Skip to main content
Tag

patch updates

|

Patch Tuesday? More Like Patch Doomsday

By News, Patch Management, Patch Tuesday

August Patch Tuesday Release

Microsoft have released 60 security patches today covering Internet Explorer (IE), Edge, ChakraCore, Windows components, .NET Framework, SQL Server, as well as Microsoft Office and Office Services.

Out of these 60 CVEs, 19 are listed as Critical, 39 are rated Important, one is rated as Moderate, and one is rated as Low in severity.

Critical Adobe Updates

Adobe have also released 11 fixes today including two critical patches for Acrobat and Reader, CVE-2018-12808 is an out-of-bounds write flaw, while CVE-2018-12799 is an untrusted pointer dereference vulnerability.  IT Managers should be pleased as last month’s release included 100 vulnerability fixes.

WannaCry is Back with a Vengeance

Big hitter falls foul of WannaCry this week; Taiwan Semiconductor Manufacturing who are the largest chip supplier to Apple and other smartphone makers were compromised which disrupted global delays of chip shipments. The damage from the infection has caused serious financial revenue damage in Q3, and could have easily been avoided should a patch centric approach been adopted by their IT Managers. Learn more in our Avoiding Patch Doomsday whitepaper.

Windows 10 Feature Update Planning

If you are using Windows 10, version 1703 then you only have 2 months left to upgrade before it falls out of the standard ‘End of Service’ on October 9, 2018. Each Windows 10 version will be serviced with quality updates for up to 18 months from availability. It is important that all quality updates are installed to help keep your device secure.

Robert Brown, Director of Services for Verismic said, “CVE-2018-8373 (Scripting Engine Memory Corruption Vulnerability) & CVE-2018-8414 (Windows Shell Remote Code Execution Vulnerability) are both publicly disclosed and are actively being exploited.

Although these only carry a CVSS score of 4.8 & 6.7 respectively because these vulnerabilities are being actively being used to expose customer networks, these updates should be prioritized by your IT manager this month.

Patch Tuesday Release

CVE Title Severity
CVE-2018-8373 Internet Explorer Memory Corruption Vulnerability Critical
CVE-2018-8273 Microsoft SQL Server Remote Code Execution Vulnerability Critical
CVE-2018-8302 Microsoft Exchange Memory Corruption Vulnerability Critical
CVE-2018-8344 Microsoft Graphics Remote Code Execution Vulnerability Critical
CVE-2018-8345 LNK Remote Code Execution Vulnerability Critical
CVE-2018-8350 Windows PDF Remote Code Execution Vulnerability Critical
CVE-2018-8355 Chakra Scripting Engine Memory Corruption Vulnerability Critical
CVE-2018-8359 Scripting Engine Information Disclosure Vulnerability Critical
CVE-2018-8371 Internet Explorer Memory Corruption Vulnerability Critical
CVE-2018-8372 Chakra Scripting Engine Memory Corruption Vulnerability Critical
CVE-2018-8377 Microsoft Edge Memory Corruption Vulnerability Critical
CVE-2018-8380 Chakra Scripting Engine Memory Corruption Vulnerability Critical
CVE-2018-8381 Chakra Scripting Engine Memory Corruption Vulnerability Critical
CVE-2018-8384 Chakra Scripting Engine Memory Corruption Vulnerability Critical
CVE-2018-8385 Scripting Engine Memory Corruption Vulnerability Critical
CVE-2018-8387 Microsoft Edge Memory Corruption Vulnerability Critical
CVE-2018-8390 Scripting Engine Memory Corruption Vulnerability Critical
CVE-2018-8397 GDI+ Remote Code Execution Vulnerability Critical
CVE-2018-8403 Microsoft Browser Memory Corruption Vulnerability Critical
CVE-2018-8414 Windows Shell Remote Code Execution Vulnerability Important
CVE-2018-0952 Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability Important
CVE-2018-8200 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability Important
CVE-2018-8204 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability Important
CVE-2018-8253 Cortana Elevation of Privilege Vulnerability Important
CVE-2018-8266 Chakra Scripting Engine Memory Corruption Vulnerability Important
CVE-2018-8316 Internet Explorer Remote Code Execution Vulnerability Important
CVE-2018-8339 Windows Installer Elevation of Privilege Vulnerability Important
CVE-2018-8340 ADFS Security Feature Bypass Vulnerability Important
CVE-2018-8341 Windows Kernel Information Disclosure Vulnerability Important
CVE-2018-8342 Windows NDIS Elevation of Privilege Vulnerability Important
CVE-2018-8343 Windows NDIS Elevation of Privilege Vulnerability Important
CVE-2018-8346 LNK Remote Code Execution Vulnerability Important
CVE-2018-8347 Windows Kernel Elevation of Privilege Vulnerability Important
CVE-2018-8348 Windows Kernel Information Disclosure Vulnerability Important
CVE-2018-8349 Microsoft COM for Windows Remote Code Execution Vulnerability Important
CVE-2018-8351 Microsoft Edge Information Disclosure Vulnerability Important
CVE-2018-8353 Scripting Engine Memory Corruption Vulnerability Important
CVE-2018-8357 Internet Explorer Elevation of Privilege Vulnerability Important
CVE-2018-8358 Microsoft Edge Information Disclosure Vulnerability Important
CVE-2018-8360 .NET Framework Information Disclosure Vulnerability Important
CVE-2018-8370 Microsoft Edge Information Disclosure Vulnerability Important
CVE-2018-8375 Microsoft Excel Remote Code Execution Vulnerability Important
CVE-2018-8376 Microsoft PowerPoint Remote Code Execution Vulnerability Important
CVE-2018-8378 Microsoft Office Information Disclosure Vulnerability Important
CVE-2018-8379 Microsoft Excel Remote Code Execution Vulnerability Important
CVE-2018-8382 Microsoft Excel Information Disclosure Vulnerability Important
CVE-2018-8383 Microsoft Edge Spoofing Vulnerability Important
CVE-2018-8389 Internet Explorer Memory Corruption Vulnerability Important
CVE-2018-8394 Windows GDI Information Disclosure Vulnerability Important
CVE-2018-8396 Windows GDI Information Disclosure Vulnerability Important
CVE-2018-8398 Windows GDI Information Disclosure Vulnerability Important
CVE-2018-8399 Win32k Elevation of Privilege Vulnerability Important
CVE-2018-8400 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
CVE-2018-8401 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
CVE-2018-8404 Win32k Elevation of Privilege Vulnerability Important
CVE-2018-8405 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
CVE-2018-8406 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
CVE-2018-8412 Microsoft (MAU) Office Elevation of Privilege Vulnerability Important
CVE-2018-8374 Microsoft Exchange Elevation of Privilege Vulnerability Moderate
CVE-2018-8388 Microsoft Edge Elevation of Privilege Vulnerability Low
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 14, 2018
Love0

Instagram Takes a Peek: October Third-Party Patch Update

By Patch Management

[vc_single_image source=”featured_image” img_size=”medium”]

Even celebrity status can’t protect your data

At the beginning of September, a news story broke that Selena Gomez had her Instagram hacked. Why does the Instagram of a celebrity matter this time? Because this hack goes much further.
Instagram won’t confirm just how many accounts were affected, but the hackers claim they have information on 6 million users. They used this information to set up a site called Doxagram, where you could pay to search for the private contact information of these users. These accounts included almost all of the 50 most followed Instagram accounts. People like Rihanna, Emma Watson, Floyd Mayweather, and even the official account of the white house.

Kaspersky Labs reported to Facebook that there was a flaw within the Instagram mobile app password reset option. However, it was in a 2016 version of the app, so if you have kept Instagram up to date, you should be protected.

This is just another lesson why it’s so critical to keep up to date on software patches. Any vulnerability, even in an unsuspecting, non-business software like Instagram, could lead to a major breach.

CCleaner adds malware to your devices

Avast, the parent company to Piriform, discovered that two of their products had been compromised. Hackers breached these two products and added malware into the new version. Then anyone who installed CCleaner also got this malware that allowed hackers to control the infected computer.

Affected Piriform products:

  • CCleaner v5.33.6162
  • CCleaner Cloud v1.07.3191

The software has since been updated to remove the malware, but the damage has been done. Piriform says that they fixed things “before any known harm was done” and that no sensitive data was collected. While that might be true, it doesn’t mean the hackers didn’t accomplish their goals. They go access to a massively used software and that, in turn, gave them a back door into businesses that use it.

