Microsoft recalled another Windows SSU update — the second time in a week. Manual intervention was required to restore full OS functionality.
[vc_empty_space]
[vc_single_image image=”364643″ img_size=”full”]
Microsoft Recalls Windows SSU Twice
For the second time in a week, Microsoft recalled another Windows SSU update. Earlier this week Microsoft released KB5001078 as a replacement for KB4601392.
Now Microsoft have recalled yet another Windows SSU update KB4601390 replacing it with KB5001079. The two replacements appear to have the same symptoms where Windows 10 security updates would effectively hang during the installation before reaching 30%, meaning a manual intervention was needed to restore operating system functionality.
Robert Brown, Chief Customer Success Officer said, “For anyone deploying these updates remotely, the problem could have been exasperated further as users working from home would have to intervene in restoring full functionality of their Windows 10 operating system. We were aware very quickly of the issues and recalled this content from the Syxsense patch management content.”
For Syxsense users, the replacement updates are available to deploy to your devices.
What are Servicing Stack Updates?
Servicing stack updates provide fixes to the Windows servicing stack — the fundamental component that installs Windows updates. It also contains the “component-based servicing stack” (CBS), which is a key underlying component for several elements of Windows deployment, such as DISM, SFC, changing Windows features or roles, and repairing components.
Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don’t install the latest servicing stack update, there’s a risk that your device can’t be updated with the latest Microsoft security fixes.
November Patch Tuesday 2020 Fixes 112 Vulnerabilities
November Patch Tuesday has arrived with over 100 vulnerabilities remediated, including an actively exploited Windows Kernel flaw.
[vc_empty_space]
[vc_single_image image=”230489″ img_size=”full”]
November Patch Tuesday Arrives with 112 Fixes
There were 112 vulnerabilities remediated including 17 Critical, 93 Important and 2 marked Low. Microsoft fixed 25 more vulnerabilities this month than October Patch Tuesday and provided a weaponized threat to urgently resolve.
Security updates are also released for Microsoft Office, Internet Explorer, Microsoft Edge, Microsoft Exchange Server, Microsoft Dynamics, Microsoft Windows Codecs Library, Azure Sphere, Windows Defender, Microsoft Teams, Azure SDK, Azure DevOps and Visual Studio.
There have also been a lot of Windows 7 and Windows Server 2008 (including R2) vulnerabilities for anyone who has subscribed to extended support – Windows 7 and Windows Server 2008 (including R2) both has 20 vulnerabilities: 2 Critical and 18 Important.
Robert Brown, Director of Services for Syxsense said, Along with Microsoft, Adobe fixed 14 bugs last week for Acrobat and Reader and fixed 3 additional bugs for Reader (Android) and Adobe Connect. These issues have been given a Priority 2 which means Adobe is recommending deployment of patches within 30 days.
Top November Patches and Vulnerabilities
CVE-2020-17087: Windows Kernel Local Elevation of Privilege Vulnerability this vulnerability is both Weaponized and Public Aware, combined with the CVSS Score of 7.8 and no countermeasure, this should be remediated immediately.
Buffer overflow vulnerability in the Windows Kernel, initially made Public Aware when it was used to expose Google Chrome Zero Day in October. This is a very serious issue as the overflow allowed a hacker to break out of the sandbox.
Affects Windows 7,8,10 &Windows Server 2008, 2012, 2016
Workaround: None
Reboot: Maybe
CVE-2020-17051: Windows Network File System Remote Code Execution Vulnerability has a CVSS score of 9.8 making this one of the top 3 highest vulnerabilities to prioritize this month, no countermeasure is available.
This vulnerability will impact companies who are Windows and Linux for file sharing. If exploited, it could cause a Blue / Black Screen failure with the NFS driver or allow code execution.
Exploitation: More Likely where NFS is used
Affects Windows Server 2008, 2012, 2016, 2019 Core
Workaround: None
Reboot: Maybe
CVE-2020-17042: Windows Error Reporting Elevation of Privilege Vulnerability has a CVSS score of 8.8 with no countermeasure and does not require complex access or user privilege.
