{"id":17893,"date":"2020-03-17T20:30:02","date_gmt":"2020-03-18T04:30:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11626\/"},"modified":"2020-03-17T20:30:02","modified_gmt":"2020-03-18T04:30:02","slug":"news-11626","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11626\/","title":{"rendered":"Microsoft Patch Tuesday, March 2020 Edition"},"content":{"rendered":"

Credit to Author: BrianKrebs| Date: Tue, 10 Mar 2020 23:44:29 +0000<\/strong><\/p>\n

Microsoft Corp.<\/strong> today released updates to plug more than 100 security holes in its various Windows<\/strong> operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs.<\/p>\n

All told\"\", this patch batch addresses at least 115 security flaws. Twenty-six of those earned Microsoft’s most-dire “critical” rating, meaning malware or miscreants could exploit them to gain complete, remote control over vulnerable computers without any help from users.<\/p>\n

Given the sheer number of fixes, mercifully there are no zero-day bugs<\/a> to address, nor were any of them detailed publicly prior to today. Also, there were no security patches released by Adobe<\/strong> today. But there are a few eyebrow-raising Windows vulnerabilities worthy of attention.<\/p>\n

Recorded Future<\/strong> warns exploit code is now available for one of the critical bugs Redmond patched last month in Microsoft Exchange<\/strong> (CVE-2020-0688<\/a>), and that nation state actors have been observed abusing the exploit for targeted attacks.<\/p>\n

One flaw fixed this month in Microsoft Word<\/strong> (CVE-2020-0852<\/a>) could be exploited to execute malicious code on a Windows system just by getting the user to load an email containing a booby-trapped document in the Microsoft Outlook<\/strong> preview pane. CVE-2020-0852 is one just four remote execution flaws Microsoft patched this month in versions of Word.<\/p>\n

One somewhat ironic weakness fixed today (CVE-2020-0872<\/a>) resides in a new component Microsoft debuted this year called Application Inspector<\/a>, a source code analyzer designed to help Windows developers identify “interesting” or risky features in open source software (such as the use of cryptography, connections made to a remote entity, etc).<\/p>\n

Microsoft said this flaw can be exploited if a user runs Application Inspector on a hacked or booby-trapped program. Whoops. Animesh Jain<\/strong> from security vendor Qualys<\/strong> says<\/a> this patch should be prioritized, despite being labeled as less severe (“important” versus “critical”) by Microsoft.<\/p>\n

For enterprises, Qualys recommends prioritizing the patching of desktop endpoints over servers this month, noting that most of the other critical bugs patched today are prevalent on workstation-type devices. Those include a number of flaws that can be exploited simply by convincing a Windows user to browse to a malicious or hacked Web site.<\/span><\/p>\n

While many of the vulnerabilities fixed in today’s patch batch affect Windows 7 operating systems, this OS is no longer being supported with security updates (unless you\u2019re an enterprise taking advantage of Microsoft\u2019s\u00a0paid extended security updates program<\/a>, which is available to Windows 7 Professional and Windows 7 enterprise users).<\/p>\n

If you rely on Windows 7 for day-to-day use, it\u2019s probably time to think about upgrading to something newer. That might be a computer with Windows 10. Or maybe you have always wanted that shiny MacOS computer.<\/p>\n

If cost is a primary motivator and the user you have in mind doesn\u2019t do much with the system other than browsing the Web, perhaps a\u00a0Chromebook<\/strong>\u00a0or an older machine with a recent version of\u00a0Linux<\/strong>\u00a0is the answer (Ubuntu may be easiest for non-Linux natives). Whichever system you choose, it\u2019s important to pick one that fits the owner\u2019s needs and provides security updates on an ongoing basis.<\/p>\n

Keep in mind that while staying up-to-date on Windows patches is a must, it\u2019s important to make sure you\u2019re updating only after you\u2019ve backed up your important data and files. A reliable backup means you\u2019re not losing your mind when the odd buggy patch causes problems booting the system.<\/p>\n

So do yourself a favor and backup your files before installing any patches. Windows 10 even has\u00a0some built-in tools<\/a>\u00a0to help you do that, either on a per-file\/folder basis or by making a complete and bootable copy of your hard drive all at once.<\/p>\n

As always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips. Also, keep an eye on the\u00a0AskWoody blog<\/a>\u00a0from\u00a0Woody Leonhard<\/strong>, who keeps a close eye on buggy Microsoft updates each month.<\/p>\n

Update, 7:50 p.m.:<\/strong> Microsoft has released an advisory<\/a> about a remote code execution vulnerability in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. Critical SMB (Windows file-sharing) flaws are dangerous because they are typically “wormable,” in that they can spread rapidly to vulnerable systems across an internal network with little to no human interaction.<\/p>\n

“To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server,” Microsoft warned. “To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it.”<\/p>\n

Microsoft’s advisory says the flaw is neither publicly disclosed nor exploited at the moment. It includes a workaround to mitigate the flaw in file-sharing servers, but says the workaround does not prevent the exploitation of clients.<\/p>\n

https:\/\/krebsonsecurity.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: BrianKrebs| Date: Tue, 10 Mar 2020 23:44:29 +0000<\/strong><\/p>\n

Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10642],"tags":[24429,24430,24214,24431,24432,13457,11753,16936],"class_list":["post-17893","post","type-post","status-publish","format-standard","hentry","category-independent","category-krebs","tag-animesh-jain","tag-application-inspector","tag-cve-2020-0688","tag-cve-2020-0852","tag-cve-2020-0872","tag-qualys","tag-recorded-future","tag-time-to-patch"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17893","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17893"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17893\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17893"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17893"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17893"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}