Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Microsoft Fixes Four SandboxEscaper Zero-Days

Microsoft has released its latest monthly security updates and there are four fixes for zero-day threats published recently by SandboxEscaper.

In total Redmond fixed 88 vulnerabilities in this update round with 21 labelled critical.

The four zero-days are all elevation of privilege flaws which affected Windows: CVE-2019-1069 is a bug in the Windows Task Scheduler, CVE-2019-1064 is an elevation of privilege bug in Windows, CVE-2019-1053 is a vulnerability in Windows Shell which could allow elevation of privilege on the affected system by escaping a sandbox and CVE-2019-0973 is a flaw in Windows Installer.

The recently disclosed BlueKeep vulnerability (CVE-2019-0708) in RDP should also be a priority for system admins, after Microsoft warned that it could be “wormable” — that is, exploitable without the need for user interaction.

However, patching is just one part of the defense-in-depth approach IT security teams need to take, according to Ivanti director of security solutions, Chris Goettl.

“Currently around 1.6 million public facing RDP servers are under the attack of a botnet called GoldBrute. Instead of exploiting a vulnerability, GoldBrute is attacking weak passwords. A couple of things to assess in your environment: do you have public facing RDP services exposed? Have you assessed its configuration?” he explained.

“Ideally, blocking RDP at the perimeter is best. Restricting access to a VPN controls the exposure of RDP more. Enabling network-level authentication can help mitigate BlueKeep. Ensure any credentials available over RDP have strong passwords that are changed regularly.”

Elsewhere, there’s one critical update for Flash Player this month, fixing a bug (CVE-2019-7845) which could allow arbitrary code execution on a victim’s machine. Adobe also announced patches for three critical ColdFusion vulnerabilities and seven Adobe Campaign bugs, one of which is critical.

What’s Hot on Infosecurity Magazine?