Severity: Critical
Affects Windows 7,8,10 & Windows Server 2008, 2012, 2016
Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month; please pay close attention to any of these which are Publicly Aware and / or Weaponized.
CVE Reference
Description
Vendor Severity
CVSS Score
Weaponised
Publicly Aware
Countermeasure
Syxsense Recommended
CVE-2020-17087
Windows Kernel Local Elevation of Privilege Vulnerability
Important
7.8
Yes
Yes
No
Yes
CVE-2020-17051
Windows Network File System Remote Code Execution Vulnerability
Critical
9.8
No
No
No
Yes
CVE-2020-17042
Windows Print Spooler Remote Code Execution Vulnerability
Critical
8.8
No
No
No
Yes
CVE-2020-17061
Microsoft SharePoint Remote Code Execution Vulnerability
Important
8.8
No
No
No
Yes
CVE-2020-17084
Microsoft Exchange Server Remote Code Execution Vulnerability
The vulnerability is marked as Critical and carries a CVSS score of 10.0 which is the highest score available.
We have completed our internal testing and based on this evidence; plus, information we have seen in the community relating to potential issues with 32bit application compatibility we are recommending a careful deployment of this patch. We would recommend waiting at least 24 hours before a site wide deployment.
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
Experience the Power of Syxsense
Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.
[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
Microsofts March 2020 Patch Tuesday is Absolutely Massive
Right on schedule, the official Patch Tuesday updates have arrived for March, including 115 vulnerability fixes. Catch up on the latest news from Microsoft and start patching.
Support for Windows 7 and Windows Server 2008 (including R2) was officially ended in January, but there are plenty of updates released this month for customers who have purchased an extension agreement.
Robert Brown, Director of Services for Syxsense said, A large portion of the Critical updates released today are for the Internet Explorer browser, including four of these CVEs for Windows 7. Even if your corporate policy is to use an alternative browser, if your devices have the IE binaries on the system drive, then you must patch.
New Windows 7 Vulnerabilities
For those still using this legacy operating system, we have listed the updates you need to prioritize in this Patch Tuesday:
CVE-2020-0832, CVE-2020-0833, CVE-2020-0824, CVE-2020-0847 – Internet Explorer 11 – In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.
CVE-2020-0844 – Connected User Experiences and Telemetry Service – The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service handles file operations.
CVE-2020-0645 – Microsoft IIS Server Tampering – The update addresses the vulnerability by modifying how IIS Server handles malformed request headers.
CVE-2020-0788, CVE-2020-0877, CVE-2020-0887 – Win32k Elevation – The update addresses this vulnerability by correcting how Win32k handles objects in memory.
CVE-2020-0787 – Windows Background Intelligent Transfer Service – The security update addresses the vulnerability by correcting how Windows BITS handles symbolic links.
CVE-2020-0769 – Windows CSC – The security update addresses the vulnerability by correcting how the Windows CSC Service handles memory.
CVE-2020-0849 Windows Hard Link – The security update addresses the vulnerability by correcting how Windows handles hard links.
CVE-2020-0779 – Windows Installer – The security update addresses the vulnerability by modifying how reparse points are handled by the Windows Installer.
CVE-2020-0778 – Windows Network Connections Service – The security update addresses the vulnerability by ensuring the Windows Network Connections Service properly handles objects in memory.
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
Experience the Power of Syxsense
Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.
[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
Syxsense Recommendations
Based on the vendor severity and CVSS score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are Publicly Aware and / or Weaponized.
CVE Ref.
