Not Your Usual Patch Tuesday: May Updates
Microsoft has released a security fix for several unsupported versions of Windows, including Windows XP and Windows Server 2003. If you are a user of either of those systems, you need to patch now.
The vulnerability, CVE-2019-0708, is a potentially ‘wormable’ flaw that could result in a malware attack like WannaCry. To exploit the vulnerability “an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP,” Microsoft officials noted.
“The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017,” explains Microsoft officials in today’s Microsoft Security Response Center (MSRC) blog post.
Even though unsupported, Windows 7, XP, and Server 2003, still account for over 35% of the Microsoft-based installations. This vulnerability could potentially affect over 400 million PCs worldwide.Additionally, Remote Desktop alone has already been recognized as an insecure method of remote connection, whether using VPN or not.
An IT solution like Syxsense will facilitate a comprehensive patching strategy as well as offer a fully-encrypted Remote Control to ensure all systems are up to date and protected.
Organizations must act now and implement a proactive approach to securing their networks. An IT solution like Syxsense will facilitate a comprehensive patching strategy to ensure all systems are up to date.
Patch Tuesday Release
Microsoft have released 79 patches today covering IE, Edge, ChakraCore, .NET Framework, Azure, Windows and Office. There are 22 rated Critical and 57 are Important. In this release there are no Moderate or Low in severity, but this is up over last month’s release of 74 updates, so will keep you even busier than April.
Publicly Known & Active Exploits: Prioritize Now
Two of the updates CVE-2019-0863 and CVE-2019-0932 are “Publicly Discovered” where CVE-2019-0863 is already reported to be used in the wild where they are able to run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges – you must prioritise them now.
Robert Brown, Director of Services for Verismic said, “To exploit the vulnerability, an attacker must first gain unprivileged execution on a victims operating system which given the number of Remote Code Execution vulnerabilities in this release makes this specific vulnerability your number 1 priority.”
Adobe Updates
Adobe have released a shockingly huge release this month, counting up to 84 updates for Reader and Acrobat. All updates are Critical or Important priority 2 meaning IT Admins should install these updates within the next 30 days.
Patch Tuesday Release
| Verismic Recommended | CVE Identity | Description / Type | Severity | Publicly Discovered | Actively Being Exploited |
| Yes | CVE-2019-0863 | Windows Error Reporting Elevation of Privilege Vulnerability | Important | Yes | Yes |
| Yes | CVE-2019-0932 | Skype for Android Information Disclosure Vulnerability | Important | Yes | No |
| Yes | CVE-2019-0912 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0913 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0914 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0915 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0916 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0917 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0922 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0924 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0925 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0927 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0933 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0937 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0903 | GDI+ Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-0929 | Internet Explorer Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0940 | Microsoft Browser Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0926 | Microsoft Edge Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0953 | Microsoft Word Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-0884 | Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0911 | Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0918 | Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-0725 | Windows DHCP Server Remote Code Execution Vulnerability | Critical | No | No |
| CVE-2019-0980 | .NET Core Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-0982 | .NET Core Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-0820 | .NET Framework and .NET Core Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-0981 | .Net Framework and .Net Core Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-0864 | .NET Framework Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-1000 | Azure AD Connect Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0727 | Diagnostic Hub Standard Collector, Visual Studio Standard Collector Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0938 | Microsoft Edge Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0957 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0958 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0942 | Unified Write Filter Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0892 | Win32k Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0734 | Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0936 | Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0881 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0707 | Windows NDIS Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0931 | Windows Storage Service Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-0971 | Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0930 | Internet Explorer Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0956 | Microsoft SharePoint Server Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0819 | Microsoft SQL Server Analysis Services Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0758 | Windows GDI Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0882 | Windows GDI Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0961 | Windows GDI Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0886 | Windows Hyper-V Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-0923 | Chakra Scripting Engine Memory Corruption Vulnerability | Important | No | No | |
| CVE-2019-0889 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0890 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0891 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0893 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0894 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0895 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0896 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0897 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0898 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0899 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0900 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0901 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0902 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0945 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0946 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0947 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0952 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0885 | Windows OLE Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-0995 | Internet Explorer Security Feature Bypass Vulnerability | Important | No | No | |
| CVE-2019-1008 | Microsoft Dynamics On-Premise Security Feature Bypass | Important | No | No | |
| CVE-2019-0733 | Windows Defender Application Control Security Feature Bypass Vulnerability | Important | No | No | |
| CVE-2019-0921 | Internet Explorer Spoofing Vulnerability | Important | No | No | |
| CVE-2019-0949 | Microsoft SharePoint Spoofing Vulnerability | Important | No | No | |
| CVE-2019-0950 | Microsoft SharePoint Spoofing Vulnerability | Important | No | No | |
| CVE-2019-0951 | Microsoft SharePoint Spoofing Vulnerability | Important | No | No | |
| CVE-2019-0976 | NuGet Package Manager Tampering Vulnerability | Important | No | No | |
| CVE-2019-0872 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | No | No | |
| CVE-2019-0979 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | No | No | |
| CVE-2019-0963 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No |
