Skip to main content
Tag

windows 10 February 2019

||

March Patch Tuesday: Eliminate the Exploits

By News, Patch Management, Patch TuesdayNo Comments

March Patch Tuesday: Eliminate the Exploits

It's the second Tuesday of March, which means it's time for another round of Patch Tuesday security updates.
[vc_empty_space]
[vc_single_image image=”27589″ img_size=”full”]

Microsoft has released 64 patches today covering IE, Edge, Exchange, Windows and Office. There are 17 rated Critical, 45 rated Important, 1 is rated Moderate and is rated Low in severity—this is much less than last month’s release of over 80 updates, however there are still some surprises in this release to keep you busy.

Prioritize Now: Public Announced and Current Exploits

Four of the updates CVE-2019-0683, CVE-2019-0754, CVE-2019-0757 and CVE-2019-0809 are marked as “Publicly Disclosed” meaning there is an increased risk of attack in the very near future, and two updates CVE-2019-0797 & CVE-2019-0808 are marked as “Being Exploited” meaning you should prioritize them now.

Robert Brown, Director of Services for Verismic said, “You should treat these 6 updates with the highest importance, and you should especially treat CVE-2019-0797 & CVE-2019-0808 as a Zero Day because active exploits means actual attempts on your networks by those who wish to expose your data.”

Adobe Patches Flash, Photoshop and Digital Editions

Adobe has given a slight reprieve to IT managers this month by releasing only 3 updates: one for Flash, Photoshop and Digital Editions. Although these updates carry a Critical severity, they are ranked by Adobe with a Priority of 3 meaning administrators should install these updates at their discretion.

Features Updates Due for Retirement

On April 9, the Windows 10 feature update version 1709 will be due for retirement on Home, Pro and Pro for Workstations editions. If you are still using Enterprise or Education editions, you have another year to plan your upgrade.

Use Syxsense to organize and deploy Windows, third-party, Mac OS and Linux updates to keep your environment safe. Our clients love having control over when and where the scanning and deployment of updates takes place, providing peace of mind to any IT department.

[vc_single_image image=”26425″ img_size=”full” alignment=”center” css=”.vc_custom_1552428354753{margin-top: -20px !important;}”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:%2Fsyxsense-trial|||”]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

ID Description Severity Publicly Announced Actively Exploited Recommended
CVE-2019-0797 Win32k Elevation of Privilege Vulnerability Important No Yes Yes
CVE-2019-0808 Win32k Elevation of Privilege Vulnerability Important No Yes Yes
CVE-2019-0683 Active Directory Elevation of Privilege Vulnerability Important Yes No Yes
CVE-2019-0754 Windows Denial of Service Vulnerability Important Yes No Yes
CVE-2019-0757 NuGet Package Manager Tampering Vulnerability Important Yes No Yes
CVE-2019-0809 Visual Studio Remote Code Execution Vulnerability Important Yes No Yes
CVE-2019-0592 Chakra Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0603 Windows Deployment Services TFTP Server Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0609 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0639 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0666 Windows VBScript Engine Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0667 Windows VBScript Engine Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0680 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0697 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0698 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0726 Windows DHCP Client Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0756 MS XML Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0763 Internet Explorer Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0769 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0770 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0771 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0773 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0784 Windows ActiveX Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0612 Microsoft Edge Security Feature Bypass Vulnerability Important No No
CVE-2019-0614 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0617 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0665 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0678 Microsoft Edge Elevation of Privilege Vulnerability Important No No
CVE-2019-0682 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0689 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0690 Windows Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0692 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0693 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0694 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important No No
CVE-2019-0695 Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0696 Windows Kernel Elevation of Privilege Vulnerability Important No No
CVE-2019-0701 Hyper-V Denial of Service Vulnerability Important No No
CVE-2019-0702 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0703 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0704 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0748 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0755 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0759 Windows Print Spooler Information Disclosure Vulnerability Important No No
CVE-2019-0761 Windows Security Zone Bypass Vulnerability Important No No
CVE-2019-0762 Microsoft Browsers Security Feature Bypass Vulnerability Important No No
CVE-2019-0765 Comctl32 Remote Code Execution Vulnerability Important No No
CVE-2019-0766 Microsoft Windows Elevation of Privilege Vulnerability Important No No
CVE-2019-0767 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0768 Internet Explorer Security Feature Bypass Vulnerability Important No No
CVE-2019-0772 Windows VBScript Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0774 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0775 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0776 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0778 Microsoft Office SharePoint XSS Vulnerability Important No No
CVE-2019-0779 Microsoft Edge Memory Corruption Vulnerability Important No No
CVE-2019-0782 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0783 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0798 Skype for Business and Lync Spoofing Vulnerability Important No No
CVE-2019-0821 Windows SMB Information Disclosure Vulnerability Important No No
CVE-2019-0611 Chakra Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0746 Chakra Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0780 Microsoft Browser Memory Corruption Vulnerability Important No No
CVE-2019-0816 Azure SSH Keypairs Security Feature Bypass Vulnerability Moderate No No
CVE-2019-0777 Team Foundation Server Cross-site Scripting Vulnerability Low No No
[vc_btn title=”Start Your Free Trial of Syxsense →” shape=”square” color=”warning” size=”lg” align=”center” button_block=”true” link=”url:%2Fsyxsense-trial|||”]
||||

