April Patch Tuesday: Stop Active Exploits
Microsoft have released 74 patches today covering IE, Edge, Exchange, Windows and Office. There are 13 rated Critical and 61 are Important. In this release there are no Moderate or Low in severity but this is up over last month’s release of 64 updates, this release will keep you busy.
Prioritize Active Exploits
Two of the updates CVE-2019-0803 and CVE-2019-0859 are “Being Exploited” meaning you should prioritise them now. Robert Brown, Director of Services for Verismic said, “You should treat these updates with the highest importance because a similar vulnerability this year in Win32k elevation caused some significant global intrusions via malware infections.”
Adobe Updates
Adobe have released 8 updates today, for Reader, Flash, Shockwave, InDesign and Dreamweaver and a few others. The update for Flash is Critical meaning IT Admins should install these updates within the next 30 days.
Some Features Updates are Now Retired
Act now to keep your environment future proofed as updates will automatically uninstall.
Today the Windows 10 feature update version 1709 (and previous) is retired on Home, Pro and Pro for Workstations editions. If you try to deploy any security updates / patches to Windows 10 which are no longer supported, those updates will uninstall the next time the PC restarts. Ask your account manager how Syxsense can help you deploy your Windows 10 Feature Updates.
We have made a few recommendations below which you should prioritize, use Syxsense to organize and deploy Windows, third-party, Mac OS, and Linux updates to keep your environment safe.
Patch Tuesday Release
| Verismic Recommended | ID | Description | Severity | Publicly Disclosed | Actively being Exploited |
| Yes | CVE-2019-0803 | Win32k Elevation of Privilege Vulnerability | Important | No | Yes |
| Yes | CVE-2019-0859 | Win32k Elevation of Privilege Vulnerability | Important | No | Yes |
| Yes | CVE-2019-0739 | Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0786 | SMB Server Elevation of Privilege Vulnerability | Critical | No | No |
| Yes | CVE-2019-0791 | MS XML Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-0792 | MS XML Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-0793 | MS XML Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-0806 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0810 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0812 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0829 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-0860 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0861 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| CVE-2019-0685 | Win32k Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0688 | Windows TCP/IP Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0730 | Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0731 | Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0732 | Windows Security Feature Bypass Vulnerability | Important | No | No | |
| CVE-2019-0735 | Windows CSRSS Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0752 | Scripting Engine Memory Corruption Vulnerability | Important | No | No | |
| CVE-2019-0753 | Scripting Engine Memory Corruption Vulnerability | Important | No | No | |
| CVE-2019-0764 | Microsoft Browsers Tampering Vulnerability | Important | No | No | |
| CVE-2019-0790 | MS XML Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0794 | VBScript Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0795 | MS XML Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0796 | Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0801 | Office Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0802 | Windows GDI Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0805 | Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0813 | Windows Admin Center Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0814 | Win32k Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0815 | ASP.NET Core Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-0817 | Microsoft Exchange Spoofing Vulnerability | Important | No | No | |
| CVE-2019-0822 | Microsoft Graphics Components Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0823 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0824 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0825 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0826 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0827 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0828 | Microsoft Excel Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0830 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | |
| CVE-2019-0831 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | |
| CVE-2019-0833 | Microsoft Edge Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0835 | Microsoft Scripting Engine Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0836 | Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0837 | DirectX Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0838 | Windows Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0839 | Windows Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0840 | Windows Kernel Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0841 | Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0842 | Windows VBScript Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0844 | Windows Kernel Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0846 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0847 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0848 | Win32k Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0849 | Windows GDI Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0851 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0856 | Windows Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0857 | Team Foundation Server Spoofing Vulnerability | Important | No | No | |
| CVE-2019-0858 | Microsoft Exchange Spoofing Vulnerability | Important | No | No | |
| CVE-2019-0862 | Windows VBScript Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0866 | Team Foundation Server Cross-site Scripting Vulnerability | Important | No | No | |
| CVE-2019-0867 | Team Foundation Server Cross-site Scripting Vulnerability | Important | No | No | |
| CVE-2019-0868 | Team Foundation Server Cross-site Scripting Vulnerability | Important | No | No | |
| CVE-2019-0869 | Team Foundation Server HTML Injection Vulnerability | Important | No | No | |
| CVE-2019-0870 | Team Foundation Server Cross-site Scripting Vulnerability | Important | No | No | |
| CVE-2019-0871 | Team Foundation Server Cross-site Scripting Vulnerability | Important | No | No | |
| CVE-2019-0874 | Team Foundation Server Cross-site Scripting Vulnerability | Important | No | No | |
| CVE-2019-0875 | Azure DevOps Server Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0876 | Open Enclave SDK Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0877 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0879 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No |
