Tripwire の脆弱性調査チーム:VERT が月に一度の パッチプライオリティ指標(Patch Priority Index:PPI) を公開します。非常に重要な意味を持つ PPI は、日々これらのパッチにより解決される脆弱性に取り組んでいる VERT の研究員がリリースしています。
パッチプライオリティ指標の決め方は詳しい:https://blog.tripwire.co.jp/blog/understanding-prioritization にてご参考ください。
また、新しい脆弱性ソリューションが弊社のディストリビューターからリリースされましたので、是非ご覧になってください。
下記は2019年11月のパッチプライオリティ指標になります。
Tripwire’s November 2019 Patch Priority Index (PPI) brings together important security vulnerabilities from Microsoft and Adobe.
Exploit Alert: Metasploit
First, on the patch priority list, this month are vulnerabilities that have been recently added to Metasploit. Two vulnerabilities, identified by CVE-2019-11539 and CVE-2019-11510 that affect the Pulse Connect Secure product have been added to Metasploit. Administrators can learn more about these vulnerabilities via the Pulse Connect Secure advisory SA44101.
Exploit Alert: Exploit-DB
Up next, system administrators should focus on several vulnerabilities from Adobe for Acrobat & Reader as well as Microsoft for Internet Explorer and Windows Universal Plug and Play (UPnP). Vulnerabilities impacting these products, identified by CVE-2019-8196, CVE-2019-8195, CVE-2019-1429, and CVE-2019-1405, have been added to Exploit-DB with information detailing technical aspects that could lead to direct exploitation of these vulnerabilities.
Other Patch Priorities
Up next are patches for Microsoft Browser, Scripting Engine and VBScript. These patches resolve 6 vulnerabilities including fixes for memory corruption, remote code execution, and security feature bypass flaws.
Next on the list are patches for Microsoft Excel, Office, and Visual Studio. These patches resolve 5 vulnerabilities including fixes for information disclosure, remote code execution, security feature bypass, and elevation of privilege vulnerabilities.
Up next are patches for Microsoft Windows. These patches address numerous vulnerabilities across Windows Kernel, GDI, Microsoft Graphics, Jet Database Engine, Windows Data Sharing Service, Windows AppX, Windows Error Reporting, DirectWrite, ActiveX, Windows Modules Installer Service, and Windows RPC. These patches fix over 40 vulnerabilities including elevation of privilege, information disclosure, spoofing, security feature bypass, and remote code execution vulnerabilities.
Next, this month are patches for Windows Hyper-V. These patches resolve 9 vulnerabilities including fixes for denial of service and remote code execution vulnerabilities.
Lastly this month, administrators should focus on server-side patches available for Microsoft Exchange, SharePoint, and Office Online Server. These patches resolve over 4 vulnerabilities including information disclosure, remote code execution and spoofing vulnerabilities.
BULLETIN |
CVE |
EXPLOIT ALERT: METASPLOIT |
CVE-2019-11539, CVE-2019-11510 |
EXPLOIT ALERT: EXPLOIT-DB |
CVE-2019-8196, CVE-2019-8195, CVE-2019-1429, CVE-2019-1405 |
MICROSOFT EDGE |
CVE-2019-1413 |
MICROSOFT SCRIPTING ENGINE AND VBSCRIPT |
CVE-2019-1429, CVE-2019-1426, CVE-2019-1427, CVE-2019-1428, CVE-2019-1390 |
MICROSOFT OFFICE |
CVE-2019-1446, CVE-2019-1448, CVE-2019-1402, CVE-2019-1442 |
MICROSOFT VISUAL STUDIO |
CVE-2019-1425 |
MICROSOFT EXCEL |
CVE-2019-1331, CVE-2019-1327 |
MICROSOFT WINDOWS |
CVE-2019-1411, CVE-2019-1432, CVE-2019-1406, CVE-2019-1382, CVE-2019-1381, CVE-2019-1430, CVE-2019-1384, CVE-2019-1380, CVE-2019-1424, CVE-2019-1412, CVE-2019-1456, CVE-2019-1419, CVE-2019-1408, CVE-2019-1434, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1393, CVE-2019-1441, CVE-2019-1440, CVE-2019-1436, CVE-2019-1385, CVE-2019-1388, CVE-2019-1379, CVE-2019-1383, CVE-2019-1417, CVE-2018-12207,CVE-2019-1391, CVE-2019-1422, CVE-2019-1420, CVE-2019-1423, CVE-2019-1374, CVE-2019-1439, CVE-2019-1433, CVE-2019-1407, CVE-2019-1438, CVE-2019-1437, CVE-2019-1435, CVE-2019-1415, CVE-2019-1392, CVE-2019-11135, CVE-2019-1418, CVE-2019-1409, CVE-2019-1416, CVE-2019-1324, CVE-2019-1405 |
MICROSOFT HYPER-V |
CVE-2019-0712, CVE-2019-1310, CVE-2019-1309, CVE-2019-1399, CVE-2019-1389, CVE-2019-1398, CVE-2019-1397, CVE-2019-0719, CVE-2019-0721 |
MICROSOFT EXCHANGE SERVER |
CVE-2019-1373 |
MICROSOFT SHAREPOINT AND OFFICE ONLINE SERVER |
CVE-2019-1447, CVE-2019-1445, CVE-2019-1443 |
To learn more about Tripwire’s Vulnerability and Exposure Research Team (VERT), including its PPI, click here.
Or, for PPI and more, you can follow VERT on Twitter: @tripwirevert.
