Time to Patch Windows (July 2019)

Time to Patch Windows (July 2019)

by Dr. Erdal Ozkaya

Microsoft has just released today (10 July 2019) new patches, and here is what you need to know :

  • Microsoft has released 1 advisory, 1 servicing stack update, and 77 updates to vulnerabilities, which 15 of these updates are classified as Critical
  • Microsoft has fixed two actively exploited Zero Day vulnerabilities that could allow programs to run with higher privilege levels. (details below)
  • The first zero-day is titled “CVE-2019-1132 – Win32k Elevation of Privilege Vulnerability” and was discovered by Anton Cherepanov (ESET). If exploited, this vulnerability could allow an attacker to “run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
  • The second vulnerability is titled “CVE-2019-0880 – Microsoft splwow64 Elevation of Privilege Vulnerability” and was discovered by Gene Yoo
  • 5 of those updates pacthed SymCryot Dos which was disclosed by Google
  • CVE-2019-0865 – SymCrypt Denial of Service Vulnerability
  • CVE-2018-15664 – Docker Elevation of Privilege Vulnerability
  • CVE-2019-0962 – Azure Automation Elevation of Privilege Vulnerability
  • CVE-2019-1068 – Microsoft SQL Server Remote Code Execution Vulnerability
  • CVE-2019-1129 – Windows Elevation of Privilege Vulnerability
  • A privilege escalation vulnerability titled “CVE-2019-1130 | Windows Elevation of Privilege Vulnerability” has fixed this month as well , which was disclosed by SandboxEscaper

Windows 10 version 1903 and 1809

  • Security updates to: Windows Wireless Networking, Microsoft Scripting Engine, Windows Server, Windows Storage and Filesystems, Windows Kernel, Microsoft HoloLens, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Microsoft Graphics Component, Microsoft Edge, and Windows Cryptography.
  • Addresses an issue that may cause BitLocker to go into recovery mode if BitLocker is being provisioned at the same time as updates are being installed. 
  • Addresses an issue that may cause Mixed Reality users to see a tilted world after connecting their headsets. 
  • Fix to the RASMAN Bug
  • Critical servicing stack update was addressed to fix an issue with a Secure Boot feature update that may cause BitLocker to go into recovery mode because of a race condition

Servicing Stack Updates

Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don’t install the latest servicing stack update, there’s a risk that your device can’t be updated with the latest Microsoft security fixes. All Windows 10 users are advised to first update the servicing stack to the latest version before attempting to install the latest cumulative updates.

  • Installing servicing stack update does not require restarting the device, so installation should not be disruptive.
  • Servicing stack update releases are specific to the operating system version (build number), much like quality updates.
  • Servicing stack update addresses an issue with a Secure Boot feature update that may cause BitLocker to go into recovery mode because of a race condition
  • SSU updates are available here : MIcrosoft Service Stack Update Catalog or you can search them here:  Servicing stack update for Windows 10.

Updates for Windows 7

  • Minor bug fixes and improvements
  • Security fixes for Microsoft Graphics Component, Windows Storage and Filesystems, Windows Shell, Windows Input and Composition, and Windows Kernel.

Updates for Windows 8.1

  • Addresses an issue that may cause BitLocker to go into recovery mode if BitLocker is being provisioned at the same time as updates are being installed.
  • Security updates to Windows Wireless Networking, Windows Server, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Input and Composition, Windows Kernel, and Windows App Platform and Frameworks.

Microsoft Office Updates

Microsoft released the July 2019 Office Updates which bundles 20 security and 5 cumulative updates . Six of them fix remote code execution vulnerabilities (CVE-2019-1110 and CVE-2019-1111) within Office 2016, Office 2013, Office 2010, Excel 2016, Excel 2013, and Excel 2010.

Six of the security patches issued also fix information disclosure flaws (CVE-2019-1084 and CVE-2019-1109) impacting Office 2016, Outlook 2016, Skype for Business 2016, Office 2013, Office 2013, Outlook 2013, Skype for Business 2015 (Lync 2013), and Outlook 2010.

Four other security updates are designed to patch authentication bypass vulnerabilities (CVE-2019-1006 and CVE-2019-1134) affecting SharePoint Server 2019, SharePoint Enterprise Server 2016, SharePoint Enterprise Server 2013, SharePoint Foundation 2013, and SharePoint Foundation 2010.

Four advisories released (June 2019)

I am sure by now you have patched the updates from last month which Microsoft released the below advisories that resolve issues with third-party software and hardware, as well as an in-depth security update for Microsoft Exchange Server.

  • Adobe Flash Player – ADV190015– June 2019 Adobe Flash Security Update
  • Microsoft Devices – ADV190016 – Bluetooth Low Energy Advisory
  • Microsoft Devices – ADV190017 – Microsoft HoloLens Remote Code Execution Vulnerabilities
  • Microsoft Exchange Server – ADV190018 – Microsoft Exchange Server Defense in Depth Update
  • Servicing Stack Updates – ADV990001 – Latest Servicing Stack Updates

About the Author

Dr. Erdal Ozkaya ,is a leading Cybersecurity Professional with business development, management and Academic skills who focuses on securing the Cyber Space & sharing his real-life skills as a Security Adviser, Speaker, Lecturer and Author.

Erdal is known to be passionate about reaching communities, and creating cyber aware campaigns and leveraging new and innovative approaches and technologies to holistically address the information security and privacy needs for every person and organization in the world. He has co authored many cybersecurity books as well as security certification courseware and exams for different vendors.

Erdal has the following qualifications: Doctor of Philosophy in Cybersecurity. Master of Computing Research, Master of Information Systems Security, Bachelor of Information Technology, Microsoft Certified Trainer, Microsoft Certified Learning Consultant, ISO27001 Auditor & Implementer, Certified Ethical Hacker (CEH), Certified Ethical Instructor & Licensed Penetration Tester. He is an award-winning technical expert & speaker: His recent awards are: Microsoft Circle of Excellence Platinum Club (2017), NATO Center of Excellence (2016) Security Professional of the year by MEA Channel Magazine (2015), Professional of the year Sydney (2014) and many speaker of the year awards in conferences.

He also holds Global Instructor of the year awards from EC Council & MicrosoftErdal is also a part time lecture at Australian Charles Sturt University

Erdal's Twitter : https://twitter.com/Erdal_Ozkaya

The article has been originally published at: https://www.linkedin.com/pulse/time-patch-windows-july-2019-dr-erdal-ozkaya/

July 12, 2019

Leave a Reply


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Notify of

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013