Executive Summary
The December 2019 updates include a number of important updates from Microsoft and Adobe including a number of zero day vulnerabilities that are being actively exploited by threat actors. Organizations evaluate the updates and patch vulnerable systems as soon as feasible. These updates also mark the next-to-the-last updates available for Windows 7 and Windows Server 2008.
News
- Holiday Schedule – Cyber Tech Cafe will be closed for Christmas and New Year to enjoy time with friends, family and loved ones. Any support requests received during the holiday will be prioritized and responded to on the next business day.
- Christmas – Closed Tuesday, 24 December and Wednesday, 25 December.
- New Year – Closed Wednesday, 1 January 2020.
- DC770 – Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson’s restaurant in Cartersville on the first Tuesday of each month. More information is available at https://dc770.org .
Update Info
Microsoft
Microsoft released updates for 36 vulnerabilities this month. Seven of those were rated [by Microsoft] as critical and both SANS and Microsoft and can be exploited without any user interaction. At least one of the patched vulnerabilities, CVE-2019-1458, was first reported in April and was found [then] being sold in underground markets and is already being exploited in the wild.
Additional details on Windows Updates are available from Microsoft, the Patch Tuesday Dashboard, Krebs on Security and the SANS Internet Storm Center.
Adobe
Adobe released four (4) bulletins this month, across a number of Adobe products including Cold Fusion, Photoshop CC and Reader / Acrobat. Three (3) of the four (4) vulnerabilities are listed by Adobe as “Critical”.
Like Microsoft, Adobe (for the most part) now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc.).
Additional details are available from Adobe Here including links to download the update(s) and instructions for installation.
Security News
Organizations in the small to medium business space often make two critical mistakes when it comes to security; they underestimate their need and overestimate their readiness. The result is a vulnerable attack surface that’s poorly defended. Two examples that we’ve seen recently are organizations who don’t have a VPN and use Remote Desktop Protocol (RDP) for remote access into their network or organizations try to use a ‘silver bullet’ approach to shortcut good security. For the RDP vulnerability, attackers are often able to successfully guess the credentials to gain access, brute force a set of credentials and break in or just find unpatched vulnerabilities that allow them to bypass logging in altogether (the BlueKeep vulnerability is a recent example). In the case of a ‘silver bullet’ type approach, organizations try to avoid security by invulnerable systems (there’s long been a myth that Apple / Mac systems are invulnerable to attack) or by just applying a single layer of protection (like antivirus). A recently discovered virus affecting Apple / Mac systems highlights the facts that a) they aren’t invulnerable, b) antivirus isn’t a silver bullet and that c) the bad guys don’t have to find a vulnerability in your technology (a more detailed write-up is available here). If your organization accepts credit cards and is not currently conducting the required quarterly wireless and vulnerability scans or annual penetration tests and would like more information, you can contact us here.
Piratica is a risk management firm. We work with client organizations to help them identify and understand the risks to their organizations so that those metrics can be incorporated into the organizations overall security strategy. We believe that the first step in any solution is to correctly and completely identify the problem. Additional information is available on our website, Facebook and Twitter or via our free email newsletter (signup available on our website here).
These updates will be automatically reviewed, approved and installed for MyIT Customers. If you would like more information about the Cyber Tech Cafe MyIT services for your business, please let us know. The Cyber Tech Cafe MyIT services are available in three different levels (Bronze, Silver and Gold) and can provide updates only (Bronze), updates and proactive network auditing and monitoring (Silver) or updates, proactive auditing and monitoring and up to 10 hours of priority support at a significantly discounted rate (Gold). Pricing is based on the number of physical locations, servers and workstations that you have.