Automox Patch Tuesday Breakdown: January 2019
icrosoft kicked off the new year with a bundle of security patches which resolved a total of 47 unique vulnerabilities. While most are rated as important, seven of the updates were rated as critical and we will run through them in this month’s Automating Patch Tuesday report. Luckily, none of these vulnerabilities were publicly disclosed or published and none of them are currently being exploited in the wild, as far as Microsoft knows!
First, we have a group of vulnerabilities in the Microsoft ChakraCore scripting engine that impact the Microsoft Edge browser and Windows 10. These are CVE-2019-0539, CVE-2019-0565, CVE-2019-0567, and finally CVE-2019-0568. All four of these vulnerabilities allow for remote code execution, and even worse, in some cases would allow an attacker to take full control of an affected system.
There are also two critical vulnerabilities that allow remote code execution in Microsoft Hyper-V, impacting various versions of Windows 10 and Windows Server: CVE-2019-0550 and CVE-2019-0551. If an attacker were to exploit either of these vulnerabilities, they would be able to execute arbitrary code on the host operating system.
Finally, there is a single vulnerability that was patched for the Windows DHCP Client that impacts multiple versions of Windows 10 and Windows Server. This one is CVE-2019-0547and if properly exploited by an attacker, it would allow them to run arbitrary code on the machine.
The following four updates were recalled because they caused Office 2010 apps to crash on launch. The patches covered fixing errors in displaying Japanese dates.
- Update for Microsoft Excel 2010 (KB4461627)
- Update for Microsoft Office 2010 (KB4032217)
- Update for Microsoft Office 2010 (KB4032225)
- Update for Microsoft Office 2010 (KB4461616)
Aside from the critical vulnerabilities outlined above, Microsoft issued over 1000 patches for over 50 different vulnerabilities this month alone, highlighting the difficulty that system administrators face in confidently and consistently keeping their operating systems and applications patched in order to mitigate unknown security risks in their environments.
Automox can help ensure your systems are adequately patched in a timely manner in order to protect your organization against any of these vulnerabilities. As a best practice, you should always ensure that you have at least one patch policy assigned to all of your devices for Critical, Medium, and Low severity patches. These updates are generally Security and Cumulative software updates. Automox is designed to automate your response to zero-day vulnerabilities like this and others across the Windows, Mac, and Linux operating systems.
Current Automox customers can create policies that automatically handle the patching and execution of important updates for you every single month. Alternatively, you may contact our support team for any technical assistance at firstname.lastname@example.org.
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.