web analytics

February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server

It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services, and the .NET Framework. A total of 21 CVEs were disclosed through the Zero Day Initiative (ZDI) program.

The patch release covers CVE-2019-0676, an actively exploited Internet Explorer Information Disclosure Vulnerability. The browser flaw exists in cases when IE improperly handles objects in memory. An attacker who successfully exploits it could test for the presence of files on disk. In order to take advantage of the vulnerability, an attacker has to persuade a user to visit a malicious site.

Among the issues also patched by Microsoft is a privilege escalation vulnerability (CVE-2019-0686) in its Exchange server. The vulnerability allows an attacker to gain the same rights as any other Exchange server user and to access other users’ mailboxes. In addition, system administrators are advised to prioritize patching a critical-rated Windows DHCP server remote code execution vulnerability (CVE-2019-0626). The bug allows attackers to take over a network’s DHCP server by sending it a specially crafted packet.

Adobe also released a large update, closing 71 security holes in its products, 17 of which were handled by the ZDI program. The patches address flaws in Acrobat and Reader, ColdFusion, Creative Cloud, and Flash. The patch for ColdFusion is rated as Critical but only addresses two CVEs. Taking advantage of the bugs could allow code execution through the deserialization of untrusted data or disclose information through cross-site scripting.

The Trend Micro™ Deep Security™ platform and Vulnerability Protection protect user systems from any threats that may target the vulnerabilities addressed in this month’s round of updates via the following DPI rules:

  • 1009497-Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-0648)
  • 1009498-Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0650)
  • 1009499-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0644
  • 1009500-Microsoft Windows Multiple Security Vulnerabilities (Feb-2019)
  • 1009501-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0590)
  • 1009502-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0591)
  • 1009503-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0593)
  • 1009504-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0607)
  • 1009505-Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2019-0606)
  • 1009506-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0610)
  • 1009507-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0640)
  • 1009508-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0642)
  • 1009509-Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0645)
  • 1009510-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0651)
  • 1009511-Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2019-0630)
  • 1009512-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0652)
  • 1009513-Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2019-0676)
  • 1009514-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0658)
  • 1009515-Microsoft Excel Information Disclosure Vulnerability (CVE-2019-0669)
  • 1009516-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-0655)

Customers who have the Trend Micro™ TippingPoint® system are protected from threats that may exploit this month’s list of vulnerabilities via these MainlineDV filters:

  • 34351: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 34352: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 34354: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 34355: HTTP: Microsoft Edge WebAssembly exports Property Type Confusion Vulnerability
  • 34356: HTTP: Microsoft Edge JIT Engine Out-of-Bounds Write Vulnerability
  • 34357: HTTP: Microsoft Windows Kernel Information Disclosure Vulnerability
  • 34358: HTTP: Microsoft Windows Win32k Information Disclosure Vulnerability
  • 34359: SMB: Microsoft SMB Buffer Overflow Vulnerability
  • 34361: HTTP: Microsoft Windows Information Disclosure Vulnerability
  • 34362: HTTP: Microsoft Edge Window.eval Use-After-Free Vulnerability
  • 34363: HTTP: Microsoft Edge Object Push Buffer Overflow Vulnerability
  • 34364: HTTP: Microsoft Edge With Method Memory Corruption Vulnerability
  • 34365: HTTP: Microsoft Edge Out-Of-Bounds Read Vulnerability
  • 34366: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 34367: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 34368: HTTP: Microsoft Edge Out-of-Bounds Write Vulnerability
  • 34369: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 34370: HTTP: Microsoft Windows Win32k Use-After-Free Vulnerability
  • 34371: HTTP: Microsoft Edge Out-Of-Bounds Read Vulnerability
  • 34372: HTTP: Microsoft Windows NT Information Disclosure Vulnerability
  • 34373: HTTP: Microsoft Excel Out-of-Bounds Write Vulnerability
  • 34374: HTTP: Microsoft Internet Explorer Information Disclosure Vulnerability
  • 34375: HTTP: Microsoft Edge SVG Use-After-Free Vulnerability

The post February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server appeared first on .