Tripwire の脆弱性調査チーム:VERT が月に一度の パッチプライオリティ指標(Patch Priority Index:PPI) を公開します。非常に重要な意味を持つ PPI は、日々これらのパッチにより解決される脆弱性に取り組んでいる VERT の研究員がリリースしています。
パッチプライオリティ指標の決め方は詳しい:https://blog.tripwire.co.jp/blog/understanding-prioritization にてご参考ください。
また、新しい脆弱性ソリューションが弊社のディストリビューターからリリースされましたので、是非ご覧になってください。
下記は2019年9月のパッチプライオリティ指標になります。
Tripwire’s September 2019 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe.
Exploit Framework Alert
A Metasploit Exploit module that targets Windows Remote Desktop Services has been recently released. This exploit module targets CVE-2019-0708 for the so-called “BlueKeep” vulnerability. This vulnerability impacts Windows Server 2008, Windows 7, and Windows Server 2008 R2. Microsoft provided patches for this vulnerability during the May 2019 Patch Tuesday release. If you have not applied the May 2019 patches, you should act fast to patch your systems in order to be protected from this vulnerability.
Patch Priority List
First, on the list for September are 3 Windows vulnerabilities that have been publicly disclosed. These 3 vulnerabilities are identified by CVE-2019-1235, CVE-2019-1253, CVE-2019-1294 and affect Windows OS, Windows Text Service Framework (TSF), and Windows Secure Boot.
Next on the list are patches for Adobe Flash Player (APSB19-46). These patches address Use-After-Free and Same Origin Method Execution vulnerabilities. Adobe states these vulnerabilities are critical and affect Adobe Flash Player Desktop Runtime, Adobe Flash Player for Google Chrome, and Adobe Flash Player for Microsoft Edge and Internet Explorer 11.
Up next are patches for Microsoft Browser, Scripting Engine, and VBScript. These patches resolve 10 vulnerabilities, including fixes for Memory Corruption, Information Disclosure, Remote Code Execution, and Security Feature Bypass vulnerabilities.
Next on the list are patches for Microsoft Office, Excel, Lync 2013, and .NET. These patches resolve 5 vulnerabilities, including fixes for Remove Code Execution, Information Disclosure, Elevation of Privilege, and Security Feature Bypass vulnerabilities.
Up next are patches for Microsoft Windows. These patches address numerous vulnerabilities across Windows Kernel, GDI, Microsoft Graphics, Remote Desktop client, ALPC, Common Log File System Driver, Hyper-V, DirectWrite, DirectX, Winlogon, SMB client, and Jet Database Engine. These patches fix 46 vulnerabilities, including Elevation of Privilege, Information Disclosure, Cross-site Scripting, Security Feature Bypass, Denial of Service, and Remote Code Execution vulnerabilities.
Lastly, this month administrators should focus on server-side patches available for Microsoft SharePoint and Microsoft Exchange Server. These patches resolve 9 vulnerabilities, including Cross-site Scripting (XSS), Elevation of Privilege, Denial of Service, Remote Code Execution, and Spoofing vulnerabilities.
| BULLETIN | CVE | |
| Publicly Disclosed Vulnerabilities | CVE-2019-1235, CVE-2019-1253, CVE-2019-1294 | |
| Adobe Flash Player – APSB19-46 | CVE-2019-8070, CVE-2019-8069 | |
| Browser | CVE-2019-1220, CVE-2019-1299 | |
| Scripting Engine | CVE-2019-1237, CVE-2019-1217, CVE-2019-1300, CVE-2019-1138, CVE-2019-1298, CVE-2019-1221 | |
| VBScript | CVE-2019-1236, VE-2019-1208 | |
| Microsoft Office |
|
|
| .NET Framework | CVE-2019-1142 | |
| Windows | CVE-2019-1273, CVE-2019-1232, CVE-2019-1251, CVE-2019-1245, CVE-2019-1244, CVE-2019-1284, CVE-2019-1216, CVE-2019-1248, CVE-2019-1242, CVE-2019-1243, CVE-2019-1241, CVE-2019-1250, CVE-2019-1249, CVE-2019-1246, CVE-2019-1247, CVE-2019-1240, CVE-2019-1280, CVE-2019-1267, CVE-2019-1283, CVE-2019-1270, CVE-2019-1256, CVE-2019-1285, CVE-2019-1272, CVE-2019-1269, CVE-2019-1277, CVE-2019-1214, CVE-2019-1282, CVE-2019-1292, CVE-2019-1278, CVE-2019-1215, CVE-2019-1303, CVE-2019-1252, CVE-2019-1286, CVE-2019-0928, CVE-2019-1254, CVE-2019-1274, CVE-2019-1271, CVE-2019-1287, CVE-2019-1293, CVE-2019-1219, CVE-2019-1289, CVE-2019-1268, CVE-2019-0788, CVE-2019-0787, CVE-2019-1290, CVE-2019-1291 | |
| SharePoint | CVE-2019-1262, CVE-2019-1260, CVE-2019-1257, CVE-2019-1295, CVE-2019-1296, CVE-2019-1261, CVE-2019-1259 | |
| Exchange Server | CVE-2019-1233, CVE-2019-1266 |
To learn more about Tripwire’s Vulnerability and Exposure Research Team (VERT), including its PPI, click here.
Or, for PPI and more, you can follow VERT on Twitter: @tripwirevert.
