Tripwire の脆弱性調査チーム:VERT が月に一度の パッチプライオリティ指標(Patch Priority Index:PPI) を公開します。非常に重要な意味を持つ PPI は、日々これらのパッチにより解決される脆弱性に取り組んでいる VERT の研究員がリリースしています。
パッチプライオリティ指標の決め方は詳しい:https://blog.tripwire.co.jp/blog/understanding-prioritization にてご参考ください。
また、新しい脆弱性ソリューションが弊社のディストリビューターからリリースされましたので、是非ご覧になってください。
下記は2019年10月のパッチプライオリティ指標になります。
Tripwire’s October 2019 Patch Priority Index (PPI) brings together important security vulnerabilities from Microsoft and Adobe.
Exploit Alert: Metasploit
First on the patch priority list this month are vulnerabilities that have been recently add to Metasploit. CVE-2019-13272 is a Linux kernel vulnerability; proof-of-concept code capable of exploiting the vulnerability has been added to Metasploit. Most vendors with Linux kernel support have provided patches for this vulnerability.
Exploit Alert: Exploit-DB
Up next, system administrators should focus on several vulnerabilities from Adobe and Microsoft. CVE-2019-8197, CVE-2019-1364, CVE-2019-1347, CVE-2019-1346, CVE-2019-1343 and CVE-2019-1344 have been added to Exploit-DB with information detailing technical aspects that could lead to direct exploitation of these vulnerabilities.
CVE-2019-8197 is a vulnerability that impacts Adobe Reader and Acrobat. Information regarding this vulnerability and its patch are available via the Adobe Security bulletin APSB19-49.
CVE-2019-1364, CVE-2019-1347, CVE-2019-1346, CVE-2019-1343 and CVE-2019-1344 are vulnerabilities impacting the Microsoft Windows OS with patches released during the October 2019 Patch Tuesday release. Details about these vulnerabilities can be found at the MSRC security guidance portal.
Other Patch Priorities
Up next are patches for Microsoft Browser, Scripting Engine and VBScript. These patches resolve 10 vulnerabilities including fixes for memory corruption, information disclosure, remote code execution and spoofing flaws.
Next on the list are patches for Adobe Acrobat and Adobe Reader (APSB19-49). As mentioned above, these patches address one vulnerability that has been added to Exploit-DB. Over 60 vulnerabilities are addressed by the APSB19-49 patch, which addresses sse-after-free, out-of-bounds read and write, heap overflow, buffer overrun, cross-site-scripting, race condition, type confusion and untrusted oointer dereference vulnerabilities.
Next on the list are patches for Microsoft Excel that address two remote code execution vulnerabilities.
Up next are patches for Microsoft Windows. These patches address numerous vulnerabilities across Windows Kernel, GDI, Microsoft Graphics, Remote Desktop client, Hyper-V, Jet Database Engine, Windows TLS, Remote Desktop Protocol, Windows NTLM, Windows Secure Boot and Windows Update Client. These patches fix over 30 vulnerabilities including elevation of privilege, information disclosure, spoofing, security feature bypass, denial of service and remote code execution vulnerabilities.
Next this month are patches for Oracle Java. These patches resolve 20 vulnerabilities related to various Java components.
Lastly this month, administrators should focus on server-side patches available for Microsoft SharePoint, Microsoft IIS, Microsoft Dynamics, Microsoft SQL Server and Oracle Database. These patches resolve over 20 vulnerabilities including cross-site scripting (XSS), elevation of privilege, denial of service, remote code execution and spoofing vulnerabilities.
BULLETIN |
CVE |
EXPLOIT ALERT: METASPLOIT |
CVE-2019-13272 |
EXPLOIT ALERT: EXPLOIT-DB |
CVE-2019-8197, CVE-2019-1364, CVE-2019-1347, CVE-2019-1346, CVE-2019-1343, CVE-2019-1344 |
MICROSOFT BROWSER |
CVE-2019-1371, CVE-2019-0608, CVE-2019-1357, CVE-2019-1356 |
MICROSOFT SCRIPTING ENGINE AND VBSCRIPT |
CVE-2019-1335, CVE-2019-1308, CVE-2019-1366, CVE-2019-1307, CVE-2019-1239, CVE-2019-1238 |
ADOBE APSB19-49 ACROBAT AND READER I |
CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8064, CVE-2019-8182, CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8163, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222, CVE-2019-8171, CVE-2019-8186, CVE-2019-8165, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206, CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, CVE-2019-8187, CVE-2019-8188, CVE-2019-8192 |
ADOBE APSB19-49 ACROBAT AND READER II |
CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225, CVE-2019-8170, CVE-2019-8183, CVE-2019-8166, CVE-2019-8160, CVE-2019-8162, CVE-2019-8226, CVE-2019-8161, CVE-2019-8167, CVE-2019-8169, CVE-2019-8200, CVE-2019-8174, CVE-2019-8195, CVE-2019-8196, CVE-2019-8205 |
MICROSOFT EXCEL |
CVE-2019-1331, CVE-2019-1327 |
MICROSOFT WINDOWS |
CVE-2019-1230, CVE-2019-1358, CVE-2019-1359, CVE-2019-1060, CVE-2019-1361, CVE-2019-1365, CVE-2019-1321, CVE-2019-1317, CVE-2019-1340, CVE-2019-1320, CVE-2019-1322, CVE-2019-1316, CVE-2019-1318, CVE-2019-1336, CVE-2019-1323, CVE-2019-1333, CVE-2019-1362, CVE-2019-1319, CVE-2019-1315, CVE-2019-1339, CVE-2019-1342, CVE-2019-1363, CVE-2019-1311, CVE-2019-1334, CVE-2019-1345, CVE-2019-1338, CVE-2019-1166, CVE-2019-1341, CVE-2019-1325, CVE-2019-1326, CVE-2019-1368, CVE-2019-1337 |
ORACLE JAVA |
CVE-2019-2988, CVE-2019-2958, CVE-2019-2964, CVE-2019-2978, CVE-2019-2949, CVE-2019-2945, CVE-2019-2933, CVE-2019-2975, CVE-2019-2989, CVE-2019-2977, CVE-2019-2962, CVE-2019-2999, CVE-2019-2973, CVE-2019-2996, CVE-2019-2983, CVE-2019-2992, CVE-2019-2987, CVE-2019-11068, CVE-2019-2894, CVE-2019-2981 |
MICROSOFT SHAREPOINT |
CVE-2019-1070, CVE-2019-1330, CVE-2019-1329, CVE-2019-1328 |
MICROSOFT IIS |
CVE-2019-1365 |
MICROSOFT DYNAMICS |
CVE-2019-1375 |
MICROSOFT SQL SERVER |
CVE-2019-1376, CVE-2019-1313 |
ORACLE DATABASE |
CVE-2018-11784, CVE-2019-2956, CVE-2019-2955, CVE-2019-2954, CVE-2018-2875, CVE-2019-2939, CVE-2019-2913, CVE-2019-2909, CVE-2019-2940, CVE-2019-2734, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362 |
To learn more about Tripwire’s Vulnerability and Exposure Research Team (VERT), including its Patch Priority Index, click here.
Or you can follow VERT on Twitter: @tripwirevert.
