Patch Tuesday January 2019 – on a post note –

Posted: January 24, 2019 in Uncategorized

Summary: The January MS Security update bundle is categorized as “Patch as Scheduled”, except for the DHCP client patch in Win10 version 1803 which is categorized as “Patch Now”. Adobe Flash is “Patch as Scheduled”.

*******

Microsoft: MS addressed 48 vulnerabilities with 7 rated critical, 1 publicly disclosed, and none are reported as being actively exploited. There is a particular vulnerability discovered affecting the DHCP client in Win10 and Server version 1803 (CVE-2019-0547). This DHCP Client vulnerability is considered a “wormable” bug because the code execution will happen through a widely available listening service. Given the expected impact, the patch should be prioritized. On the other hand, the publicly disclosed vulnerability is (CVE-2019-0579) Jet Database Engine Remote Code Execution Vulnerability.

The vulnerabilities could be new attack vectors for social engineering. However, there are no exploits currently in the wild for the publicly disclosed vulnerability. We rate the January MS patches as “Patch as Scheduled” except for the DHCP Client patch. This month’s vulnerabilities should be mitigated by user-education, email and web-proxy hygiene in order to prevent users handling files or links from unknown or questionable sources.

Links:

 Known Issues:

 

Adobe: In addition to the unscheduled patch released on Jan 3rd for Acrobat reader, Adobe released additional security patches for Flash, Connect, and Adobe Digital Editions. The Flash patch does not address any security bugs but only provides bug fixes. The Connect patch addresses a single CVE correcting a security token exposure. Similarly, the patch for Digital Editions patches a single CVE fixing an out of bounds read. None of these issues are listed as being publicly known or under active attack at the time of release. The Adobe vulnerabilities receive the “Patch as Scheduled” designation.

 

Meltdown/Spectre: The guidance from InfoSec continues to fall into the broad outline of:

  • Consult with your vendors
  • Test aggressively (especially around the MS Reg-hack)
  • Patch everything

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180002

******

Please always remember the rules of safe patching:

  • Deploy to test/dev environment before production
  • Deploy to a pilot/test group before the whole organization
  • Have a plan to roll back if something doesn’t work
  • Test, test, and test!

 

Press:

 

Legend:

  • Patch Now: 1-2 weeks
  • Patch as scheduled: 4-6 weeks
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s