February Patch Tuesday: Disable Windows Update

By News, Patch Management, Patch TuesdayNo Comments

February Patch Tuesday: Disable Windows Update

It's the second Tuesday of February, which means it's time for another round of Patch Tuesday security updates from Microsoft.
[vc_empty_space]
[vc_single_image image=”26993″ img_size=”full”]

Microsoft has released almost 80 security patches today covering IE, Edge, Exchange, Windows, .NET Framework and Office. There are only 20 rated Critical, 54 rated Important, and 3 are rated Moderate in severity.

Four of the updates released CVE-2019-0636, CVE-2019-0686, CVE-2019-0646 and CVE-2019-0647 are marked as “Publicly Disclosed” meaning there is an increased risk of attack in the near future. Although they are marked Important, we would highly recommend these updates be prioritized this month.

Why should you disable Windows Update?

Many of our customers are concerned that updates released by Microsoft cause significant user disruption, and are simply unable to keep up with the constant fire fighting bad patches give an IT department.

The first reaction is not to patch. This places your environment and users’ identity at risk of exposure, and risk a total network breach. Leaving Windows Update enabled in its default setting downloads and installs all updates released by Microsoft on the same day they are released, leaving your IT department no time to test.

Our clients like the way Syxsense provides the control over when and where the scanning and deployment of updates takes place, providing much relieved stress to any IT department. Ask us how Maintenance Windows can help schedule any patch deployment over high dispersed environments.

[vc_single_image image=”26424″ img_size=”full” alignment=”center” css=”.vc_custom_1550015169179{margin-top: -20px !important;}”]

Adobe Releases Over 70 Updates

Acrobat and Reader from version 2019.010.20069 and earlier for both Windows and Mac OS are affected. All updates carry a Priority Rating of 2 meaning there is an elevated risk of exploit although no active exploits are known to exist in the wild.

Robert Brown, Director of Services said, “Adobe use their Priority Rating to illustrate how quickly users should update their systems, in this case they recommend within 30 days. Users using Mac OS who usually update their systems manually can truly benefit from the remote patching capability of Syxsense which enables automation over a typical otherwise manual method.”

Of the 71 updates released today, 43 are rating Critical. If exploited, this would allow malicious native-code to execute, potentially without a user being aware.

Is it time to replace IE?

Over the past several months there is an increasing amount of “Actively Exploited” updates being fixed by Microsoft. CVE-2019-0676 is no exception, and as it involved Internet Explorer which is still highly used we would recommend this update be one of your top priorities.

If you wish to replace IE with another browser, Syxsense can deploy the software throughout your environment, and better still your new browser can be kept up date using the Patch Manager solution. Replace your IE browser before an exploit ruins your Valentine’s Day.

