MICROSOFT JULY SECURITY UPDATES
- A remote code execution vulnerability (CVE-2017-8589) exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability goes across all Windows OSes.
- CVE-2017-8563 is an elevation of privilege vulnerability that exists in Microsoft Windows when Kerberos falls back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol. Those of you that use RDP with NTLM is vulnerable and specifically is one of the possibilities the Google researchers found. Specifically those systems supporting the RDP connection need to be patched. This vulnerability once more reveals the necessity of using 2FA (Duo) utilizing elevated privileges.
Agrilife Security recommends all Critical and Important updates be deployed immediately.
ADOBE JULY SECURITY UPDATES AND FLASH
Here is Adobe link for those with non-Microsoft systems to patch: https://helpx.adobe.com/security.html It is important topnote Adobe Update APSB17-21 across Windows, Mac, and Linux OSes and Chrome, IE, and Edge browsers addresses a memory corruption vulnerability that can lead to remote code execution and really needs to be addressed quickly. Some Security researchers are recommending remove the Flash Player plug-in from browsers or at the minimum implement “click-to-play” in Chrome. Flash continues to be a long-running easily exploitable software. To test click-to-play, enabling this feature is described at this help from Google Support:
It is worth consideration as an additional security precaution.
Agrilife Security recommends all Adobe Critical and Important updates be deployed immediately.
JULY 20 UPDATES APPLE and ORACLE
It has been a busy week for Apple and Oracle. Apple released updates to MacOS 10.10, 10.11, and 10.12. They also released security updates in iOS 10.3.3 that were interesting for the level of vulnerabilities being corrected. Info can be found at:
Oracle had their first major security updates across dozens of products since April but for most the updates to Java and MySQL will be of most interest. The link below shows Criticals that need to be applied immediately:
There was a CISCO WebEx security update released at beginning of week but it was for a very backlevel version of the WebEx plug-in/add-in/Chrome extension. The method of updating will be dependent upon browser being used.