 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-1286 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1287 Windows Network Connectivity Assistant Elevation of Privilege Vulnerability Important No No
CVE-2019-1289 Windows Update Delivery Optimization Elevation of Privilege Vulnerability Important No No
CVE-2019-1292 Windows Denial of Service Vulnerability Important No No
CVE-2019-1293 Windows SMB Client Driver Information Disclosure Vulnerability Important No No
CVE-2019-1297 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2019-1299 Microsoft Edge based on Edge HTML Information Disclosure Vulnerability Important No No
CVE-2019-1301 .NET Core Denial of Service Vulnerability Important No No
CVE-2019-1302 ASP.NET Core Elevation Of Privilege Vulnerability Important No No
CVE-2019-1303 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-1305 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-1259 Microsoft SharePoint Spoofing Vulnerability Moderate No No

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 11, 2019
Love0
||

June Patch Tuesday: WSUS Needs Your Attention

By News, Patch Management, Patch Tuesday

June Patch Tuesday: WSUS Needs Your Attention

Microsoft has released 91 patches today—the largest release of the year so far. For those using WSUS 3.0 SP2, one update must be manually installed.

Patch Tuesday Release

Microsoft have released 91 patches today covering IE, Edge, ChakraCore, Skype, Windows and Office. There are 21 rated Critical and 66 Important, which so far this year is the largest release of this year. Thankfully no updates in this release are being exploited yet, but the sheer number of updates will certainly keep your IT manager busy this month.

Urgent – WSUS needs your manual attention for KB4484071

Microsoft is continuing its SHA1 to SHA2 signing process this month, with two planned changes. Windows 10 updates are automatic, but for those customers using WSUS 3.0 SP2, KB4484071 must be manually installed to support SHA2 updates.

Robert Brown, Director of Services said, “This has caught a lot of our readers out over the past few months. If your device does not support SHA2, you are not downloading the latest content which is making your devices safe.”

Could CVE-2019-1069 be the next BlueKeep?

Many of our IT staff utilize the Windows Scheduler to perform complex software installations, as it is super useful for installing software following complex reboot operations or installing software when there is no user logged on. Both our Cyber Security Analysts and other respected insider peers are highly concerned that this “Publicly Disclosed” vulnerability could be the next BlueKeep threat, due to the potential catastrophic exploit potential of this threat.

Adobe Updates

Thankfully, unlike Microsoft Adobe have only released 10 updates for Reader and Flash Player. All updates are Critical or Important priority 2 meaning IT Admins should install these updates within the next 30 days.

We have made a few recommendations below which you should prioritize, use Syxsense to organize and deploy Windows, third-party, Mac OS and Linux updates to keep your environment safe.

Patch Tuesday Release

Verismic Recommended CVE Identity Description / Type Severity Publicly Discovered Actively Being Exploited
Yes CVE-2019-1069 Task Scheduler Elevation of Privilege Vulnerability Important Yes No
Yes CVE-2019-1064 Windows Elevation of Privilege Vulnerability Important Yes No
Yes CVE-2019-0973 Windows Installer Elevation of Privilege Vulnerability Important Yes No
Yes CVE-2019-1053 Windows Shell Elevation of Privilege Vulnerability Important Yes No
Yes CVE-2019-0990 Scripting Engine Information Disclosure Vulnerability Critical No No
Yes CVE-2019-1023 Scripting Engine Information Disclosure Vulnerability Critical No No
Yes CVE-2019-0888 ActiveX Data Objects (ADO) Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0989 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0991 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0992 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0993 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1002 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1003 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1024 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1051 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1052 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1038 Microsoft Browser Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0985 Microsoft Speech API Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-1080 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0920 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0988 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-1055 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0620 Windows Hyper-V Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0709 Windows Hyper-V Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0722 Windows Hyper-V Remote Code Execution Vulnerability Critical No No
CVE-2019-0972 Local Security Authority Subsystem Service Denial of Service Vulnerability Important No No
CVE-2019-0941 Microsoft IIS Server Denial of Service Vulnerability Important No No
CVE-2019-1029 Skype for Business and Lync Server Denial of Service Vulnerability Important No No
CVE-2019-1025 Windows Denial of Service Vulnerability Important No No
CVE-2019-0710 Windows Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0711 Windows Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0713 Windows Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-1018 DirectX Elevation of Privilege Vulnerability Important No No
CVE-2019-0960 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-1014 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-1017 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-0943 Windows ALPC Elevation of Privilege Vulnerability Important No No
CVE-2019-1007 Windows Audio Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1021 Windows Audio Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1022 Windows Audio Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1026 Windows Audio Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1027 Windows Audio Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1028 Windows Audio Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0959 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important No No
CVE-2019-0984 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important No No
CVE-2019-1041 Windows Kernel Elevation of Privilege Vulnerability Important No No
CVE-2019-1065 Windows Kernel Elevation of Privilege Vulnerability Important No No
CVE-2019-1045 Windows Network File System Elevation of Privilege Vulnerability Important No No
CVE-2019-0983 Windows Storage Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0998 Windows Storage Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0986 Windows User Profile Service Elevation of Privilege Vulnerability Important No No
CVE-2019-1081 Microsoft Browser Information Disclosure Vulnerability Important No No
CVE-2019-0968 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0977 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1009 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1010 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1011 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1012 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1013 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1015 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1016 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1046 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1047 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1048 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1049 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1050 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-1039 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-1043 Comctl32 Remote Code Execution Vulnerability Important No No
CVE-2019-0904 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0905 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0906 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0907 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0908 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0909 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0974 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-1034 Microsoft Word Remote Code Execution Vulnerability Important No No
CVE-2019-1035 Microsoft Word Remote Code Execution Vulnerability Important No No
CVE-2019-1005 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-1054 Microsoft Edge Security Feature Bypass Vulnerability Important No No
CVE-2019-1019 Microsoft Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-1044 Windows Secure Kernel Mode Security Feature Bypass Vulnerability Important No No
CVE-2019-0996 Azure DevOps Server Spoofing Vulnerability Important No No
CVE-2019-1040 Windows NTLM Tampering Vulnerability Important No No
CVE-2019-1031 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-1032 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-1033 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-1036 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0948 Windows Event Viewer Information Disclosure Vulnerability Moderate No No

