Time to patch Windows

Microsoft has just released today (10 July 2019) new patches, and here is what you need to know :

• Microsoft has released 1 advisories, 1 servicing stack update, and 77 updates to vulnerabilities, which 15 of these updates are classified as Critical. 
• Microsoft has fixed two actively exploited Zero Day vulnerabilities that could allow programs to run with higher privilege levels. (details below)
• The first zero-day is titled “CVE-2019-1132 – Win32k Elevation of Privilege Vulnerability” and was discovered by Anton Cherepanov, Senior Malware Researcher of ESET.  If exploited, this vulnerability could allow an attacker to “run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
• The second vulnerability is titled “CVE-2019-0880 – Microsoft splwow64 Elevation of Privilege Vulnerability” and was discovered by Gene Yoo
• 5 of those updates pacthed SymCryot Dos which was disclosed by Google
• CVE-2019-0865 – SymCrypt Denial of Service Vulnerability
  CVE-2018-15664 – Docker Elevation of Privilege Vulnerability
  CVE-2019-0962 – Azure Automation Elevation of Privilege Vulnerability
  CVE-2019-1068 – Microsoft SQL Server Remote Code Execution Vulnerability
  CVE-2019-1129 – Windows Elevation of Privilege Vulnerability
• A privilege escalation vulnerability titled “CVE-2019-1130 | Windows Elevation of Privilege Vulnerability” has fixed this month as well , which was disclosed by SandboxEscaper

Windows 10 version 1903 and 1809

• Security updates to: Windows Wireless Networking, Microsoft Scripting Engine, Windows Server, Windows Storage and Filesystems, Windows Kernel, Microsoft HoloLens, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Microsoft Graphics Component, Microsoft Edge, and Windows Cryptography.
• Addresses an issue that may cause BitLocker to go into recovery mode if BitLocker is being provisioned at the same time as updates are being installed. 
• Addresses an issue that may cause Mixed Reality users to see a tilted world after connecting their headsets. 
• Fix to the RASMAN Bug
• Critical servicing stack update was addressed to fix an issue with a Secure Boot feature update that may cause BitLocker to go into recovery mode because of a race condition

Servicing Stack Updates

Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don’t install the latest servicing stack update, there’s a risk that your device can’t be updated with the latest Microsoft security fixes. All Windows 10 users are advised to first update the servicing stack to the latest version before attempting to install the latest cumulative updates.

• Installing servicing stack update does not require restarting the device, so installation should not be disruptive.
• Servicing stack update releases are specific to the operating system version (build number), much like quality updates.
• Servicing stack update addresses an issue with a Secure Boot feature update that may cause BitLocker to go into recovery mode because of a race condition
• SSU updates are available here : MIcrosoft Service Stack Update Catalog  or you can search them here:  Servicing stack update for Windows 10.

Updates for Windows 7

• Minor bug fixes and improvements
• Security fixes  for Microsoft Graphics Component, Windows Storage and Filesystems, Windows Shell, Windows Input and Composition, and Windows Kernel.

Updates for Windows 8.1

• Addresses an issue that may cause BitLocker to go into recovery mode if BitLocker is being provisioned at the same time as updates are being installed.
• Security updates to Windows Wireless Networking, Windows Server, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Input and Composition, Windows Kernel, and Windows App Platform and Frameworks.

Microsoft Office Updates

Microsoft released the July 2019 Office Updates which bundles 20 security and 5 cumulative updates . Six of them fix remote code execution vulnerabilities (CVE-2019-1110 and CVE-2019-1111) within Office 2016, Office 2013, Office 2010, Excel 2016, Excel 2013, and Excel 2010.

Six of the security patches issued also fix information disclosure flaws (CVE-2019-1084 and CVE-2019-1109) impacting Office 2016, Outlook 2016, Skype for Business 2016, Office 2013, Office 2013, Outlook 2013, Skype for Business 2015 (Lync 2013), and Outlook 2010.

Four other security updates are designed to patch authentication bypass vulnerabilities (CVE-2019-1006 and CVE-2019-1134) affecting SharePoint Server 2019, SharePoint Enterprise Server 2016, SharePoint Enterprise Server 2013, SharePoint Foundation 2013, and SharePoint Foundation 2010.

Four advisories released (June 2019)

I am sure by now you have patched the updates from last month which Microsoft released the below advisories that resolve issues with third-party software and hardware, as well as an in-depth security update for Microsoft Exchange Server.

• Adobe Flash Player – ADV190015– June 2019 Adobe Flash Security Update
• Microsoft Devices – ADV190016 – Bluetooth Low Energy Advisory
• Microsoft Devices – ADV190017 – Microsoft HoloLens Remote Code Execution Vulnerabilities
• Microsoft Exchange Server – ADV190018 – Microsoft Exchange Server Defense in Depth Update
• Servicing Stack Updates – ADV990001 – Latest Servicing Stack Updates

• 

More about our book Cybersecurity – Attack and Defense Strategies :

https://www.erdalozkaya.com/cybersecurity-attack-and-defense-strategies-second-edition/