Description
Vendor Severity
CVSS Base Score
Counter-measure
Publicly Aware
Weaponized
Syxsense Recommended
CVE-2020-0852
Microsoft Word Remote Code Execution Vulnerability
Critical
TBC
No
No
No
Yes
CVE-2020-0905
Dynamics Business Central Remote Code Execution Vulnerability
Critical
TBC
No
No
No
Yes
CVE-2020-0684
LNK Remote Code Execution Vulnerability
Critical
TBC
No
No
No
Yes
CVE-2020-0801
Media Foundation Memory Corruption Vulnerability
Critical
7.8
No
No
No
Yes
CVE-2020-0807
Media Foundation Memory Corruption Vulnerability
Critical
7.8
No
No
No
Yes
CVE-2020-0809
Media Foundation Memory Corruption Vulnerability
Critical
7.8
No
No
No
Yes
CVE-2020-0869
Media Foundation Memory Corruption Vulnerability
Critical
7.8
No
No
No
Yes
CVE-2020-0768
Microsoft Browser Memory Corruption Vulnerability
Critical
7.5
No
No
No
Yes
CVE-2020-0830
Microsoft Browser Memory Corruption Vulnerability
Critical
7.5
No
No
No
Yes
CVE-2020-0832
Scripting Engine Memory Corruption Vulnerability
Critical
7.5
No
No
No
Yes
CVE-2020-0833
Scripting Engine Memory Corruption Vulnerability
Critical
7.5
No
No
No
Yes
CVE-2020-0824
VBScript Remote Code Execution Vulnerability
Critical
7.5
No
No
No
Yes
CVE-2020-0847
VBScript Remote Code Execution Vulnerability
Critical
7.5
No
No
No
Yes
CVE-2020-0881
GDI+ Remote Code Execution Vulnerability
Critical
6.7
No
No
No
Yes
CVE-2020-0883
GDI+ Remote Code Execution Vulnerability
Critical
6.7
No
No
No
Yes
CVE-2020-0811
Chakra Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0812
Chakra Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0816
Microsoft Edge Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0823
Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0825
Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0826
Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0827
Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0828
Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0829
Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0831
Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0848
Scripting Engine Memory Corruption Vulnerability
Critical
4.2
No
No
No
Yes
CVE-2020-0844
Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0793
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0762
Microsoft Defender Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0763
Microsoft Defender Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0808
Provisioning Runtime Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0788
Win32k Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0834
Windows ALPC Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0787
Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0769
Windows CSC Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0771
Windows CSC Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0819
Windows Device Setup Manager Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0810
Windows Diagnostics Hub Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0776
Windows Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0858
Windows Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0772
Windows Error Reporting Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0806
Windows Error Reporting Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0791
Windows Graphics Component Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0840
Windows Hard Link Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0841
Windows Hard Link Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0849
Windows Hard Link Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0896
Windows Hard Link Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0798
Windows Installer Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0814
Windows Installer Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0842
Windows Installer Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0843
Windows Installer Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0799
Windows Kernel Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0822
Windows Language Pack Installer Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0802
Windows Network Connections Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0803
Windows Network Connections Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0804
Windows Network Connections Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0845
Windows Network Connections Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0857
Windows Search Indexer Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0867
Windows Update Orchestrator Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0868
Windows Update Orchestrator Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0797
Windows Work Folder Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0800
Windows Work Folder Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0864
Windows Work Folder Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0865
Windows Work Folder Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0866
Windows Work Folder Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0897