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

June 11, 2019
Love0
||

Not Your Usual Patch Tuesday: Rare Patch for Legacy Systems

By News, Patch Management, Patch Tuesday

Not Your Usual Patch Tuesday: May Updates

May includes a rare but urgent patch for previously unsupported versions: Windows XP, 7 and Server 2003.

Microsoft has released a security fix for several unsupported versions of Windows, including Windows XP and Windows Server 2003. If you are a user of either of those systems, you need to patch now.

The vulnerability, CVE-2019-0708, is a potentially ‘wormable’ flaw that could result in a malware attack like WannaCry. To exploit the vulnerability “an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP,” Microsoft officials noted.

“The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017,” explains Microsoft officials in today’s Microsoft Security Response Center (MSRC) blog post.

Even though unsupported, Windows 7, XP, and Server 2003, still account for over 35% of the Microsoft-based installations. This vulnerability could potentially affect over 400 million PCs worldwide.

Desktop Windows Version Market Share Worldwide - April 2019

Additionally, Remote Desktop alone has already been recognized as an insecure method of remote connection, whether using VPN or not.

An IT solution like Syxsense will facilitate a comprehensive patching strategy as well as offer a fully-encrypted Remote Control to ensure all systems are up to date and protected.

Organizations must act now and implement a proactive approach to securing their networks. An IT solution like Syxsense will facilitate a comprehensive patching strategy to ensure all systems are up to date.

Patch Tuesday Release

Microsoft have released 79 patches today covering IE, Edge, ChakraCore, .NET Framework, Azure, Windows and Office. There are 22 rated Critical and 57 are Important. In this release there are no Moderate or Low in severity, but this is up over last month’s release of 74 updates, so will keep you even busier than April.

Publicly Known & Active Exploits: Prioritize Now

Two of the updates CVE-2019-0863 and CVE-2019-0932 are “Publicly Discovered” where CVE-2019-0863 is already reported to be used in the wild where they are able to run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges – you must prioritise them now.

Robert Brown, Director of Services for Verismic said, “To exploit the vulnerability, an attacker must first gain unprivileged execution on a victims operating system which given the number of Remote Code Execution vulnerabilities in this release makes this specific vulnerability your number 1 priority.”

Adobe Updates

Adobe have released a shockingly huge release this month, counting up to 84 updates for Reader and Acrobat. All updates are Critical or Important priority 2 meaning IT Admins should install these updates within the next 30 days.

