April Patch Tuesday Round-Up
Hey All,
I think we have reached enough critical mass in issues and news regarding patch Tuesday to warrant getting this out today. Here are the things to note regarding Patch Tuesday so far.
APSB15-006 - Flash Player - This update resolves 22 vulnerabilities including a Zero Day. This vulnerability is actively being used in malvertising attacks. Get this rolled out ASAP! You need to update the OS, the IE Advisory (KB3049508), the latest Chrome update (42.0.2311.90), and FireFox (should show up as another instance of APSB15-006: Flash Player Plug-In when scanning with Protect).
MS15-032 - Cumulative Security Update for IE - On IE11 SSL v3 is now disabled by default. We have seen reports of websites no longer being accessible after applying this update as the website in question used SSL v3.
MS15-033 - Critical Update for Word, Word Viewer, and SharePoint. CVE-2015-1641, which is actively being exploited in phishing attacks, is resolved by this update. I definitely agree with David Picotte's, manager of security engineering at Rapid7, quote in this article. Give your users a refresher in spotting phishing scams and be vigilant in patching.
MS15-034 - Vulnerability in HTTP.sys could allow remote code execution - PoCs now working and able to crash an IIS server. There is a call out from the security community to expedite patching of this vulnerability. DoS attacks are increasingly more common. According to the recent Verizon 2015 DBIR, 10 CVE's contributed 97% of exploits observed in 2014. Of those 10, three were DoS attacks dating back to 2001 and 2002. The same report also showed that half of the CVE's exploited in 2014 fell within just a couple of weeks of the publish date.
MS15-036 - Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege (3052044) - Make sure to run psconfig after applying the patch to finalize the update. This is an unfortunate manual step that is required.
That's all for today. If you are going to RSA next week, stop by and see us at booth N2628. We hope to see you there!
Chris