Here we are at another second Tuesday of the month. That means your systems need to get patched! This month has continued the trend of fewer issues that we have seen since February. CVE’s patched dropped from 113 down to 111. Critical issues plummeted from 17 to 16! In an actual improvement from last month, there is nothing out there that was already known or has been actively exploited.
It seems like the large number of CVEs getting patched every month is quickly becoming the norm instead of the outlier like I assumed earlier in the year. I don’t think this is a bad thing when these vulnerabilities exist, whether or not they get patched. So as long as the quality of the patch remains consistent, more quantity is nothing but a win for us. Plus, with the magic of PDQ Deploy and PDQ Inventory, this is all automated for you anyway!
CVE-2020-1192 - There is a remote execution vulnerability for the python extension with VSCode. Some nogoodnik could run malicious code, with effectiveness varied based on current user rights. This does require an end-user to open a bad file, so luckily, your staff has been trained to not click on unfamiliar links, and they heed that advice 100 percent of the time!
CVE-2020-1093 - Another Remote execution vulnerability, this time with VBScript. This one can be exploited with how it is loaded in the memory. It would allow some unsavory type to get a level of access up to what the logged-on user has. To utilize this, they would need a user to click on a bad link, allowing them to blah blah blah, nerd nerd nerd. The patch changes the way it accesses memory, so do that, and all will be well!
CVE-2020-1056 - This one involves Microsoft Edge ignoring cross-domain policies. So some ne’er-do-well might be able to access data from one domain and inject it into another. As we have seen with most of the critical bugs on this round, it seems like a user is going to have to actively go to a malicious link to be exploited.
So what have we learned? First, I am feeling froggy and feel like I can slip the flippant patch break down through this month. Second, I probably can’t get through that a second time. Lastly, the decline in critical patches does not mean 0 critical patches. So make sure you are patching your environment.
You might remember earlier when I mentioned that this could be automated anyway, so you don’t have to worry about it and have thought to yourself, “That seems neat, tell me more.” Well, BAM! Let the soothing sounds of Lex’s baritone walk you through automating with PDQ Deploy and PDQ Inventory and soothe away all concerns.