Patch Tuesday Release

Verismic Recommended CVE Identity Description / Type Severity Publicly Discovered Actively Being Exploited
Yes CVE-2019-0863 Windows Error Reporting Elevation of Privilege Vulnerability Important Yes Yes
Yes CVE-2019-0932 Skype for Android Information Disclosure Vulnerability Important Yes No
Yes CVE-2019-0912 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0913 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0914 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0915 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0916 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0917 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0922 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0924 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0925 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0927 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0933 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0937 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0903 GDI+ Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0929 Internet Explorer Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0940 Microsoft Browser Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0926 Microsoft Edge Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0953 Microsoft Word Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0708 Remote Desktop Services Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0884 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0911 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0918 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0725 Windows DHCP Server Remote Code Execution Vulnerability Critical No No
CVE-2019-0980 .NET Core Denial of Service Vulnerability Important No No
CVE-2019-0982 .NET Core Denial of Service Vulnerability Important No No
CVE-2019-0820 .NET Framework and .NET Core Denial of Service Vulnerability Important No No
CVE-2019-0981 .Net Framework and .Net Core Denial of Service Vulnerability Important No No
CVE-2019-0864 .NET Framework Denial of Service Vulnerability Important No No
CVE-2019-1000 Azure AD Connect Elevation of Privilege Vulnerability Important No No
CVE-2019-0727 Diagnostic Hub Standard Collector, Visual Studio Standard Collector Elevation of Privilege Vulnerability Important No No
CVE-2019-0938 Microsoft Edge Elevation of Privilege Vulnerability Important No No
CVE-2019-0957 Microsoft SharePoint Elevation of Privilege Vulnerability Important No No
CVE-2019-0958 Microsoft SharePoint Elevation of Privilege Vulnerability Important No No
CVE-2019-0942 Unified Write Filter Elevation of Privilege Vulnerability Important No No
CVE-2019-0892 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-0734 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0936 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0881 Windows Kernel Elevation of Privilege Vulnerability Important No No
CVE-2019-0707 Windows NDIS Elevation of Privilege Vulnerability Important No No
CVE-2019-0931 Windows Storage Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0971 Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability Important No No
CVE-2019-0930 Internet Explorer Information Disclosure Vulnerability Important No No
CVE-2019-0956 Microsoft SharePoint Server Information Disclosure Vulnerability Important No No
CVE-2019-0819 Microsoft SQL Server Analysis Services Information Disclosure Vulnerability Important No No
CVE-2019-0758 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0882 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0961 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0886 Windows Hyper-V Information Disclosure Vulnerability Important No No
CVE-2019-0923 Chakra Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0889 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0890 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0891 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0893 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0894 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0895 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0896 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0897 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0898 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0899 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0900 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0901 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0902 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0945 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0946 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0947 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0952 Microsoft SharePoint Server Remote Code Execution Vulnerability Important No No
CVE-2019-0885 Windows OLE Remote Code Execution Vulnerability Important No No
CVE-2019-0995 Internet Explorer Security Feature Bypass Vulnerability Important No No
CVE-2019-1008 Microsoft Dynamics On-Premise Security Feature Bypass Important No No
CVE-2019-0733 Windows Defender Application Control Security Feature Bypass Vulnerability Important No No
CVE-2019-0921 Internet Explorer Spoofing Vulnerability Important No No
CVE-2019-0949 Microsoft SharePoint Spoofing Vulnerability Important No No
CVE-2019-0950 Microsoft SharePoint Spoofing Vulnerability Important No No
CVE-2019-0951 Microsoft SharePoint Spoofing Vulnerability Important No No
CVE-2019-0976 NuGet Package Manager Tampering Vulnerability Important No No
CVE-2019-0872 Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0979 Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0963 Microsoft Office SharePoint XSS Vulnerability Important No No

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
May 15, 2019
Love0
||

April Patch Tuesday: Stop Active Exploits

By News, Patch Management, Patch Tuesday

April Patch Tuesday: Stop Active Exploits

Microsoft's security release for April covers 74 vulnerabilities in a wide range of products, including two actively exploited zero-days.

Microsoft have released 74 patches today covering IE, Edge, Exchange, Windows and Office. There are 13 rated Critical and 61 are Important. In this release there are no Moderate or Low in severity but this is up over last month’s release of 64 updates, this release will keep you busy.

Prioritize Active Exploits

Two of the updates CVE-2019-0803 and CVE-2019-0859 are “Being Exploited” meaning you should  prioritise them now. Robert Brown, Director of Services for Verismic said, “You should treat these updates with the highest importance because a similar vulnerability this year in Win32k elevation caused some significant global intrusions via malware infections.”

Adobe Updates

Adobe have released 8 updates today, for Reader, Flash, Shockwave, InDesign and Dreamweaver and a few others. The update for Flash is Critical meaning IT Admins should install these updates within the next 30 days.

