Patching in Review – Week 21 of 2019
Brian Secrist
Although Patch Tuesday occurred over a week ago, BlueKeep (CVE-2019-0708) is still alive and well with continual developments by security researchers. For the latest up to date information, see our evolving blog post with new updates in this vulnerability as well as our webinar going over the latest remediation and mitigation strategies.
After a bit of a hiatus at the beginning of this year, SandboxEscaper is back at it with a series of zero-day disclosures for Windows and Internet Explorer. TheHackerNews has an evolving article covering these continuing disclosures as SandboxEscaper has promised more disclosures. At the time of writing this, SandboxEscaper has released details on 4 different vulnerabilities with two exploits publicly released
- Local privilege escalation bug in Task Scheduler which results in full access to the system
- Vulnerability in the Windows Error Reporting service that allows an attacker to delete or edit any file (dubbed AngryPolarBearBug2)
- Internet Explorer 11 vulnerability where a maliciously crafted dll file can bypass the IE Protected Mode sandbox to execute arbitrary code
- A bypass of the recently patched CVE-2019-0841 which could allow elevated privileges through the Windows AppX Deployment Service
None of the vulnerabilities listed above appear to be critical, so an out of band patch looks unlikely. All the previous vulnerabilities were remediated on a later Patch Tuesday so hopefully we will see a fix sooner than later.
Security Updates
As scheduled, Firefox 67 released this week alongside Firefox ESR 60.7.0 containing numerous security fixes, including 2 critical CVEs. The two critical CVEs, CVE-2019-9814 and CVE-2019-9800, both detail memory safety bugs where memory corruption can lead to an attacker running arbitrary code.
Third-Party Updates
While we’re all still busy with BlueKeep, other vendors released non-security fixes for the week. Take note of the patches below to include in your next patching cycle:
|
Bulletin title |
Bulletin ID |
KB |
|
Bandicut 3.1.5.511 |
BANDICUT-013 |
QBCUT315511 |
|
DropBox 73.4.118 |
DROPBOX-109 |
QDROPBOX734118 |
|
GOM Player 2.3.41.5303 |
GOM-026 |
QGOM23415303 |
|
Google Chrome 74.0.3729.169 |
CHROME-253 |
QGC7403729169 |
|
LibreOffice 6.2.4.2 |
LIBRE-112 |
QLIBRE6242 |
|
Microsoft Power BI Desktop 2.69.5467.1751 |
PBID-056 |
QBI26954671751 |
|
Notepad++ 7.7 |
NPPP-092 |
QNPPP770 |
|
Opera 60.0.3255.109 |
OPERA-215 |
QOP6003255109 |
|
Plex Media Player 2.34.0 |
PLXP-037 |
QPLXP2340983 |
|
Tableau Desktop 2018.1.13 |
TABDESK2018-012 |
QTABDESK2018113 |
|
Tableau Desktop 2018.2.10 |
TABDESK2018-011 |
QTABDESK2018210 |
|
Tableau Desktop 2018.3.7 |
TABDESK2018-010 |
QTABDESK201837 |
|
Tableau Desktop 2019.1.4 |
TABDESK2019-004 |
QTABDESK201914 |
|
Tableau Desktop 2019.2 |
TABDESK2019-005 |
QTABDESK201920 |
|
Tableau Prep Builder 2019.2.1 |
TABPREPB19-002 |
QTABPREPB201921 |
|
Tableau Reader 2019.2 |
TABREAD2019-004 |
QTABREAD201920 |
|
Thunderbird 60.7.0 |
TB19-6070 |
QTB6070 |
|
Wireshark 2.4.15 |
WIRES-095 |
QWIRES2415 |
|
Wireshark 2.6.9 |
WIRES-096 |
QWIRES269 |
|
Wireshark 3.0.2 |
WIRES-097 |
QWIRES302 |
|
Zoom Client 4.4.53595 |
ZOOM-023 |
QZOOM4453595 |
|
Zoom Outlook Plugin 4.7.53562.0517 |
ZOOMOUT-009 |
QZOOMO4753562 |