[vc_separator]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:%2Fsyxsense-trial|||”]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

[vc_single_image image=”27080″ img_size=”full” alignment=”center” css=”.vc_custom_1550165157663{margin-top: -20px !important;}”]
CVE ID Patch Description Severity Publicly Disclosed Active Exploited Recommended
CVE-2019-0676 Internet Explorer Information Disclosure Vulnerability Important No Yes Yes
CVE-2019-0636 Windows Information Disclosure Vulnerability Important Yes No Yes
CVE-2019-0686 Microsoft Exchange Server Elevation of Privilege Vulnerability Important Yes No Yes
CVE-2019-0646 Team Foundation Server Cross-site Scripting Vulnerability Important Yes No Yes
CVE-2019-0647 Team Foundation Server Information Disclosure Vulnerability Important Yes No Yes
CVE-2019-0590 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0591 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0593 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0594 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0604 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0605 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0606 Internet Explorer Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0607 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0618 GDI+ Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0626 Windows DHCP Server Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0634 Microsoft Edge Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0640 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0642 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0644 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0645 Microsoft Edge Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0650 Microsoft Edge Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0651 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0652 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0655 Scripting Engine Memory Corruption Vulnerability Critical No No Yes
CVE-2019-0662 GDI+ Remote Code Execution Vulnerability Critical No No Yes
CVE-2019-0540 Microsoft Office Security Feature Bypass Vulnerability Important No No
CVE-2019-0595 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0596 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0597 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0598 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0599 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0600 HID Information Disclosure Vulnerability Important No No
CVE-2019-0601 HID Information Disclosure Vulnerability Important No No
CVE-2019-0602 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0610 Scripting Engine Memory Corruption Vulnerability Important No No
CVE-2019-0613 .NET Framework and Visual Studio Remote Code Execution Vulnerability Important No No
CVE-2019-0615 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0616 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0619 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0621 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0623 Win32k Elevation of Privilege Vulnerability Important No No
CVE-2019-0625 Jet Database Engine Remote Code Execution Vulnerability Important No No
CVE-2019-0627 Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-0628 Win32k Information Disclosure Vulnerability Important No No
CVE-2019-0630 Windows SMB Remote Code Execution Vulnerability Important No No
CVE-2019-0631 Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-0632 Windows Security Feature Bypass Vulnerability Important No No
CVE-2019-0633 Windows SMB Remote Code Execution Vulnerability Important No No
CVE-2019-0635 Windows Hyper-V Information Disclosure Vulnerability Important No No
CVE-2019-0637 Windows Defender Firewall Security Feature Bypass Vulnerability Important No No
CVE-2019-0648 Scripting Engine Information Disclosure Vulnerability Important No No
CVE-2019-0649 Scripting Engine Elevation of Privileged Vulnerability Important No No
CVE-2019-0654 Microsoft Browser Spoofing Vulnerability Important No No
CVE-2019-0656 Windows Kernel Elevation of Privilege Vulnerability Important No No
CVE-2019-0657 .NET Framework and Visual Studio Spoofing Vulnerability Important No No
CVE-2019-0658 Scripting Engine Information Disclosure Vulnerability Important No No
CVE-2019-0659 Windows Storage Service Elevation of Privilege Vulnerability Important No No
CVE-2019-0660 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0661 Windows Kernel Information Disclosure Vulnerability Important No No
CVE-2019-0664 Windows GDI Information Disclosure Vulnerability Important No No
CVE-2019-0668 Microsoft SharePoint Elevation of Privilege Vulnerability Important No No
CVE-2019-0669 Microsoft Excel Information Disclosure Vulnerability Important No No
CVE-2019-0724 Microsoft Exchange Server Elevation of Privilege Vulnerability Important No No
CVE-2019-0728 Visual Studio Code Remote Code Execution Vulnerability Important No No
CVE-2019-0641 Microsoft Edge Security Feature Bypass Vulnerability Moderate No No
CVE-2019-0643 Microsoft Edge Information Disclosure Vulnerability Moderate No No
CVE-2019-0670 Microsoft SharePoint Spoofing Vulnerability Moderate No No
[vc_btn title=”Start Your Free Trial of Syxsense →” shape=”square” color=”warning” size=”lg” align=”center” button_block=”true” link=”url:%2Fsyxsense-trial|||”]