Some Features Updates are Now Retired

Act now to keep your environment future proofed as updates will automatically uninstall.

Today the Windows 10 feature update version 1709 (and previous) is retired on Home, Pro and Pro for Workstations editions. If you try to deploy any security updates / patches to Windows 10 which are no longer supported, those updates will uninstall the next time the PC restarts. Ask your account manager how Syxsense can help you deploy your Windows 10 Feature Updates.

We have made a few recommendations below which you should prioritize, use Syxsense to organize and deploy Windows, third-party, Mac OS, and Linux updates to keep your environment safe.

Patch Tuesday Release

Verismic Recommended ID Description Severity Publicly Disclosed Actively being Exploited
Yes CVE-2019-0803 Win32k Elevation of Privilege Vulnerability Important No Yes
Yes CVE-2019-0859 Win32k Elevation of Privilege Vulnerability Important No Yes
Yes CVE-2019-0739 Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0786 SMB Server Elevation of Privilege Vulnerability Critical No No
Yes CVE-2019-0791 MS XML Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0792 MS XML Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0793 MS XML Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0806 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0810 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0812 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0829 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0845 Windows IOleCvt Interface Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0853 GDI+ Remote Code Execution Vulnerability Critical No No
Yes CVE-2019-0860 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
Yes CVE-2019-0861 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No
CVE-2019-0685 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-0688 Windows TCP/IP Information Disclosure Vulnerability Important No No
CVE-2019-0730 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0731 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0732 Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-0735 Windows CSRSS Elevation of Privilege Vulnerability Important No No
CVE-2019-0752 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0753 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0764 Microsoft Browsers Tampering Vulnerability Important No No
CVE-2019-0790 MS XML Remote Code Execution Vulnerability Important No No
CVE-2019-0794 VBScript Remote Code Execution Vulnerability Important No No
CVE-2019-0795 MS XML Remote Code Execution Vulnerability Important No No
CVE-2019-0796 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0801 Office Remote Code Execution Vulnerability Important No No
CVE-2019-0802 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0805 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0813 Windows Admin Center Elevation of Privilege Vulnerability Important No No
CVE-2019-0814 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0815 ASP.NET Core Denial of Service Vulnerability Important No No
CVE-2019-0817 Microsoft Exchange Spoofing Vulnerability Important No No
CVE-2019-0822 Microsoft Graphics Components Remote Code Execution Vulnerability Important No No
CVE-2019-0823 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0824 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0825 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0826 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0827 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0828 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2019-0830 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0831 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0833 Microsoft Edge Information Disclosure Vulnerability Important No No
CVE-2019-0835 Microsoft Scripting Engine Information Disclosure Vulnerability Important No No
CVE-2019-0836 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0837 DirectX Information Disclosure Vulnerability Important No No
CVE-2019-0838 Windows Information Disclosure Vulnerability Important No No
CVE-2019-0839 Windows Information Disclosure Vulnerability Important No No
CVE-2019-0840 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0841 Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0842 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0844 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0846 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0847 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0848 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0849 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0851 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0856 Windows Remote Code Execution Vulnerability Important No No
CVE-2019-0857 Team Foundation Server Spoofing Vulnerability Important No No
CVE-2019-0858 Microsoft Exchange Spoofing Vulnerability Important No No
CVE-2019-0862 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0866 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0867 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0868 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0869 Team Foundation Server HTML Injection Vulnerability Important No No
CVE-2019-0870 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0871 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0874 Team Foundation Server Cross-site Scripting Vulnerability Important No No
CVE-2019-0875 Azure DevOps Server Elevation of Privilege Vulnerability Important No No
CVE-2019-0876 Open Enclave SDK Information Disclosure Vulnerability Important No No
CVE-2019-0877 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0879 Jet Database Engine Remote Code Execution Vulnerability Important No No

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
April 9, 2019
Love0
||

March Patch Tuesday: Eliminate the Exploits

By News, Patch Management, Patch Tuesday

March Patch Tuesday: Eliminate the Exploits

It's the second Tuesday of March, which means it's time for another round of Patch Tuesday security updates.

Microsoft has released 64 patches today covering IE, Edge, Exchange, Windows and Office. There are 17 rated Critical, 45 rated Important, 1 is rated Moderate and is rated Low in severity—this is much less than last month’s release of over 80 updates, however there are still some surprises in this release to keep you busy.

