{"id":17154,"date":"2019-12-10T19:17:03","date_gmt":"2019-12-11T03:17:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/12\/10\/news-10890\/"},"modified":"2019-12-10T19:17:03","modified_gmt":"2019-12-11T03:17:03","slug":"news-10890","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/12\/10\/news-10890\/","title":{"rendered":"Patch Tuesday, December 2019 Edition"},"content":{"rendered":"

Credit to Author: BrianKrebs| Date: Wed, 11 Dec 2019 01:51:25 +0000<\/strong><\/p>\n

Microsoft<\/strong> today released updates to plug three dozen security holes in its Windows<\/strong> operating system and other software. The patches include fixes for seven critical bugs \u2014 those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks.<\/p>\n

\"\"By nearly all accounts, the chief bugaboo this month is CVE-2019-1458<\/a>, a vulnerability in a core Windows component (Win32k) that is present in Windows 7 through 10 and Windows Server 2008-2019. This bug is already being exploited in the wild, and according to Recorded Future<\/strong> the exploit available for it is similar to CVE-2019-0859<\/a>, a Windows flaw reported in April that was found being sold in underground markets<\/a>.<\/p>\n

CVE-2019-1458 is what’s known as a “privilege escalation” flaw, meaning an attacker would need to previously have compromised the system using another vulnerability. Handy in that respect is CVE-2019-1468<\/a>, a similarly widespread critical issue in the Windows font library that could be exploited just by getting the user to visit a hacked or malicious Web site.<\/p>\n

Chris Goettl<\/strong>, director of security at Ivanti<\/a>, called attention to a curious patch advisory Microsoft released today for CVE-2019-1489<\/a>, which is yet another weakness in the Windows Remote Desktop Protocol<\/strong> (RDP) client, a component of Windows which lets users view and manage their system from a remote computer. What’s curious about this advisory is that it applies only to Windows XP Service Pack 3<\/strong>, which is no longer receiving security updates.<\/p>\n

“The Exploitability Assessment for Latest Software Release and Older Software Release is 0, which is usually the value reserved for a vulnerability that is known to be exploited, yet the Exploited value was currently set to ‘No’ as the bulletin was released today,” Goettl said. “If you look at the Zero Day from this month (CVE-2019-1458<\/a>) the EA for Older Software Release is ‘0 – Exploitation Detected.’ An odd discrepancy on top of a CVE advisory for an outdated OS. It is very likely this is being exploited in the wild.”<\/p>\n

Microsoft didn’t release a patch for this bug on XP, and its advisory on it<\/a> is about as sparse as they come. But if you’re still depending on Windows XP for remote access, you likely have bigger security concerns. Microsoft has patched many critical RDP flaws<\/a> in the past year. Even the FBI last year encouraged users to disable it<\/a> unless needed, citing flawed encryption mechanisms in older versions and a lack of access controls which make RDP a frequent entry point for malware and ransomware.<\/span><\/p>\n

Speaking of no-longer-supported Microsoft operating systems, Windows 7<\/strong> and Windows Server 2008<\/strong> will cease receiving security updates after the next decade’s first Patch Tuesday comes to pass on January 14, 2020.\u00a0While businesses and other volume-license purchasers will\u00a0have the option to pay for further fixes<\/a>\u00a0after that point, all other Windows 7 users who want to stick with Windows will need to consider migrating to\u00a0Windows 10<\/strong>\u00a0soon.<\/p>\n

Windows 10 likes to install patches and sometimes feature updates all in one go and reboot your computer on its own schedule, but you don’t have to accept this default setting. Windows Central<\/em> has a useful guide<\/a> on how to disable or postpone automatic updates until you’re ready to install them. For all other Windows OS users, if you\u2019d rather be alerted to new updates when they\u2019re available so you can choose when to install them, there\u2019s a setting for that in Windows Update. To get there, click the Windows key on your keyboard and type \u201cwindows update\u201d into the box that pops up.<\/p>\n

Keep in mind that while staying up-to-date on Windows patches is a good idea, it\u2019s important to make sure you\u2019re updating only after you\u2019ve backed up your important data and files. A reliable backup means you\u2019re probably not losing your mind when the odd buggy patch causes problems booting the system. So do yourself a favor and backup your files before installing any patches.<\/p>\n

And as always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may even chime in here with some helpful tips.<\/p>\n

Finally, once again there are no security updates for Adobe Flash Player<\/strong> this month (there is a non-security update available), but Adobe did release critical updates for Windows and macOS versions of its Acrobat<\/strong> and PDF Reader<\/strong> that fix more than 20 vulnerabilities in these products. Photoshop<\/strong> and ColdFusion 2018<\/strong> also received security updates today. Links to advisories here<\/a>.<\/p>\n

https:\/\/krebsonsecurity.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: BrianKrebs| Date: Wed, 11 Dec 2019 01:51:25 +0000<\/strong><\/p>\n

Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs \u2014 those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10642],"tags":[23689,11753,16936],"class_list":["post-17154","post","type-post","status-publish","format-standard","hentry","category-independent","category-krebs","tag-microsoft-patch-tuesday-december-2019","tag-recorded-future","tag-time-to-patch"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17154","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17154"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17154\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17154"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17154"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17154"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}