[dt_default_button link=”url:https%3A%2F%2Fdev-syxsense.pantheonsite.io%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

Below are a list of third-party software updates for the month:

Vendor Category Patch Version and Release Notes Link:
Adobe Media Software Flash Player 27 and AIR 27: https://helpx.adobe.com/flash-player/release-note/fp_27_air_27_release_notes.html
Google Web Browser Chrome 61.0.3163.100: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
Ivo Soft Misc. ClassicShell_v4.3.1: http://www.classicshell.net/history/
Peter Pawlowski Audio Player Foobar2000_v1.3.16: http://www.foobar2000.org/changelog
[vc_separator]

Start Patching

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fdev-syxsense.pantheonsite.io%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
September 28, 2017
Love0
||

Chrome Compromised: September Third-Party Patch Update

By Patch Management

[vc_single_image source=”featured_image” img_size=”medium”]

1 Million Targeted by Chrome Extension Hack

Even experts aren’t exempt from deceptive phishing attacks. It’s being reported that the developers of several extensions had their login credentials stolen.

It’s the second time in a week that Chrome users have been targeted by extension hijacks. The first involved an extension called CopyFish with around 30,000 installs. That attack may have been a test intended to see how many fraudulent ad views could be pumped through before Google intervened and returned control of the extension to its rightful owners.

Extensions reported so far:

  • Web Developer version 0.4.9
  • Chrometana version 1.1.3
  • Infinity New Tab version 3.12.3
  • CopyFish version 2.8.5
  • Web Paint version 1.2.1
  • Social Fixer 20.1.1
  • TouchVPN
  • Betternet VPN

Once the attackers had access to the developers accounts for these extensions, they began modifying the code. It seems their goal was to gain control over victims’ browsers and then if the victim had a Cloudflare account, steal that information.

It’s important to keep your browser’s up to date and review extensions before you install them.

The Source of NotPetya

Just after the outbreak of NotPetya, several entities seemed to point at software distribution provider MeDoc as one of the main sources of the outbreak. They claim that their software was a victim of a hack that then led to it being the vessel for initial distribution of NotPetya. From there, it spread through updates of MeDoc and began infecting more and more victims. This sort of event is known as a ‘supply chain attack’.

[vc_single_image image=”12386″ img_size=”200×200″]

The compromise of a software distribution method is extremely dangerous for businesses. Before you know it, a vulnerability can be spread to every device accessible via the hacked distribution software. How do you prevent such a disaster? One way could be the activation of two-factor authentication for login to your IT management software. This can help prevent the software from being compromised in the first place.

Don’t leave something that could infect your entire environment unsecured.

[dt_default_button link=”url:https%3A%2F%2Fdev-syxsense.pantheonsite.io%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

Below are a list of third-party software updates for the month:

Vendor Category Patch Version and Release Notes Link:
Adobe Media Software Flash and AIR: 26.0.0.151 and 26.0.0.127 – https://helpx.adobe.com/flash-player/release-note/fp_26_air_26_release_notes.html

 
Apple Media Software iTunes: 12.6.2 – https://www.neowin.net/news/apple-releases-security-updates-for-itunes-and-icloud-for-windows

 
Cerulean Instant Messaging

 

 Trillian: 6.0 build 61 – https://www.trillian.im/changelog/windows/6.0/

 
Citrix Data Delivery Receiver: 4.9 LTSR – http://docs.citrix.com/en-us/receiver/windows/current-release/about.html

 
Don Ho Source Code Editor Notepad++: 7.5 – https://notepad-plus-plus.org/news/notepad-7.5-released.html

 
FileZilla FTP Solution 3.27.1 – https://filezilla-project.org/versions.php

 
Foxit PDF Reader Reader: 8.3.2.25013 – https://www.foxitsoftware.com/pdf-reader/version-history.php

 
Google Browser Earth: 7.3.0 – https://support.google.com/earth/answer/40901?hl=en

Chrome: 60.0.3112.113 – https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-desktop_24.html

 
Malware Bytes Malware Defender

 

 3.2 – https://www.malwarebytes.com/support/releasehistory/

 
Mozilla Brower and Email Client Firefox: 55.0.3 – https://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/

Thunderbird: 52.3.0 – https://www.mozilla.org/en-US/thunderbird/52.3.0/releasenotes/

 
Realvnc Remote Access Software 6.2.0 – https://www.realvnc.com/en/connect/docs/desktop-release-notes.html

 
The Document Foundation Office Suite LibreOffice: 5.4.0 – https://wiki.documentfoundation.org/ReleaseNotes/5.4

 
Wireshark Network Protocol Analyzer 2.4.0 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.0.html

 
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fdev-syxsense.pantheonsite.io%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
August 29, 2017
Love0