Prioritize Now: Public Announced and Current Exploits

Four of the updates CVE-2019-0683, CVE-2019-0754, CVE-2019-0757 and CVE-2019-0809 are marked as “Publicly Disclosed” meaning there is an increased risk of attack in the very near future, and two updates CVE-2019-0797 & CVE-2019-0808 are marked as “Being Exploited” meaning you should prioritize them now.

Robert Brown, Director of Services for Verismic said, “You should treat these 6 updates with the highest importance, and you should especially treat CVE-2019-0797 & CVE-2019-0808 as a Zero Day because active exploits means actual attempts on your networks by those who wish to expose your data.”

Adobe Patches Flash, Photoshop and Digital Editions

Adobe has given a slight reprieve to IT managers this month by releasing only 3 updates: one for Flash, Photoshop and Digital Editions. Although these updates carry a Critical severity, they are ranked by Adobe with a Priority of 3 meaning administrators should install these updates at their discretion.

Features Updates Due for Retirement

On April 9, the Windows 10 feature update version 1709 will be due for retirement on Home, Pro and Pro for Workstations editions. If you are still using Enterprise or Education editions, you have another year to plan your upgrade.

Use Syxsense to organize and deploy Windows, third-party, Mac OS and Linux updates to keep your environment safe. Our clients love having control over when and where the scanning and deployment of updates takes place, providing peace of mind to any IT department.

Patch Tuesday Release

ID Description Severity Publicly Announced Actively Exploited Recommended
CVE-2019-0797 Win32k Elevation of Privilege Vulnerability Important No Yes Yes
CVE-2019-0808 Win32k Elevation of Privilege Vulnerability Important No Yes Yes
CVE-2019-0683 Active Directory Elevation of Privilege Vulnerability Important Yes No Yes
CVE-2019-0754 Windows Denial of Service Vulnerability Important Yes No Yes
CVE-2019-0757 NuGet Package Manager Tampering Vulnerability Important Yes No Yes
CVE-2019-0809 Visual Studio Remote Code Execution Vulnerability Important Yes No Yes
CVE-2019-0592 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0603 Windows Deployment Services TFTP Server Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0609 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0639 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0666 Windows VBScript Engine Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0667 Windows VBScript Engine Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0680 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0697 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0698 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0726 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0756 MS XML Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0763 Internet Explorer Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0769 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0770 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0771 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0773 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0784 Windows ActiveX Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0612 Microsoft Edge Security Feature Bypass Vulnerability Important No No
CVE-2019-0614 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0617 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0665 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0678 Microsoft Edge Elevation of Privilege Vulnerability Important No No
CVE-2019-0682 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0689 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0690 Windows Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0692 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0693 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0694 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0695 Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0696 Windows Kernel Elevation of Privilege Vulnerability Important No No
CVE-2019-0701 Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0702 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0703 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0704 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0748 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0755 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0759 Windows Print Spooler Information Disclosure Vulnerability Important No No
CVE-2019-0761 Windows Security Zone Bypass Vulnerability Important No No
CVE-2019-0762 Microsoft Browsers Security Feature Bypass Vulnerability Important No No
CVE-2019-0765 Comctl32 Remote Code Execution Vulnerability Important No No
CVE-2019-0766 Microsoft Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0767 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0768 Internet Explorer Security Feature Bypass Vulnerability Important No No
CVE-2019-0772 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0774 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0775 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0776 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0778 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0779 Microsoft Edge Memory Corruption Vulnerability Important No No
CVE-2019-0782 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0783 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0798 Skype for Business and Lync Spoofing Vulnerability Important No No
CVE-2019-0821 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0611 Chakra Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0746 Chakra Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0780 Microsoft Browser Memory Corruption Vulnerability Important No No
CVE-2019-0816 Azure SSH Keypairs Security Feature Bypass Vulnerability Moderate No No
CVE-2019-0777 Team Foundation Server Cross-site Scripting Vulnerability Low No No

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
March 12, 2019
Love0
||||

February Patch Tuesday: Disable Windows Update

By News, Patch Management, Patch Tuesday

February Patch Tuesday: Disable Windows Update

It's the second Tuesday of February, which means it's time for another round of Patch Tuesday security updates from Microsoft.

Microsoft has released almost 80 security patches today covering IE, Edge, Exchange, Windows, .NET Framework and Office. There are only 20 rated Critical, 54 rated Important, and 3 are rated Moderate in severity.

Four of the updates released CVE-2019-0636, CVE-2019-0686, CVE-2019-0646 and CVE-2019-0647 are marked as “Publicly Disclosed” meaning there is an increased risk of attack in the near future. Although they are marked Important, we would highly recommend these updates be prioritized this month.