Windows Work Folder Service Elevation of Privilege Vulnerability
Important
7.8
No
No
No
Yes
CVE-2020-0758
Azure DevOps Elevation of Privilege Vulnerability
Important
TBC
No
No
No
CVE-2020-0815
Azure DevOps Elevation of Privilege Vulnerability
Important
TBC
No
No
No
CVE-2020-0700
Azure DevOps Server Cross-site Scripting Vulnerability
Important
TBC
No
No
No
CVE-2020-0903
Microsoft Exchange Server Spoofing Vulnerability
Important
TBC
No
No
No
CVE-2020-0893
Microsoft Office SharePoint XSS Vulnerability
Important
TBC
No
No
No
CVE-2020-0894
Microsoft Office SharePoint XSS Vulnerability
Important
TBC
No
No
No
CVE-2020-0795
Microsoft SharePoint Reflective XSS Vulnerability
Important
TBC
No
No
No
CVE-2020-0891
Microsoft SharePoint Reflective XSS Vulnerability
Important
TBC
No
No
No
CVE-2020-0884
Microsoft Visual Studio Spoofing Vulnerability
Important
TBC
No
No
No
CVE-2020-0850
Microsoft Word Remote Code Execution Vulnerability
Important
TBC
No
No
No
CVE-2020-0851
Microsoft Word Remote Code Execution Vulnerability
Important
TBC
No
No
No
CVE-2020-0855
Microsoft Word Remote Code Execution Vulnerability
Important
TBC
No
No
No
CVE-2020-0892
Microsoft Word Remote Code Execution Vulnerability
Important
TBC
No
No
No
CVE-2020-0872
Remote Code Execution Vulnerability in Application Inspector
Important
TBC
No
No
No
CVE-2020-0902
Service Fabric Elevation of Privilege
Important
TBC
No
No
No
CVE-2020-0789
Visual Studio Extension Installer Service Denial of Service Vulnerability
Important
TBC
No
No
No
CVE-2020-0770
Windows ActiveX Installer Service Elevation of Privilege Vulnerability
Important
TBC
No
No
No
CVE-2020-0773
Windows ActiveX Installer Service Elevation of Privilege Vulnerability
Important
TBC
No
No
No
CVE-2020-0860
Windows ActiveX Installer Service Elevation of Privilege Vulnerability
Important
TBC
No
No
No
CVE-2020-0645
Microsoft IIS Server Tampering Vulnerability
Important
7.5
No
No
No
CVE-2020-0854
Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability
Important
7.1
No
No
No
CVE-2020-0786
Windows Tile Object Service Denial of Service Vulnerability
Important
7.1
No
No
No
CVE-2020-0690
DirectX Elevation of Privilege Vulnerability
Important
7
No
No
No
CVE-2020-0877
Win32k Elevation of Privilege Vulnerability
Important
7
No
No
No
CVE-2020-0887
Win32k Elevation of Privilege Vulnerability
Important
7
No
No
No
CVE-2020-0876
Win32k Information Disclosure Vulnerability
Important
7
No
No
No
CVE-2020-0898
Windows Graphics Component Elevation of Privilege Vulnerability
Important
7
No
No
No
CVE-2020-0779
Windows Installer Elevation of Privilege Vulnerability
Important
7
No
No
No
CVE-2020-0778
Windows Network Connections Service Elevation of Privilege Vulnerability
Important
7
No
No
No
CVE-2020-0780
Windows Network List Service Elevation of Privilege Vulnerability
Important
7
No
No
No
CVE-2020-0781
Windows UPnP Service Elevation of Privilege Vulnerability
Important
7
No
No
No
CVE-2020-0783
Windows UPnP Service Elevation of Privilege Vulnerability
Explore the latest third-party and security updates and find out which patches should be prioritized this month to protect your environment.
[vc_empty_space]
[vc_single_image image=”33244″ img_size=”full”]
Which third-party patches should you prioritize?
VideoLAN has released an update this week to resolve two high-risk vulnerabilities in the VLC media player application. The discovered vulnerabilities allow an attacker to manipulate the .MKV extension so that a file can be used to gain control of the victim’s device. A total of 15 defects were made public on Monday by VideoLAN and a new version was released on August 19.
Additionally, Google Chrome received an update earlier this month resolving a high-severity use-after-free vulnerability in the PDFium viewer (CVE-2019-5868), as well as a medium-severity vulnerability (CVE-2019-5867)
Firefox also had a moderate vulnerability addressed regarding stored passwords and master password entry (CVE-2019-11733). “When a master password is set, it is required to be entered again before stored passwords can be accessed in the ‘Saved Logins’ dialog,” stated Mozilla regarding version 68.0.2. “It was found that locally stored passwords can be copied to the clipboard thorough the ‘copy password’ context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords.”
Why focus on patching third-party applications?
Delays in patching third party applications with dangerous vulnerabilities can leave your endpoints wide open to attack.
Syxsense provides true network security and lets you manage every threat with the click of a button. Keep up with the constant stream of security threats and patches for third-party software applications, such as Adobe, Java, Chrome and more.
Explore the latest third-party updates as well as a controversial vulnerability with Zoom that the company has decided to eliminate.
[vc_empty_space]
[vc_single_image image=”32072″ img_size=”full”]
Latest Third-Party Updates
This month there are several notable third-party updates that have been released. The vendors include Adobe, Foxit, GlavSoft LLC., Microsoft (Skype), and Mozilla.
