Cyber Round-up for 15th November
Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The UK’s Labour party recently went public about a denial-of-service attack that took their website offline, however it appears that they also had an unintentional data leak. According to The Times newspaper, the names of some donors were made accessible to the public, as well as the size and time of their donations. This information could apparently be accessed without security checks on any web browser. The DDoS and data breach appear to be coincidental and were not related, however the unfortunate timing has made them a target for the media.
Apple has removed an application from the App Store that allowed users to track other people’s Instagram activity. The app, called Like Patrol, was found to be in violation of Apple’s data collection policies and immediately removed it from the store without question. Like Patrol was charging its’ users $80 per year to use the application; this has the app’s developers unhappy since it isn’t classified as stalkerware and doesn’t provide any more data than the Instagram service. This app does not appear to be on any other app store, such as Google Play store, meaning it can no longer be downloaded from anywhere legitimate.
As Windows 7 and Windows Server 2008 approach end of life, users have been worried about the discontinuation of security updates for the operating systems. In response to this, Microsoft has given users the option to pay for continued security updates after support for the operating systems stops. Users have also been given the choice to sign up for an extended security update test to ensure their systems are ready, before the program goes live on January 14, 2020.
The BlueKeep vulnerability exploit, which is available in a module for the Metasploit penetration testing framework, has reportedly been crashing the systems it is being used on. Most of the time it works as expected, however it can occasionally present the user with a blue screen of death error, rather than the expected remote shell; this week a fix will be released for the bug, making the attack more reliable. This will likely pave the way for increased use against vulnerable systems. If you are yet to patch your systems to protect against BlueKeep, we suggest you get this done quickly.
Vulnerabilities & Updates
Microsoft’s Patch Tuesday for November has arrived and addresses 75 vulnerabilities, including 13 that are considered critical. Among these flaws are remote code execution vulnerabilities in Microsoft Excel and Media Foundation; these are some of the most important flaws patched in this edition. Details on everything addressed in this patch Tuesday are included in the original Talos post. We recommend updating your systems with these latest patches as soon as possible.
Adobe’s monthly patch for November addresses three critical vulnerabilities, as well as eight important ones. The critical flaws include two remote code executions for Adobe Illustrator that affect Windows v23.1 and earlier. The other critical vulnerability was present in the Media Encoder application and only affects version 13.1. Details on the rest of the vulnerabilities in this patch are included in the original post.
And that’s it for this week round-up, please don’t forget to tune in for our next instalment.
Why not follow us on social media using the links provided on the right.
Edition #67 – 15th November 2019
Ironshare – Security Simplified