Why should you disable Windows Update?

Many of our customers are concerned that updates released by Microsoft cause significant user disruption, and are simply unable to keep up with the constant fire fighting bad patches give an IT department.

The first reaction is not to patch. This places your environment and users’ identity at risk of exposure, and risk a total network breach. Leaving Windows Update enabled in its default setting downloads and installs all updates released by Microsoft on the same day they are released, leaving your IT department no time to test.

Our clients like the way Syxsense provides the control over when and where the scanning and deployment of updates takes place, providing much relieved stress to any IT department. Ask us how Maintenance Windows can help schedule any patch deployment over high dispersed environments.

Adobe Releases Over 70 Updates

Acrobat and Reader from version 2019.010.20069 and earlier for both Windows and Mac OS are affected. All updates carry a Priority Rating of 2 meaning there is an elevated risk of exploit although no active exploits are known to exist in the wild.

Robert Brown, Director of Services said, “Adobe use their Priority Rating to illustrate how quickly users should update their systems, in this case they recommend within 30 days. Users using Mac OS who usually update their systems manually can truly benefit from the remote patching capability of Syxsense which enables automation over a typical otherwise manual method.”

Of the 71 updates released today, 43 are rating Critical. If exploited, this would allow malicious native-code to execute, potentially without a user being aware.

Is it time to replace IE?

Over the past several months there is an increasing amount of “Actively Exploited” updates being fixed by Microsoft. CVE-2019-0676 is no exception, and as it involved Internet Explorer which is still highly used we would recommend this update be one of your top priorities.

If you wish to replace IE with another browser, Syxsense can deploy the software throughout your environment, and better still your new browser can be kept up date using the Patch Manager solution. Replace your IE browser before an exploit ruins your Valentine’s Day.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Patch Tuesday Release

CVE ID Patch Description Severity Publicly Disclosed Active Exploited Recommended
CVE-2019-0676 Internet Explorer Information Disclosure Vulnerability Important No Yes Yes
CVE-2019-0636 Windows Information Disclosure Vulnerability Important Yes No Yes
CVE-2019-0686 Microsoft Exchange Server Elevation of Privilege Vulnerability Important Yes No Yes
CVE-2019-0646 Team Foundation Server Cross-site Scripting Vulnerability Important Yes No Yes
CVE-2019-0647 Team Foundation Server Information Disclosure Vulnerability Important Yes No Yes
CVE-2019-0590 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0591 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0593 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0594 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0604 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0605 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0606 Internet Explorer Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0607 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0618 GDI+ Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0626 Windows DHCP Server Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0634 Microsoft Edge Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0640 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0642 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0644 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0645 Microsoft Edge Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0650 Microsoft Edge Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0651 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0652 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0655 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0662 GDI+ Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0540 Microsoft Office Security Feature Bypass Vulnerability Important No No
CVE-2019-0595 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0596 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0597 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0598 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0599 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0600 HID Information Disclosure Vulnerability Important No No
CVE-2019-0601 HID Information Disclosure Vulnerability Important No No
CVE-2019-0602 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0610 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0613 .NET Framework and Visual Studio Remote Code Execution Vulnerability Important No No
CVE-2019-0615 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0616 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0619 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0621 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0623 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-0625 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0627 Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-0628 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0630 Windows SMB Remote Code Execution Vulnerability Important No No
CVE-2019-0631 Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-0632 Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-0633 Windows SMB Remote Code Execution Vulnerability Important No No
CVE-2019-0635 Windows Hyper-V Information Disclosure Vulnerability Important No No
CVE-2019-0637 Windows Defender Firewall Security Feature Bypass Vulnerability Important No No
CVE-2019-0648 Scripting Engine Information Disclosure Vulnerability Important No No
CVE-2019-0649 Scripting Engine Elevation of Privileged Vulnerability Important No No
CVE-2019-0654 Microsoft Browser Spoofing Vulnerability Important No No
CVE-2019-0656 Windows Kernel Elevation of Privilege Vulnerability Important No No
CVE-2019-0657 .NET Framework and Visual Studio Spoofing Vulnerability Important No No
CVE-2019-0658 Scripting Engine Information Disclosure Vulnerability Important No No
CVE-2019-0659 Windows Storage Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0660 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0661 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0664 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0668 Microsoft SharePoint Elevation of Privilege Vulnerability Important No No
CVE-2019-0669 Microsoft Excel Information Disclosure Vulnerability Important No No
CVE-2019-0724 Microsoft Exchange Server Elevation of Privilege Vulnerability Important No No
CVE-2019-0728 Visual Studio Code Remote Code Execution Vulnerability Important No No
CVE-2019-0641 Microsoft Edge Security Feature Bypass Vulnerability Moderate No No
CVE-2019-0643 Microsoft Edge Information Disclosure Vulnerability Moderate No No
CVE-2019-0670 Microsoft SharePoint Spoofing Vulnerability Moderate No No
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
February 13, 2019
Love0

