Patching in Review – Week 11 of 2019
Brian Secrist
Happy Patch Week everyone! While we covered Patch Tuesday earlier this week, other vendors continue releasing securities and other knowledge arises from the patching community in testing.
As more potential issues are discovered, please sure to look at Microsoft’s known issues for the operating systems in your environment. Here are some quick links below:
- Windows 10 / Server 2019 / Server 2016
- Windows 8.1 / Server 2012 R2
- Server 2012
- Windows 7 / Server 2008 R2
- Server 2008
Although this has been mentioned in Week 8 and Week 9, WinRAR continues to fill security news headlines with the considerable abuse of the vulnerability. According to ZDNet, security researchers have seen over 100 unique exploits for CVE-2018-20250 that are being used to infect endpoints. Most of these attacks contain malicious code to place a backdoor on infected systems for further attacks. According to WinRAR, over 500 million endpoints have WinRAR installed, and given the lack of auto update on this application, the variety of these attacks are going to continue to rise.
Patch Tuesday Follow Up
While we list the initial known issues within our Patch Tuesday Webinar, it’s not uncommon for other issues to be discovered of the rest of the week.
One issue has been added to the “Known Issues” section for all Windows 10 Cumulative, Legacy Monthly Rollup, and Internet Explorer 11 patches with the following description:
“After installing this security update, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.”
The workaround here is relatively simple where the user simply needs to open the URL into a new tab but make sure keep an eye out for an isolated non-security fix later this month.
Security Releases
VMware comes in at the tail end of the week with 2 vulnerabilities for their Workstation and Player products. According to VMSA-2019-0002, version 15.0.3 and 14.1.6 remediate CVE-2019-5511 and CVE-2019-5512 where an attacker can leverage the VMX process to elevate their privileges. Make sure to get these included in your Patch Tuesday patch group to reduce patching cycles.
Third-Party Updates
While Patch Tuesday is the primary focus of the week, other third-party vendors have released non-security updates for their software. Although these titles do not contain CVEs, they may also contain valuable stability fixes.
|
Software Title |
Ivanti ID |
Ivanti KB |
|
Audacity 2.3.1 |
AUDACITY-231 |
QAUD231 |
|
CCleaner 5.55.7108 |
CCLEAN-077 |
QCCLEAN5557108 |
|
DropBox 68.4.102 |
DROPBOX-104 |
QDROPBOX684102 |
|
GoToMeeting 8.39.5 |
GOTOM-059 |
QGTM8395 |
|
Malwarebytes 3.7.1.2839 |
MBAM-013 |
QMBAM3712839 |
|
Microsoft Power BI Desktop 2.67.5404.581 |
PBID-051 |
QBI2675404581 |
|
Opera 58.0.3135.107 |
OPERA-204 |
QOP5803135107 |
|
Plex Media Player 2.29.1 |
PLXP-031 |
QPLXP2291961 |
|
Plex Media Server 1.15.1.791 |
PLXS-031 |
QPLXS1151791 |
|
R for Windows 3.5.3 |
R-003 |
QR353 |
|
Skype 8.41.0.54 |
SKYPE-154 |
QSKY841054 |
|
UltraVNC 1.2.2.4 |
UVNC-023 |
QUVNC1224 |
|
Visual Studio Code 1.32.1 |
MSNS19-0307-CODE |
QVSCODE1321 |
|
Visual Studio Code 1.32.2 |
MSNS19-0314-CODE |
QVSCODE1322 |
|
Visual Studio Code 1.32.3 |
MSNS19-0315-CODE |
QVSCODE1323 |
|
VMware Tools 10.3.10 |
VMWT-028 |
QVMWT10310 |
|
Zoom Client 4.3.46560 |
ZOOM-020 |
QZOOM4346560 |
|
Zoom Outlook Plugin 4.6.48723.0311 |
ZOOMOUT-007 |
QZOOMO4648723 |
