A lighter Patch Tuesday this month as Microsoft released just 38 security patches for December, including a fix for a privilege escalation bug that has been reportedly exploited in the wild. A patch for a denial-of-service vulnerability in web applications built with .NET Framework was also released, but is not under active exploit at this time. Of the patches, nine updates are considered critical, and most of those are browser related. The rest are rated important and should also be prioritized. “The mix of affected products is fairly standard, with most fixes being browser-related and a handful of Office patches. The most critical this month is server-side: CVE-2018-8626 is an RCE against Windows DNS Server which could allow an unauthenticated attacker to run arbitrary code by issuing a malicious request to the server,” said Greg Wiseman of Rapid7 in a blog post on the releases. Wiseman said server-related fixes to note this month include two CVEs for SharePoint, as well as patches for Exchange Server 2016 and Microsoft Dynamics NAV. Here are the highlights from this month’s release with the information you need to prioritize your patching efforts. Notable Patches CVE-2018-8611 – Windows Kernel Elevation of Privilege Vulnerability This article is part … Read More
Microsoft released 63 security patches for November, including a fix for a zero-day vulnerability already under active exploitation. Of the patches, 12 updates are considered critical, and almost every other patch is ranked as important. Out of the 12 critical vulnerabilities, 10 can be exploited through browsers or opening malicious files, according to a post from Jimmy Graham of Qualys. “The priority this month should be all Windows OS updates and Edge,” said Chris Goettl of Ivanti. “Internet Explorer has several Important vulnerabilities resolved as does Office, but all of the Critical vulnerabilities, exploits and disclosures are in the OS and Edge browser.” Goettl also notes Microsoft is re-releasing Windows 10 1809 and Server 2019 after pulling them in October due to user data being deleted after upgrading. “Take a moment to test before rolling out just to be cautious,” he said. Here are the highlights from this month’s release with the information you need to prioritize your patching efforts. This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
Microsoft released 49 security patches for October, including updates for vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server. Of these, 12 updates are considered critical, 35 are important. Here are the highlights from this month’s release with the information you need to prioritize your patching efforts. Patches to Pay Attention To This Month CVE-2018-8453 – Win32k Elevation of Privilege Vulnerability This is your top priority this month. It is a vulnerability in Win32k.sys discovered by Kaspersky Lab in August that is under known exploit. “So far, we detected a very limited number of attacks using this vulnerability. The victims are located in the Middle East,” said Kaspersky in a statement on the vulnerability.” This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
We update monthly on Patch Tuesday, install firewalls, anti-virus and anti-spyware, and always coach users to use complex, secure passwords. But apparently it is still not enough. A recent poll of 300 hackers conducted at Black Hat finds Windows OS is still a very hot target for attack. Those that answered the survey were a combination of white hat, gray hat and black hat hackers. Nearly 50 percent of those surveyed said they had compromised Windows-based systems more than any other within the past year. Most said they infiltrated Windows 10 most frequently, followed by Windows 8. Microsoft says Windows 10 has been deployed on 700 million devices since its launch in 2015. Microsoft has prioritized security in recent years, recently noting it will continue to invest over $1 billion a year on cybersecurity and research in order to further enhance the defenses of its products. But clearly, Windows is still seen as a sitting duck for hackers seeking a quick win. Why is that? “With more than 80 percent of the desktop OS market share, it is no surprise that Windows is a hot target for hackers,” said Michael Maltsev, a security researcher at Reason Software Company. “Microsoft is well aware of this, and … Read More
Microsoft released 61 security patches for September, including 17 listed as Critical. Several flaws were publicly disclosed before the release and one is already being actively exploited in the wild. The patches and advisories cover Internet Explorer (IE), Edge, ChakraCore, Azure, Hyper-V, Windows components, .NET Framework, SQL Server, and Microsoft Office and Office Services. You can find all of the updates at the Microsoft portal. Here are the highlights from this month’s release, with the information you need to prioritize your patching efforts. CVE-2018-8440 – Windows ALPC Elevation of Privilege Vulnerability The patch to prioritize this month is CVE-2018-8440, a local privilege escalation vulnerability that arises when Windows incorrectly handles calls to the Advanced Local Procedure Call (ALPC) interface. The flaw was first made public last month via a tweet (which was later deleted) and attackers are already taking advantage of it. At the time it was disclosed, Will Dormann, a Vulnerability Analyst at the CERT/CC noted “I’ve confirmed that this works well in a fully-patched 64-bit Windows 10 system.” This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