Patch Tuesday: January Updates

By News, Patch Management, Patch Tuesday, Uncategorized

Patch Tuesday Release: The Latest News

Microsoft has released 49 security patches today. There are seven Critical severity patches in this release however almost half resolve a remote code execution issue.
Eleven of the others are important remote code execution patches, and one of these patches is listed as publicly known which we are highly recommend be prioritized this month.

Adobe Flash, Connect and Digital Editions

Adobe has released updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS.  These updates address feature and performance bugs, but do not include security fixes.

The Adobe Connect update resolves an important session token exposure vulnerability and the update for Adobe Digital resolved a vulnerability which if successful exploitation could lead to information disclosure in the context of the current user.
All of these updates are Priority 3, which means Exploitation is not known or likely.

CVE-2019-0579

Although this update has a Severity rating of Important, is publicly disclosed, and although there is no evidence that this is being actively exploited in the wild, these types of updates are commonly used to expose customer environments – as demonstrated by the independent CVSS score of 7.8 out of 10.
Robert Brown, Director of Services for Verismic said, “You should not leave Windows Update in its automatic mode as updates like this would typically be lower priority and therefore not deployed automatically. You should have enough information to make informed choices in your selection of patches, and that includes being able to see independent CVSS scores and whether the vulnerability has been made Public or known to be Actively Exploited.”
Syxsense provides that information so you do not need to reply on default Windows Update patching.

7GB of Storage – ‘Reserve Storage’

Windows doesn’t check if a device has enough space before installing an update. The current solution is for users to manually delete unnecessary temporary files and temporarily move those files like photos and films to external storage to make enough space.

Microsoft have announced that a future “Quality Update” could automatically earmark 7GB of storage on your local hard drive to future proof any download of large updates going forward.
What is concerning is this space cannot be retrieved or paid back to Windows – so any device with the older generation SDD drives or smaller hard drive are likely to run out of space.

Patch Tuesday Release

CVE ID Description Severity Publicly Discovered Actively Exploited Recommended
CVE-2019-0579 Jet Database Engine Remote Code Execution Vulnerability Important Yes No Yes
CVE-2019-0539 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0568 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0567 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0565 Microsoft Edge Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0547 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0550 Windows Hyper-V Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0551 Windows Hyper-V Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0564 ASP.NET Core Denial of Service Vulnerability Important No No
CVE-2019-0548 ASP.NET Core Denial of Service Vulnerability Important No No
CVE-2019-0566 Microsoft Edge Elevation of Privilege Vulnerability Important No No
CVE-2019-0562 Microsoft SharePoint Elevation of Privilege Vulnerability Important No No
CVE-2019-0543 Microsoft Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0555 Microsoft Xml Document Elevation of Privilege Vulnerability Important No No
CVE-2019-0552 Windows COM Elevation of Privilege Vulnerability Important No No
CVE-2019-0571 Windows Data Sharing Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0572 Windows Data Sharing Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0573 Windows Data Sharing Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0574 Windows Data Sharing Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0570 Windows Runtime Elevation of Privilege Vulnerability Important No No
CVE-2019-0545 ASP.NET Information Disclosure Vulnerability Important No No
CVE-2019-0560 Microsoft Office Information Disclosure Vulnerability Important No No
CVE-2019-0559 Microsoft Outlook Information Disclosure Vulnerability Important No No
CVE-2019-0537 Microsoft Visual Studio Information Disclosure Vulnerability Important No No
CVE-2019-0561 Microsoft Word Information Disclosure Vulnerability Important No No
CVE-2019-0536 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0549 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0554 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0569 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0553 Windows Subsystem for Linux Information Disclosure Vulnerability Important No No
CVE-2019-0541 Internet Explorer Remote Code Execution Vulnerability Important No No
CVE-2019-0538 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0575 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0576 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0577 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0578 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0580 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0581 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0582 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0583 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0584 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0588 Microsoft Exchange Information Disclosure Vulnerability Important No No
CVE-2019-0586 Microsoft Exchange Memory Corruption Vulnerability Important No No
CVE-2019-0585 Microsoft Word Remote Code Execution Vulnerability Important No No
CVE-2019-0556 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0557 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0558 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0622 Skype for Android Elevation of Privilege Vulnerability Moderate No No
CVE-2019-0546 Visual Studio Remote Code Execution Vulnerability Moderate No No
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
January 8, 2019
Love0
||

December Patch Tuesday: Disclosed & Exploited

By News, Patch Management, Patch Tuesday

Patch Tuesday Release: The Latest News

Microsoft has released half the updates they released last month: 39 security patches total.

