Microsoft Patch Tuesday – March 19
The second Tuesday of the month is here which means its time for more monthly security updates from Microsoft. A total of 64 vulnerabilities have been addressed this month, which include 17 updates rated Critical, 45 Important, with 1 Medium and 1 rated Low.
These updates cover releases for Windows Operating Systems, Edge and Internet Explorer Browsers, Office, SharePoint, DHCP, Team Foundation server, Skype for Business and of course the ChakraCore scripting engine.
Microsoft’s Edge browser updates resolve 7 Critical CVE’s that are related to memory corruption vuln’s in the scripting engine, these have a regular appearance in patch Tuesday, and are caused by the way objects are handled in memory.
By exploiting these vuln’s, an attacker could execute code as the current logged in user and take control of the target system, if the user was logged in with admin rights. The attacker would then be able to install programs, as well as steal, change or delete data.
The Windows DHCP client has three associated critical CVE’s (CVE-2019-0697, CVE-2019-0698 & CVE-2019-0726) that cover remote code execution vuln’s. An attacker could successfully exploit a memory corruption flaw, by sending specially crafted DHCP responses to the client. The updates released corrects the behaviour of the DHCP client and how it handles certain responses.
Updates for Internet Explorer’s VBScript engine covers more remote code execution CVE’s (CVE-2019-0666 & CVE-2019-0667). Due to weaknesses in how the VBScript engine handles objects in memory, an attacker could trick a user into accessing a specially crafted web page which would allow them to execute code with the rights of the current user. If this user has admin privileges the attacker could take control of the exploited system.
CVE-2019-0592 highlights another critical RCE vuln, this time in the Chakra scripting engine, affecting both the ChakraCore and the MS Edge browser. In what is a common theme this month, this exploit can be triggered due to improper handling of memory objects, if a user is tricked into visiting a malicious website.
Please review this month’s updates and get patching as soon as you can!
Keeping up to date with security patches for your operating systems and software, is a critical part of delivering and maintaining a strong security posture, please ensure you test and update as quickly as possible to reduce risk, prevent exploitation and to ultimately stay secure.
For a full list of this month’s updates please see the links below:
Patch Tuesday release notes: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ac45e477-1019-e911-a98b-000d3a33a34d
Security update guide: https://portal.msrc.microsoft.com/en-us/security-guidance
Ironshare – Security Simplified