How are you deploying third-party security updates? It’s time to switch to an IT management solution that can manage any security updates required. Syxsense can deploy a wide-range of updates, including Windows, Mac, and Linux software.
Zoom Pushes Emergency Patch for Webcam Flaw
After facing media scrutiny for a zero-day vulnerability in its collaboration client for Mac, Zoom has rushed out an emergency patch to eliminate the bug. The video conferencing company initially stated that it would not issue a full fix for the the vulnerability, but has since changed course.
The flaw (CVE-2019–13450), allows a malicious website to take over a user’s web camera without their permission, putting 4 million workers that use Zoom for Mac at risk. This isn’t the first time the company has experienced issues—late last year Zoom experienced a critical bug that could lead to malware installation.
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
Start a Free Trial
Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]
[vc_empty_space][vc_separator][vc_empty_space]
Third-Party Updates
Vendor
Category
Title
Date Published
CVSS Score & Rating
Adobe
Multimedia
FlashPlayer_ActiveX_v32.0.0.223
7/9/19
N/A
Adobe
Multimedia
FlashPlayer_Plugin_NPAPI_v32.0.0.223
7/9/19
N/A
Adobe
Multimedia
FlashPlayer_Plugin_PPAPI_v32.0.0.223
7/9/19
N/A
Foxit Corporation
PDF Viewer
FoxitReader_v9.6.0
7/4/19
N/A
GlavSoft LLC.
Remote Access
TightVNC_v2.8.23.0
7/3/19
N/A
Microsoft Corporation
Audio/Video Chat
Skype_v8.49.0.49
7/8/19
N/A
Mozilla
Web Browser
Firefox_v68.0
7/8/19
N/A
Mozilla
Web Browser
FirefoxESR_v60.8.0
7/8/19
N/A
Mozilla
Email Client
Thunderbird_v60.8.0
7/8/19
N/A
Peter Pawlowski
Audio Player
Foobar2000_v1.4.6
7/7/19
N/A
[vc_btn title=”Start Your Free Trial of Syxsense →” shape=”square” color=”warning” size=”lg” align=”center” button_block=”true” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||”]
This month's Patch Tuesday release has 77 vulnerabilities, including two zero-days—security flaws that were being actively exploited.
[vc_empty_space]
[vc_single_image image=”32048″ img_size=”full”]
Patch Tuesday Release
Microsoft have released 78 patches today covering IE, Edge, ChakraCore, Windows and Office.p There are 15 rated Critical and 62 Important with only 1 rated Moderate.
Urgent: Public and Exploited
There are a total of 8 vulnerabilities in this Patch Tuesday which are either publicly disclosed or being actively exploited, making July one of the worst months for the potential threats exposed by these vulnerabilities.
Robert Brown, Director of Services for Verismic said, “We highly recommend these be prioritized for immediate deployment, notice they are all rated by Microsoft as Important instead of Critical? Having an independent severity is essential along with the vendor severity is critically important for transparent prioritization of your next round of patching.
CVE-2019-0880 and CVE-2019-1132 have actually made our Most Wanted Index already this year already, meaning new vulnerabilities have been exposed and Microsoft have re-released new patches to resolve those vulnerabilities.
CVE-2019-0785 carries a CVSS score of 9.8 making this vulnerability the highest independent severity in this patch Tuesday release. All Windows Servers running DHCP going back to Windows 2012 are effected. The vulnerability exposes a memory corruption issue where if exploited could knock out the DHCP service, causing devices not to renew their IP address correctly. This impacts not just the server but every single device which uses it.
Adobe Updates
Adobe have only released 3 updates today resolving vulnerabilities with Adobe Bridge, Experience Manager, and Dreamweaver. There are no patches for Adobe Flash or Adobe Reader making Microsoft your biggest priority today.
