Security Advisory Archives

Microsoft Patch Tuesday – March 19

March 12, 2019

Microsoft Patch Tuesday – March 19

The second Tuesday of the month is here which means its time for more monthly security updates from Microsoft. A total of 64 vulnerabilities have been addressed this month, which include 17 updates rated Critical, 45 Important, with 1 Medium and 1 rated Low.

These updates cover releases for Windows Operating Systems, Edgeand Internet Explorer Browsers, Office, SharePoint, DHCP, Team Foundationserver, Skype for Business and of course the ChakraCore scripting engine.

Microsoft’s Edge browser updates resolve 7 Critical CVE’s that are related to memory corruption vuln's in the scripting engine, these have a regular appearance in patch Tuesday, and are caused by the way objects are handled in memory.

By exploiting these vuln’s, an attacker could execute codeas the current logged in user and take control of the target system, if theuser was logged in with admin rights. The attacker would then be able to installprograms, as well as steal, change or delete data.

The Windows DHCP client has three associated critical CVE’s (CVE-2019-0697, CVE-2019-0698 & CVE-2019-0726) that cover remote code execution vuln’s. An attacker could successfully exploit a memory corruption flaw, by sending specially crafted DHCP responses to the client. The updates released corrects the behaviour of the DHCP client and how it handles certain responses.

Updates for Internet Explorer’s VBScript engine covers more remote code execution CVE’s (CVE-2019-0666 & CVE-2019-0667). Due to weaknesses in how the VBScript engine handles objects in memory, an attacker could trick a user into accessing a specially crafted web page which would allow them to execute code with the rights of the current user. If this user has admin privileges the attacker could take control of the exploited system.

CVE-2019-0592 highlights another critical RCE vuln, this time in the Chakra scripting engine, affecting both the ChakraCore and the MS Edge browser. In what is a common theme this month, this exploit can be triggered due to improper handling of memory objects, if a user is tricked into visiting a malicious website.

Please review this month’s updates and get patching as soonas you can!

Keeping up to date with security patches for your operatingsystems and software, is a critical part of delivering and maintaining a strongsecurity posture, please ensure you test and update as quickly as possible to reducerisk, prevent exploitation and to ultimately stay secure.

For a full list of this month’s updates please see the linksbelow:

Patch Tuesday release notes: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ac45e477-1019-e911-a98b-000d3a33a34d

Security update guide: https://portal.msrc.microsoft.com/en-us/security-guidance

Author

Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.

Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.

Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.

SUBSCRIBE

Ironshare is a provider of Information and Cyber Security services.

we went with; wizard pi