{"id":14822,"date":"2019-03-12T22:17:06","date_gmt":"2019-03-13T06:17:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/03\/12\/news-8571\/"},"modified":"2019-03-12T22:17:06","modified_gmt":"2019-03-13T06:17:06","slug":"news-8571","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/03\/12\/news-8571\/","title":{"rendered":"Patch Tuesday, March 2019 Edition"},"content":{"rendered":"<p><strong>Credit to Author: BrianKrebs| Date: Wed, 13 Mar 2019 04:55:28 +0000<\/strong><\/p>\n<p><strong>Microsoft<\/strong> on Tuesday pushed out software updates to fix more than five dozen security vulnerabilities in its <strong>Windows<\/strong> operating systems, <strong>Internet Explorer<\/strong>, <strong>Edge<\/strong>, <strong>Office<\/strong> and <strong>Sharepoint<\/strong>. If you (ab)use Microsoft products, it&#8217;s time once again to start thinking about getting your patches on. Malware or bad guys can remotely exploit roughly one-quarter of the flaws fixed in today&#8217;s patch batch without any help from users.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignright size-full wp-image-26837\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2014\/07\/brokenwindows.png\" alt=\"\" width=\"229\" height=\"240\" \/>One interesting patch from Microsoft this week comes in response to a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Zero-day_(computing)\" target=\"_blank\" rel=\"noopener\">zero-day<\/a> vulnerability (<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-0797\" target=\"_blank\" rel=\"noopener\">CVE-2019-0797<\/a>) reported by researchers at <strong>Kaspersky Lab, <\/strong>who discovered the bug could be (and is being) exploited to install malicious software.<\/p>\n<p>Microsoft also addressed a zero day flaw (<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-0808\" target=\"_blank\" rel=\"noopener\">CVE-2019-0808<\/a>) in Windows 7 and Windows Server 2008 that&#8217;s been abused in conjunction with a previously unknown weakness (CVE-2019-5786)\u00a0in Google&#8217;s Chrome browser.\u00a0A <a href=\"https:\/\/security.googleblog.com\/2019\/03\/disclosing-vulnerabilities-to-protect.html\">security alert<\/a> from Google last week said attackers were chaining the Windows and Chrome vulnerabilities to drop malicious code onto vulnerable systems.<\/p>\n<p>If you use Chrome, take a moment to make sure you have this update and that there isn&#8217;t an arrow to the right of your Chrome address bar signifying the availability of new update. If there is, close out and restart the browser; it should restore whatever windows you have open on restart.<span id=\"more-46905\"><\/span><\/p>\n<p>This is the third month in row Microsoft has released patches to fix high-severity, critical flaws in the\u00a0Windows component responsible for assigning Internet addresses to host computers (a.k.a. \u201cWindows DHCP client\u201d).<\/p>\n<p>These are severe &#8220;receive a bad packet of data and get owned&#8221; type vulnerabilities. But <strong>Allan Liska<\/strong>, senior solutions architect at security firm Recorded Future, says DHCP vulnerabilities are often difficult to take advantage of, and the access needed to do so generally means there are easier ways to deploy malware.<\/p>\n<p>The bulk of the remaining critical bugs fixed this month reside in Internet Explorer, Edge and Office. All told, not the craziest Patch Tuesday. Even Adobe&#8217;s given us a month off (or at least a week) patching critical Flash Player bugs: The Flash player update shipped this week includes non-security updates.<\/p>\n<p>Staying up-to-date on Windows patches is good. Updating only after you&#8217;ve backed up your important data and files is even better. A good backup means you&#8217;re not pulling your hair out if the odd buggy patch causes problems booting the system.<\/p>\n<p><strong>Windows 10<\/strong>\u00a0likes to install patches all in one go and reboot your computer on its own schedule. Microsoft doesn\u2019t make it easy for Windows 10 users to change this setting,\u00a0<a href=\"https:\/\/www.howtogeek.com\/224471\/how-to-prevent-windows-10-from-automatically-downloading-updates\/\" target=\"_blank\" rel=\"noopener\">but it is possible<\/a>. For all other Windows OS users, if you\u2019d rather be alerted to new updates when they\u2019re available so you can choose when to install them, there\u2019s a setting for that in\u00a0<strong>Windows Update<\/strong>.<\/p>\n<p>As always, if you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there\u2019s a good chance other readers have experienced the same and may even chime in here with some helpful tips.<\/p>\n<p>Further reading:<\/p>\n<p><a href=\"https:\/\/blog.qualys.com\/laws-of-vulnerabilities\/2019\/03\/12\/march-2019-patch-tuesday-65-vulns-18-critical-rces-in-dhcp-client-adobe-vulns\" target=\"_blank\" rel=\"noopener\">Qualys<\/a><\/p>\n<p><a href=\"https:\/\/isc.sans.edu\/forums\/diary\/Microsoft+March+2019+Patch+Tuesday\/24742\/\" target=\"_blank\" rel=\"noopener\">SANS Internet Storm Center<\/a><\/p>\n<p><a href=\"https:\/\/www.askwoody.com\/2019\/march-2019-patch-tuesday-patches\/\" target=\"_blank\" rel=\"noopener\">Ask Woody<\/a><\/p>\n<p><a href=\"https:\/\/www.zdnet.com\/article\/microsoft-march-patch-tuesday-comes-with-fixes-for-two-windows-zero-days\/\" target=\"_blank\" rel=\"noopener\">ZDNet<\/a><\/p>\n<p><a href=\"https:\/\/krebsonsecurity.com\/2019\/03\/patch-tuesday-march-2019-edition\/\" target=\"bwo\" >https:\/\/krebsonsecurity.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2014\/07\/brokenwindows.png\"\/><\/p>\n<p><strong>Credit to Author: BrianKrebs| Date: Wed, 13 Mar 2019 04:55:28 +0000<\/strong><\/p>\n<p>Microsoft on Tuesday pushed out software updates to fix more than five dozen security vulnerabilities in its Windows operating systems, Internet Explorer, Edge, Office and Sharepoint. If you (ab)use Microsoft products, it&#8217;s time once again to start thinking about getting your patches on. Malware or bad guys can remotely exploit roughly one-quarter of the flaws fixed in today&#8217;s patch batch without any help from users.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10642],"tags":[18720,20407,21232,21233,21234,3493,21235,13457,15801,16936,19708],"class_list":["post-14822","post","type-post","status-publish","format-standard","hentry","category-independent","category-krebs","tag-allan-liska","tag-ask-woody","tag-cve-2019-0797","tag-cve-2019-0808","tag-cve-2019-5786","tag-kaspersky-lab","tag-patch-tuesday-march-2019","tag-qualys","tag-sans-internet-storm-center","tag-time-to-patch","tag-zdnet"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14822","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14822"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14822\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14822"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14822"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14822"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}