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
Start a Free Trial
Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]
[vc_empty_space][vc_separator][vc_empty_space]
Patch Tuesday Release
Verismic Recommended
CVE ID
Description
Severity
Publicly Disclosed
Actively being Exploited
Yes
CVE-2019-0880
Microsoft splwow64 Elevation of Privilege Vulnerability
Microsoft have released 60 security patches today covering Internet Explorer (IE), Edge, ChakraCore, Windows components, .NET Framework, SQL Server, as well as Microsoft Office and Office Services.
Out of these 60 CVEs, 19 are listed as Critical, 39 are rated Important, one is rated as Moderate, and one is rated as Low in severity.
Critical Adobe Updates
Adobe have also released 11 fixes today including two critical patches for Acrobat and Reader, CVE-2018-12808 is an out-of-bounds write flaw, while CVE-2018-12799 is an untrusted pointer dereference vulnerability. IT Managers should be pleased as last month’s release included 100 vulnerability fixes.
WannaCry is Back with a Vengeance
Big hitter falls foul of WannaCry this week; Taiwan Semiconductor Manufacturing who are the largest chip supplier to Apple and other smartphone makers were compromised which disrupted global delays of chip shipments. The damage from the infection has caused serious financial revenue damage in Q3, and could have easily been avoided should a patch centric approach been adopted by their IT Managers. Learn more in our Avoiding Patch Doomsday whitepaper.
Windows 10 Feature Update Planning
If you are using Windows 10, version 1703 then you only have 2 months left to upgrade before it falls out of the standard ‘End of Service’ on October 9, 2018. Each Windows 10 version will be serviced with quality updates for up to 18 months from availability. It is important that all quality updates are installed to help keep your device secure.
Robert Brown, Director of Services for Verismic said, “CVE-2018-8373 (Scripting Engine Memory Corruption Vulnerability) & CVE-2018-8414 (Windows Shell Remote Code Execution Vulnerability) are both publicly disclosed and are actively being exploited.
Although these only carry a CVSS score of 4.8 & 6.7 respectively because these vulnerabilities are being actively being used to expose customer networks, these updates should be prioritized by your IT manager this month.
A new set of security updates from Adobe has just been released. These new updates effect Acrobat, Reader, Flash Player, Connect, and Experience Manager. Over 100 vulnerabilities are patched thanks to these updates.
The risk involved in not deploying the new updates is that a remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Robert Brown, Director of Services said, “Many of these updates are Priority 2, which means they should be highly prioritised for deployment this month.” Ensure these updates are a part of your patching strategy.
Microsoft Half-Year Evaluation
According to an article by The Zero Day Initiative, there seems to a be a rise in the number of bugs reported in Microsoft products. However, they caution that this doesn’t mean that there is an increase in issues with the product. The number of bug reports has increased 121% from the same period last year.
The number of released patches is only up by 8%, so the article argues this is an indicator of program growth. A large number of these bugs were also in the browser space; IE, Edge, and Chakra Core.
Keep an eye on Microsoft’s Patch Tuesday releases as they may attempt to increase their output of updates.
Microsoft released 53 security patches this month covering Internet Explorer, Edge, Windows, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office. These are made up of 18 Critical, 33 Important, one is rated as Moderate, and one is rated as Low in severity.
There are none which are Zero Day & none which are either Public or Exploited so far. There are several updates for the various feature updates of Windows 10 to keep your IT Manager busy this month.
