On Tuesday, Microsoft addressed 79 vulnerabilities and released three advisories. Out of the 79 vulnerabilities, 19 of them have received a critical severity classification. One of the main updates pertains to an elevation of privileges vulnerability (CVE-2019-0863) which was being exploited in the wild when it was discovered. The flaw involved the way Windows Error Reporting handled files. For it to be carried out successfully an attacker would first need access to the system through malware and manual attacks. “An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs, view, change, or delete data, or create new accounts with administrator privileges,” said researchers. Another one of the critical vulnerabilities that was patched involved a remote Desktop Services remote code-execution vulnerability (CVE-2019-0708). This specific bug received quite a bit of attention due to its similarities to WannaCry, the worldwide cyber-attack that occurred in May of 2017. They believe the vulnerability would mainly affect Windows 7, but patches have also been released for Windows XP and Server 2003. The vulnerabilities addressed cover a wide array of issues. A full list of the flaws can be found on Microsoft’s webpage.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security