February 14, 2020
February 2020 Threat Intelligence (CRITICAL ALERT)
This month’s updates include a huge 99 vulnerabilities (13 critical), making this Microsoft’s biggest Patch Tuesday known to date! The highlight of this month’s security release is a fix for CVE-2020-0674, which is a zero-day vulnerability in Internet Explorer that is being actively exploited. All users are advised to to install these security updates as soon as possible to ensure you’re protected from these security risks. Full information on this months patches can be found here: https://portal.msrc.microsoft.com/en-us/security-guidance
Internet Explorer Zero Day
Last month, Microsoft released an advisory warning that attackers were exploiting a previously unknown flaw in IE. That vulnerability, assigned as CVE-2020-0674, has been patched with this month’s release. It could be used to install malware just by getting a user to browse to a malicious or hacked Web site.
An important flaw to note
Another flaw fixed this month in Microsoft Exchange 2010 through 2019 requires some attention. The bug could allow attackers to exploit the Exchange Server and execute arbitrary code just by sending a specially crafted email. This vulnerability (CVE-2020-0688) is rated “important” rather than “critical,” but deemed potentially dangerous, as Microsoft identifies this as a vulnerability that is likely to be exploited.
That’s a wrap!
Other than that, there’s nothing really out of the ordinary to highlight. This month, Microsoft’s patches are just bulkier than ever, but there’s no earth-shattering bug that needs to be addressed with haste, like in previous months. Patch Tuesday updates are delivered in bulk, so accepting this month’s fixes will automatically install patches for all the 99 security flaws at once.
Patching is important…
Security vulnerabilities are the ‘low hanging fruit’ for hackers. Patching is essential to keep your information safe. It is also good practice to back up your system or at least your data before you apply any updates.
Customers are advised to follow these security tips:
- Install vendor patches immediately when available.
- Run all software with least privileges while still maintaining functionality.
- Do not handle files from questionable sources.
- Avoid visiting sites with unknown integrity.
- Block external access at the network perimeter to all key systems unless access is necessary.
Related articles:
- Real life cyber crime video – Phishing affects healthcare provider
- [THREAT INTEL] NSA issues rare warning to patch against BlueKeep vulnerability
- Know your enemy: What motivates a cyber criminal?
- A buyers guide to patch management software
- Types of penetration test – what’s the difference?
- Pros and cons of outsourcing your cyber security: In-house or Managed SOC?
About CyberOne
CyberOne is a government-approved Cyber Security and IT Managed Service Provider, supporting clients 24/7 from our ISO27001-accredited UK Security Operations Centre (SOC). Located at the heart of a high security, controlled-access Tier 3 data centre, CyberOne’s state-of-the-art UK Cyber Defence Centre (SOC) targets, hunts & disrupts hacker behaviour, as part of a multi-layered security defence, to help secure some of the UK’s leading organisations.