July Patch Tuesday: Heavy Downpours

July Patch Tuesday: Heavy Downpours

July Patch Tuesday: Heavy Downpours

It seems July’s rainy forecast isn’t confined to just the weather – Microsoft patches have arrived in a heavy downpour of updates for Windows OS, Office, .Net, SQL, VSTS, JIRA and an Advisory for Microsoft Exchange Server – along with updates in Azure IoT Edge, Azure Kubernetes Service, Azure Automation, Azure DevOps Server, ASP .Net Core, .Net Core and Chakra Core, which goes to show that when it rains, it pours.

So what happened?

Microsoft resolved 77 unique CVEs this month, including three zero-day vulnerabilities.

(CVE-2019-0880)

The first exploited vulnerability (CVE-2019-0880) is an Elevation of Privilege exploit in splwow64 affecting windows 8.1, Server 2012 and later operating systems. This vulnerability enables attackers to elevate their privileges from a low to a medium level that would allow them to execute code.

(CVE-2019-1132)

The second critical vulnerability (CVE-2019-1132) is also an Elevation of Privilege exploit. This vulnerability is in Win32k and affects Windows 7, Server 2008 and Server 2008 R2. In order to exploit this, an attacker would need to acquire log-on access to the system. If exploited, this vulnerability enables the attacker to take full control of the system.

(CVE-2019-11581)

The third vulnerability (CVE-2019-11581) comes with a critical severity security warning from JIRA and was introduced in version 4.4.0 of Jira Server & Jira Data Center updates. When the Contact Administrators Form is enabled, attackers are able to exploit this issue without authentication. Attackers with “JIRA Administrators” access also have means to exploit the vulnerability. More worryingly, successful exploitation of this issue allows an attacker to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center.

In other patch news for July, Mozilla released updates for Firefox, resolving 21 vulnerabilities along with updates for Firefox, ESR, resolving 10 vulnerabilities. Both vulnerabilities are rated critical, as they could lead to information disclosure, sandbox escapes and remote code execution. Oracle’s Critical Patch Update is anticipated next Tuesday, so expect updates from middleware and Java.

As always, Options is actively patching any and all vulnerabilities highlighted above. The critical nature of this month’s release means it is imperative that operating systems and 3rd party software products are always kept up to date and protected.

– Options Vulnerability Management

Leave a Reply

Your email address will not be published. Required fields are marked *