New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Two Windows Zero-Days Receive Fixes

Fixes have been made on 64 security vulnerabilities as well as four security advisories. The patches cover a wide variety of Microsoft products such as Microsoft Windows, Office Services and Web Apps, Internet Explorer, Edge, Exchange Server, ChakraCore, the .NET Framework, Team Foundation Services, and NuGet package manager. Seventeen of these received a critical rating, 45 were rated important, one moderate, and another with a low severity rating. Only four of these bugs are publicly known, while two elevation of privilege vulnerabilities are being used in attacks. CVE-2019-0797 was the first to be reported and it was known to affect Windows 8, 10, as well as Server version 2012, 2016, and 2019. The second was CVE-2019-0808, which is a Windows zero-day that’s also coupled with a Chrome zero-day that allows attackers to escape the Chrome sandbox and inject a malicious payload on the targeted systems. In addition to these two zero-days, Microsoft also addressed three large scale vulnerabilities (CVE-2019-0697, CVE-2019-0698, and CVE-2019-0726) that were within Windows DHCP which essentially could lead to an attacker taking over machines that are vulnerable.

Analyst Notes

Users should keep up-to-date with the fixes Microsoft makes and download updates accordingly. Since the fixes apply to such a broad range of products and services, users are advised to visit the official Microsoft Security Update Guide portal. When visiting the portal, users can apply filter options which will allow them to only find updates and patches that apply to only the products and services they use.