March Patch Tuesday: Is the IoT Spying on You?

Are you ready for IoT Patching?

Tech firm Hanwha Techwin is racing to fix 13 critical security holes found in its popular line of SmartCam security cameras. The patch rollout is part of public disclosure of the vulnerabilities set for today by researchers who discovered the bugs.

Flaws range from the use of an insecure HTTP communications protocol to weak credentials that could allow an attacker to take control of the camera or even use the device as a springboard to launch attacks within a connected network. The most serious flaws opens an attack vector where an adversary can root the camera and spoof the DNS server addresses specified in the camera’s settings, which could then be used as a launch pad to conduct additional attacks on devices sharing the same local network.“The problem with current IoT device security is that everyone thinks there is no need to secure IoT devices such as security cameras, secure door locks because they are not traditionally used as access points for breaching company networks. You need to know which IoT devices you have in your network, so you need to start with a security toolset which can tell you (full article here).”

Malware found at 160 Applebee’s Restaurants across North America

RMH Franchise Holdings, which owns and operates more than 160 Applebee’s stores across the U.S., said that it recently discovered malware infecting its point of sale systems (POS). The malware may have enabled hackers to steal certain guests’ names, credit or debit card numbers, expiration dates and card verification codes processed during limited time periods. Upon learning of a potential incident,

RMH told Threatpost it promptly launched an investigation, obtained the help of leading cyber security forensics firms, and reported the matter to law enforcement. RMH said it operates its point-of-sale systems isolated from the broader Applebee’s network, and this notice applies only to RMH-owned Applebee’s restaurants. In a statement, RMH urged customers to monitor their bankcard statements (full article here).

Robert Brown, Director of Services for Verismic said, “Most viruses and malware exploit environments which do not implement a robust patching process rather than a lack of virus protection. It is always easier to prevent an attack than to clean up after a serious outbreak.”

Alexa, what’s so funny?

Amazon acknowledged on Wednesday that some of its Alexa-enabled devices have developed a new skill: creeping out their owners with unexpected and unwarranted bursts of robotic laughter.

“We’re aware of this and working to fix it,” Amazon said.

People began reporting the problem with their “smart” speakers on social media in recent weeks. After the publication of this article, Amazon announced a fix and apparent explanation for the ghostly laughter. The company suggested in an email that the laughs had occurred “in rare circumstances” because the speaker was picking up a “false positive” for the command “Alexa, laugh.”

Find out how many of these devices you have in your network by starting a trial of Syxsense.

Patch Tuesday Release

Microsoft addressed 74 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, Microsoft Exchange, Microsoft Office, and Microsoft ASP.NET. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service condition.

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

CVE ID Alert Description CVSS Score Recommended
CVE-2018-0808 Microsoft ASP.NET Core Denial of Service Vulnerability 7.5 Yes
CVE-2018-0875 Microsoft ASP.NET Core Denial of Service Vulnerability 7.5 Yes
CVE-2018-0889 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0891 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 7.5 Yes
CVE-2018-0903 Microsoft Access Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0935 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0868 Microsoft Windows Installer Privilege Escalation Vulnerability 7.4 Yes
CVE-2018-0888 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0886 Microsoft Windows Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0815 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0816 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0817 Microsoft Windows Graphics Privilege Escalation Vulnerability 7 Yes
CVE-2018-0877 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0880 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0881 Microsoft Windows Video Control Privilege Escalation Vulnerability 7 Yes
CVE-2018-0882 Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability 7 Yes
CVE-2018-0977 Microsoft Windows Win32k Privilege Escalation Vulnerability 7 Yes
CVE-2018-0983 Microsoft Windows Storage Services Privilege Escalation Vulnerability 7 Yes
CVE-2018-0885 Microsoft Windows Hyper-V Denial of Service Vulnerability 5.8
CVE-2018-0811 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0813 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0814 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0919 Microsoft Office Information Disclosure Vulnerability 5.5
CVE-2018-0926 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2018-0787 Microsoft ASP.NET Core Privilege Escalation Vulnerability 5.4
CVE-2018-0909 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0910 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0911 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0912 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0913 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0914 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0915 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0916 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0917 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0921 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0923 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0940 Microsoft Exchange Security Bypass Vulnerability 5.4
CVE-2018-0944 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0947 Microsoft SharePoint Privilege Escalation Vulnerability 5.4
CVE-2018-0884 Microsoft Windows Security Feature Bypass Vulnerability 5.3
CVE-2018-0902 Microsoft Windows Kernel Driver Security Feature Bypass Vulnerability 5.3
CVE-2018-0883 Microsoft Windows Shell Arbitrary Code Execution Vulnerability 5
CVE-2018-0894 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0895 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0896 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0897 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0898 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0899 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0900 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0901 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0904 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0907 Microsoft Office Excel Security Bypass Vulnerability 4.4
CVE-2018-0879 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0927 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0929 Microsoft Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0932 Microsoft Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2018-0939 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0941 Microsoft Exchange Information Disclosure Vulnerability 4.3
CVE-2018-0872 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0873 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0874 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0876 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0893 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0922 Microsoft Office Memory Corruption Vulnerability 4.2
CVE-2018-0925 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0930 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0931 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0933 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0934 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0936 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0937 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0878 Microsoft Windows Remote Assistance Information Disclosure Vulnerability 3.1
CVE-2018-0924 Microsoft Exchange Information Disclosure Vulnerability 3.1
CVE-2018-0942 Microsoft Internet Explorer Security Bypass Vulnerability 3

Related Posts

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

April 17, 2024
In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 9, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024