Thee cover Internet Explorer (IE), Edge, ChakraCore, Hyper-V, Exchange, Windows components, .NET Core, SQL Server, and Microsoft Office.  9 of these are listed as Critical with the remaining 30 as Important.

Adobe Fixes Many Vulnerabilities

Adobe on the other have released almost 90 updates today, and all are marked Important for Adobe Acrobat and Reader. To our knowledge none of the updates released today are being exposed in the wild, but we would recommend you implement these as part of your third-party patching strategy.

Several Vulnerabilities Require Your Attention: Turn Off Windows Update

CVE-2018-8611 and CVE-2018-8517 are two important updates you need to prioritize this month. Not because they have the highest severity, but because these are publicly disclosed and actively being exploited.

CVE-2018-8611 is an update being exposed by malware which is exposing networks all over the world. Robert Brown, Director of Services for Verismic said, “Just this week we have learned one of Italy’s oil and gas exploration giants have suffered a relentless cyber-attack causing server infrastructure to go offline. Often it’s these companies who think by leaving Windows Update in its default mode are protecting their environment from zero day attacks and sophisticated espionage.”

The Best Patch Strategy

We recommend our Syxsense clients take a safe and calculated approach to managing their security. Turn off the default Windows patching mode and implementing a fully rigorous, selective but fully secure patching strategy.

Patch Tuesday Release

CVE ID Description Severity Public Exploited Recommended
CVE-2018-8611 Windows Kernel Elevation of Privilege Vulnerability Important No Yes Yes
CVE-2018-8517 .NET Framework Denial Of Service Vulnerability Important Yes No Yes
CVE-2018-8540 .NET Framework Remote Code Injection Vulnerability Critical No No Yes
CVE-2018-8583 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8617 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8618 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8624 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8626 Windows DNS Server Heap Overflow Vulnerability Critical No No Yes
CVE-2018-8629 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8631 Internet Explorer Memory Corruption Vulnerability Critical No No Yes
CVE-2018-8634 Microsoft Text-To-Speech Remote Code Execution Vulnerability Critical No No Yes
CVE-2018-8477 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2018-8514 Remote Procedure Call runtime Information Disclosure Vulnerability Important No No
CVE-2018-8580 Microsoft SharePoint Information Disclosure Vulnerability Important No No
CVE-2018-8587 Microsoft Outlook Remote Code Execution Vulnerability Important No No
CVE-2018-8595 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2018-8596 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2018-8597 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2018-8598 Microsoft Excel Information Disclosure Vulnerability Important No No
CVE-2018-8599 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Important No No
CVE-2018-8604 Microsoft Exchange Server Tampering Vulnerability Important No No
CVE-2018-8612 Connected User Experiences and Telemetry Service Denial of Service Vulnerability Important No No
CVE-2018-8619 Internet Explorer Remote Code Execution Vulnerability Important No No
CVE-2018-8621 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2018-8622 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2018-8625 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2018-8627 Microsoft Excel Information Disclosure Vulnerability Important No No
CVE-2018-8628 Microsoft PowerPoint Remote Code Execution Vulnerability Important No No
CVE-2018-8635 Microsoft SharePoint Server Elevation of Privilege Vulnerability Important No No
CVE-2018-8636 Microsoft Excel Remote Code Execution Vulnerability Important No No
CVE-2018-8637 Win32k Information Disclosure Vulnerability Important No No
CVE-2018-8638 DirectX Information Disclosure Vulnerability Important No No
CVE-2018-8639 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2018-8641 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2018-8643 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2018-8649 Windows Denial of Service Vulnerability Important No No
CVE-2018-8650 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2018-8651 Microsoft Dynamics NAV Cross Site Scripting Vulnerability Important No No
CVE-2018-8652 Windows Azure Pack Cross Site Scripting Vulnerability Important No No
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
December 12, 2018
Love0