Microsoft patches zero day flaws in February Patch Tuesday

Walden Systems Geeks Corner News Microsoft patches zero day flaws in February Patch Tuesday Network security patches Rutherford NJ New Jersey NYC New York North Bergen County
Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.

Microsoft with busy with Patch Tuesday with 20 critical vulnerabilities addressed in this February's monthly security bulletin. Four bugs, rated important, were previously publicly known. What's worse is that Microsoft stated a zero-day bug tied to its Internet Explorer browser, is being actively exploited in the wild. The zero-day bug is patched (CVE-2019-0676) and is identified as an Internet Explorer Information Disclosure vulnerability. According to researchers, hackers can trick users into opening a malicious website to exploit the browser flaw. This vulnerability exists in all currently supported Windows versions.

Another vulnerability, the PrivExchange bug, was also patched by Microsoft. The flaw (CVE-2019-0686) is an elevated privilege weakness in Microsoft's Exchange Server that could allow a remote hacker with a simple mailbox account to gain administrator privileges. According to Satnam Narang, senior research engineer at Tenable, the PrivExchange bug was publicly disclosed, along with proof-of-concept code, last month. The vulnerability would give a hacker Domain Administrator privileges that would allow them to access domain user credentials.


February's Patch Tuesday covered a range of bugs covering Microsoft Windows, Office, IE, Edge, .Net Framework, Exchange Server, Visual Studio, Team Foundation Server and Asure IoT SDK Dynamics. 71 bugs were patched with 20 identified as critical, 49 were rated important and four moderate. Remote code execution bugs dominated the monthly patch release with almost half of the bugs this month categorized as a Remote Code Execution flaw, or RCE. Many of these are related to the Jet Database Engine and the Access Database. There are two SMB patches mitigated by the fact that the hacker would need to be authenticated first.

Many of these bugs involve SMBv2, but, SMBv1 should be completely disabled on any enterprise by now. System administrators should prioritize a critical Windows Server DHCP remote code execution vulnerability (CVE-2019-0626), which had the highest threat score in this month’s release. This comes after last month's fix of another Windows DHCP Client Remote Code Execution Vulnerability (CVE-2019-0547). This is a constant reminder for system administrators to keep systems updated with patches as well as setting up protocols to mitigate flaws that aren't fixed yet.