Vendor Name
Vendor Severity
Title
Microsoft
Critical
Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB4339093)
Microsoft
Critical
Cumulative Security Update for Internet Explorer 11 for Windows 7 (KB4339093)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4338819)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4338814)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4338825)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x64-based Systems (KB4338832)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1607 for x86-based Systems (KB4338832)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1607 for x64-based Systems (KB4338832)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for x86-based Systems (KB4338832)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for x64-based Systems (KB4338832)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for ARM64-based Systems (KB4338832)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x86-based Systems (KB4338832)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for ARM64-based Systems (KB4338832)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4338825)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x86-based Systems (KB4338832)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4338814)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1709 for ARM64-based Systems (KB4338825)
Microsoft
Critical
2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x64-based Systems (KB4338832)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1803 for ARM64-based Systems (KB4338819)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4338819)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4338826)
Microsoft
Critical
2018-07 Cumulative Update for Windows 10 Version 1703 for x86-based Systems (KB4338826)
Microsoft
Important
Security Update for Skype for Business 2016 (KB4022221) 64-Bit Edition
Microsoft
Important
2018-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340558)
Microsoft
Important
Security Update for Skype for Business 2015 (KB4022225) 32-Bit Edition
Microsoft
Important
Security Update for Microsoft SharePoint Foundation 2013 (KB4022243)
Microsoft
Important
Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition
Microsoft
Important
Security Update for Microsoft Access 2016 (KB4018338) 32-Bit Edition
Microsoft
Important
2018-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 (KB4340556)
Microsoft
Important
2018-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 (KB4340004)
Microsoft
Important
2018-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 and Server 2008 R2 for x64 (KB4340004)
Microsoft
Important
Security Update for Microsoft Office Viewers Microsoft Office Compatibility Pack (KB4011202)
Microsoft
Important
Security Update for Microsoft Access 2013 (KB4018351) 32-Bit Edition
Microsoft
Important
2018-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 and Server 2008 R2 for x64 (KB4340556)
Microsoft
Important
Security Update for Microsoft Access 2013 (KB4018351) 64-Bit Edition
Microsoft
Important
2018-07 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340006)
Microsoft
Important
Security Update for Skype for Business 2016 (KB4022221) 32-Bit Edition
Microsoft
Important
Security Update for Word Viewer (KB4032214)
Microsoft
Important
Security Update for Skype for Business 2015 (KB4022225) 64-Bit Edition
Microsoft
Important
2018-07 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4338818)
Microsoft
Important
2018-07 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4338818)
Microsoft
Important
2018-07 Security Only Quality Update for Windows 7 for x64-based Systems (KB4338823)
Microsoft
Important
2018-07 Security Only Quality Update for Windows 7 for x86-based Systems (KB4338823)
Microsoft
Low
Security Update for Microsoft Word 2016 (KB4022218) 64-Bit Edition
Microsoft
Low
Security Update for Microsoft Word 2010 (KB4022202) 64-Bit Edition
Microsoft
Low
Security Update for Microsoft Office 2010 (KB4022200) 32-Bit Edition
Microsoft
Low
Security Update for Microsoft Word 2016 (KB4022218) 32-Bit Edition
Microsoft
Low
Security Update for Microsoft Office 2010 (KB4022200) 64-Bit Edition
Microsoft
Low
Security Update for Microsoft Word 2010 (KB4022202) 32-Bit Edition
[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” btn_width=”btn_full_width” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
For June Patch Tuesday, Microsoft has released a massive 50-update rollup that affects every version of Windows still in support. Included are fixes for the Windows OS, Internet Explorer, Microsoft Edge, the ChakraCore JavaScript engine, Microsoft Office and Microsoft Office Services, and Web Apps.
If you are using Windows 10, this latest cumulative update also comes with other quality improvements, including a fix for an issue that caused PCs to boot to a black screen. If you’ve had issues with brightness controls on your laptop, Microsoft recommends you apply this latest update as well.
Robert Brown, Director of Services for Verismic says, “Windows 10 cumulative updates are a huge benefit for IT Managers who need to update their systems as quickly as possible. However, there is a disadvantage that comes in the form of additional testing. You cannot separate the cumulative updates so you need to be sure when you start deploying that it’s fully tested.
Even the smaller updates like the screen brightness issue above can cause huge disruption for your employees. Using Syxsense can make that process more efficient as you can schedule those test deployments from a single internet browser. If any update is seen to cause an issue, you can easily omit that update until a fix is provided.”
Urgent Update for Google Chrome & Mozilla Firefox
Google has released Chrome version 67.0.3396.79 for Windows, Mac, and Linux. Thanks to work by security researcher Michal Bentkowski, Google was made aware of, and patched, this high severity vulnerability. While details are limited, the vulnerability seems to be an issue with handling CSP header that could lead to an attacker gaining control of the targeted device.
Mozilla has also released security updates to address critical vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system.
Start a free trial of Syxsense to enhance your patch strategy with more efficiency and simplicity today.
