April Patch Tuesday: Stop Active Exploits

By bmhumeNews, Patch Management, Patch TuesdayNo Comments

April Patch Tuesday: Stop Active Exploits

Microsoft's security release for April covers 74 vulnerabilities in a wide range of products, including two actively exploited zero-days.

Microsoft have released 74 patches today covering IE, Edge, Exchange, Windows and Office. There are 13 rated Critical and 61 are Important. In this release there are no Moderate or Low in severity but this is up over last month’s release of 64 updates, this release will keep you busy.

Prioritize Active Exploits

Two of the updates CVE-2019-0803 and CVE-2019-0859 are “Being Exploited” meaning you should prioritise them now. Robert Brown, Director of Services for Verismic said, “You should treat these updates with the highest importance because a similar vulnerability this year in Win32k elevation caused some significant global intrusions via malware infections.”

Adobe Updates

Adobe have released 8 updates today, for Reader, Flash, Shockwave, InDesign and Dreamweaver and a few others. The update for Flash is Critical meaning IT Admins should install these updates within the next 30 days.

Some Features Updates are Now Retired

Act now to keep your environment future proofed as updates will automatically uninstall.

Today the Windows 10 feature update version 1709 (and previous) is retired on Home, Pro and Pro for Workstations editions. If you try to deploy any security updates / patches to Windows 10 which are no longer supported, those updates will uninstall the next time the PC restarts. Ask your account manager how Syxsense can help you deploy your Windows 10 Feature Updates.

We have made a few recommendations below which you should prioritize, use Syxsense to organize and deploy Windows, third-party, Mac OS, and Linux updates to keep your environment safe.

Patch Tuesday Release

Verismic Recommended	ID	Description	Severity	Publicly Disclosed	Actively being Exploited
Yes	CVE-2019-0803	Win32k Elevation of Privilege Vulnerability	Important	No	Yes
Yes	CVE-2019-0859	Win32k Elevation of Privilege Vulnerability	Important	No	Yes
Yes	CVE-2019-0739	Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-0786	SMB Server Elevation of Privilege Vulnerability	Critical	No	No
Yes	CVE-2019-0791	MS XML Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-0792	MS XML Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-0793	MS XML Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-0806	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-0810	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-0812	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-0829	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-0845	Windows IOleCvt Interface Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-0853	GDI+ Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-0860	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-0861	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
	CVE-2019-0685	Win32k Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0688	Windows TCP/IP Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0730	Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0731	Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0732	Windows Security Feature Bypass Vulnerability	Important	No	No
	CVE-2019-0735	Windows CSRSS Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0752	Scripting Engine Memory Corruption Vulnerability	Important	No	No
	CVE-2019-0753	Scripting Engine Memory Corruption Vulnerability	Important	No	No
	CVE-2019-0764	Microsoft Browsers Tampering Vulnerability	Important	No	No
	CVE-2019-0790	MS XML Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0794	VBScript Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0795	MS XML Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0796	Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0801	Office Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0802	Windows GDI Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0805	Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0813	Windows Admin Center Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0814	Win32k Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0815	ASP.NET Core Denial of Service Vulnerability	Important	No	No
	CVE-2019-0817	Microsoft Exchange Spoofing Vulnerability	Important	No	No
	CVE-2019-0822	Microsoft Graphics Components Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0823	Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0824	Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0825	Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0826	Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0827	Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0828	Microsoft Excel Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0830	Microsoft Office SharePoint XSS Vulnerability	Important	No	No
	CVE-2019-0831	Microsoft Office SharePoint XSS Vulnerability	Important	No	No
	CVE-2019-0833	Microsoft Edge Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0835	Microsoft Scripting Engine Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0836	Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0837	DirectX Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0838	Windows Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0839	Windows Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0840	Windows Kernel Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0841	Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0842	Windows VBScript Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0844	Windows Kernel Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0846	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0847	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0848	Win32k Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0849	Windows GDI Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0851	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0856	Windows Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0857	Team Foundation Server Spoofing Vulnerability	Important	No	No
	CVE-2019-0858	Microsoft Exchange Spoofing Vulnerability	Important	No	No
	CVE-2019-0862	Windows VBScript Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0866	Team Foundation Server Cross-site Scripting Vulnerability	Important	No	No
	CVE-2019-0867	Team Foundation Server Cross-site Scripting Vulnerability	Important	No	No
	CVE-2019-0868	Team Foundation Server Cross-site Scripting Vulnerability	Important	No	No
	CVE-2019-0869	Team Foundation Server HTML Injection Vulnerability	Important	No	No
	CVE-2019-0870	Team Foundation Server Cross-site Scripting Vulnerability	Important	No	No
	CVE-2019-0871	Team Foundation Server Cross-site Scripting Vulnerability	Important	No	No
	CVE-2019-0874	Team Foundation Server Cross-site Scripting Vulnerability	Important	No	No
	CVE-2019-0875	Azure DevOps Server Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-0876	Open Enclave SDK Information Disclosure Vulnerability	Important	No	No
	CVE-2019-0877	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0879	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

April 9, 2019

Love0

Prioritize Now: Public Announced and Current Exploits

Four of the updates CVE-2019-0683, CVE-2019-0754, CVE-2019-0757 and CVE-2019-0809 are marked as “Publicly Disclosed” meaning there is an increased risk of attack in the very near future, and two updates CVE-2019-0797 & CVE-2019-0808 are marked as “Being Exploited” meaning you should prioritize them now.

Robert Brown, Director of Services for Verismic said, “You should treat these 6 updates with the highest importance, and you should especially treat CVE-2019-0797 & CVE-2019-0808 as a Zero Day because active exploits means actual attempts on your networks by those who wish to expose your data.”

Adobe Patches Flash, Photoshop and Digital Editions

Adobe has given a slight reprieve to IT managers this month by releasing only 3 updates: one for Flash, Photoshop and Digital Editions. Although these updates carry a Critical severity, they are ranked by Adobe with a Priority of 3 meaning administrators should install these updates at their discretion.

MS Patch Tuesday March