April Patch Tuesday: Don’t Get Burned Twice

Manage Your Vulnerabilities

As we explored in our Total Meltdown article, some updates actually made Windows 7 less secure in the last round of Microsoft Patch Tuesday. Even worse, some caused significant performance issues on older hardware models. Many industry experts are recommending you disable Windows updates, or delay any other form of patch management in anticipation of another bad batch of updates.

Robert Brown, Director of Services for Verismic said, “We trust our technology and we trust the experts leading our security teams. Design a patch management release process which includes time for the necessary testing before global deployment. Not doing patch management only helps the hackers who are looking to expose your network.”

Adobe Patches Critical Bugs in Flash

Adobe fixed four critical vulnerabilities in its Flash Player and InDesign products as part of its regularly scheduled release. In all, Adobe released 13 patches for products including Adobe Experience Manager, Adobe InDesign CC, Adobe Digital Editions and the Adobe PhoneGap Push Plugin. According to Adobe, None of these updates have active exploits in the wild for any of the issues addressed in these updates.

Ransomware Attackers are Targeting Servers over Desktops

According to Verizon, ransomware was found in 39% of cases involving malware. Experts believe ransomware has become so prevalent due to easy deployment, even for less skilled cybercriminals. The risks and costs associated with conducting an operation are also relatively small for the attacker.

Cybercriminals have increasingly started using ransomware to target mission-critical systems, such as file servers and databases. This causes more damage to the targeted organization compared to only desktop systems getting compromised. According to the latest DBIR, financially-motivated attacks remain the most common and accounted for 76% of breaches analyzed in 2017. Cyber espionage is the second most common type of attack, accounting for 13% of breaches.Robert Brown, Director of Services for Verismic said, “When we onboard our clients with Syxsense, we focus not only on protecting the desktops, instead focus on a viable patching strategy which includes all endpoints within the business, including servers. Syxsense has industry experts to help clients protect their environment with a proactive approach to Windows, Linux and Mac OS patch management.”

Patch Tuesday Release

Microsoft addressed 65 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service (DoS) condition. We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

CVE Number Vulnerability Alert CVSS Score Recommended
CVE-2018-1010 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1012 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1013 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1015 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1016 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-0870 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0956 Microsoft Windows HTTP.sys Denial of Service Vulnerability 7.5 Yes
CVE-2018-0981 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0988 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0996 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0997 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1000 Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability 7.5 Yes
CVE-2018-1001 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1018 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1020 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1028 Microsoft Office Graphics Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0957 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0964 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-1003 Microsoft Windows JET Database Engine Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0963 Microsoft Windows Kernel Elevation of Privilege Vulnerability 7 Yes
CVE-2018-1008 Microsoft Adobe Type Font Driver Privilege Escalation Vulnerability 7 Yes
CVE-2018-1009 Microsoft DirectX Graphics Kernel Subsystem Privilege Escalation Vulnerability 7 Yes