Sixteen fixes for browsers should be prioritized. Microsoft released 53 security patches for July, including 18 listed as Critical, 33 as Important, one rated as Moderate, and one considered Low in priority. According to researchers at SANS, three of these vulnerabilities have already been disclosed, but no exploits have been seen yet. The releases impact Internet Explorer (IE), Edge, ChakraCore, Windows, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office and Office Services. Here are highlights from this month’s release with the information you need to prioritize your patching efforts. 16 Browser Vulnerabilities Of the more pressing concerns this month, Qualys director of product management, Jimmy Graham says admins should focus on the 16 common vulnerabilities and exposures (CVEs) covering browsers. This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
Microsoft released 50 updates during its monthly Patch Tuesday release. Eleven are rated critical remote code execution vulnerabilities and 39 are listed as important. The most critical patches impact Microsoft OS and Internet Explorer and deploying the fixes for these vulnerabilities is recommended immediately. Also of note: one of the vulnerabilities, a remote code execution flaw (CVE-2018-8267) in the scripting engine, is listed as being publicly known, but not under active attack, at this time. Here are highlights from this month’s release with the information you need to prioritize your patching efforts. Most Critical Patches Analysis from researchers on this month’s release advises Windows admins to prioritize CVE-2018-8225, a remote code execution vulnerability that occurs when the Windows Domain Name System (DNS) component DNSAPI.dll fails to handle DNS responses properly. This article is part of our premium content. Join Now.Already a paid subscriber? Click here to login.
Two zero-day exploits need attention now, say analysts. Microsoft patched 68 vulnerabilities in its monthly Patch Tuesday release, including two zero-day exploits. Of the patches 21 are listed as critical, 45 rated important and two listed low in severity. Updates this month affect several products including Microsoft Windows, Internet Explorer, Edge, Office and Exchange Server. Obviously, the priority for deploying is for those are those under active attack. That includes are CVE-2018-8174, a Windows VBScript Engine Remote Code Execution Vulnerability. The flaw was discovered and reported by Kaspersky Lab researchers and impacts IE and other projects that embed the IE web rendering engine. “This technique, until fixed, allowed criminals to force Internet Explorer to load, no matter which browser one normally used — further increasing an already huge attack surface,” according to Anton Ivanov, security researcher at Kaspersky, in an email to Ars Technica. “We urge organizations and private users to install recent patches immediately, as it won’t be long before exploits to this vulnerability make it to popular exploit kits and will be used not only by sophisticated threat actors but also by standard cybercriminals.” The other bug to prioritize is CVE-2018-8120, a vulnerability in older Windows OS versions … Read More
Close to 70 vulnerabilities addressed in this month’s Patch Tuesday update from Microsoft Microsoft patched 67 different vulnerabilities in its monthly Patch Tuesday release. Of the common vulnerabilities and exposures (CVEs), 24 are considered Critical, 42 are rated Important, and one is characterized as Moderate in severity. There are no zero-day patches this month. Affected products include: Microsoft Windows, Internet Explorer, Microsoft Edge, ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, Adobe Flash Player, Microsoft Malware Protection Engine, Microsoft Visual Studio, and the Microsoft Azure IoT SDK. Adobe also patched 6 vulnerabilities in Adobe Flash. The details on the releases can be found on the Microsoft site. While there were no zero-day releases, Microsoft had already released urgent fixes in weeks leading up to Tuesday, including one that addresses an exploit that was created in an attempt to correct earlier patch issues related the Meltdown chip vulnerability. Across industry blogs on this month’s patches, researchers noted several of the updates deserved attention. Also notable is Microsoft’s disclosure of a publicly known SharePoint elevation of privilege bug (CVE-2018-1034). “There is one public disclosure this month in SharePoint Server. The challenging aspect of this month is that there are enough … Read More