Weekly Comments

10 - 17 December 2019

Microsoft’s December 2019 Patch Tuesday addresses 36 vulnerabilities.

Microsoft’s December 2019 Patch Tuesday addresses 36 vulnerabilities, seven of which are rated Critical, 28 Important, and one Moderate. The Critical flaws, which can lead to remote code execution, affect Git for Visual Studio (five CVEs), Win32k Graphic (CVE-2019-1468) and Windows Hyper-V (CVE-2019-1471).

Among the “Important” vulnerabilities, CVE-2019-1458 is a privilege elevation vulnerability in Windows' Win32k component. An attacker can exploit this vulnerability by logging onto a system, then running a specially crafted application that would allow them to take complete control of the system and execute arbitrary code in kernel mode. This zero-day bug is actively exploited in the wild before the patch release in a campaign dubbed Operation WizardOpium.

System administrators are advised to apply the latest security update to mitigate against attacks targeting Windows systems. Priority must be given to Win32k patches given that CVE-2019-1468 can be exploited by luring users to a specially crafted web page while CVE-2019-1458 is being exploited in the wild.

References:

December 2019 Security Updates

Microsoft Security Update Guide

Security update available for Adobe Acrobat and Reader | APSB19-55

Security updates available for Adobe Photoshop CC | APSB19-56

Security Updates Available for Brackets | APSB19-57

Security updates available for ColdFusion | APSB19-58

Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence