24 May 2019

Week in review

AUSCERT Week in Review for 24th May 2019

AUSCERT Week in Review
24 May 2019

Greetings!

Discussion still raged this week about the potential threat of the
Microsoft BlueKeep vulnerability revealed last week. That Microsoft
took the incredibly unusual decision of issuing patches for operating
systems long ago end-of-lifed indicated how serious they considered this
issue. A number of researchers have suggested that it’s only a matter of
time until this vulnerability could be extensively exploited. If you have
any old Windows systems potentially exposed now is the time to patch them!

And for everyone attending the AUSCERT conference next week we look
forward to seeing you there. We have fewer than 10 tickets left for the
conference, so if you were thinking of coming, you better decide soon!

Here’s a summary (including excerpts) of some of the more interesting
stories we’ve seen this week:

 

Title: BlueKeep Remote Desktop Exploits Are Coming, Patch Now!
Date Published: 20/05/2019
Author: Bleeping Computer
Excerpt:

“Security researchers have created exploits for the remote code
execution vulnerability in Microsoft’s Remote Desktop Services, tracked
as CVE-2019-0708 and dubbed BlueKeep, and hackers may not be far behind.
While the vulnerability inspired some playful users to create fake
proof-of-concept code intended for rickrolling, it is no joke. As Remote
Desktop Services is commonly exposed to the public so that users can
gain remote access to their internal computers, successful exploitation
could allow access to an entire network.”

Title: ‘What he’s achieved is spectacular’: Worker wins landmark case over fingerprinting on the job
Date Published: 21/05/2019
Author: ABC News
Excerpt:

“When Queensland sawmill worker Jeremy Lee refused to give
his fingerprints to his employer as part of a new work sign-in, he
wasn’t just thinking about his privacy. It was a matter of ownership.
“It’s my biometric data. It’s not appropriate for them to have it,” he
tells RN’s The Law Report. For not agreeing to the new system, Mr Lee
was sacked. What followed was a legal battle that delivered the first
unfair dismissal decision of its kind in Australia.”

Title: Two more Microsoft zero-days uploaded on GitHub
Date Published: 22/05/2019
Author: ZDNET
Excerpt:

“A security researcher going online by the pseudonym of
SandboxEscaper has published today demo exploit code for two more
Microsoft zero-days after releasing a similar fully-working exploit the
day before. These two mark the sixth and seventh zero-days impacting
Microsoft products this security researcher has published in the past
ten months, with the first four being released last year, and three over
the past two days.”

 

Alerts, Advisories and Updates:
——————————-
Title: ASB-2019.0152 – [Solaris] Xerox FreeFlow Print Server v8: Multiple vulnerabilities
Date: 24 May 2019

Title: ASB-2019.0151 – [Win] Xerox FreeFlow Print Server v2(Windows 7): Multiple vulnerabilities
Date: 24 May 2019

Title: ASB-2019.0150 – [Win][UNIX/Linux] Wireshark: Denial of service – Remote with user interaction
Date: 23 May 2019

Title: ASB-2019.0149 – [Win] Intel Graphics Driver for Windows: Denial of service – Existing account
Date: 23 May 2019

Title: ASB-2019.0148 – [Win][UNIX/Linux] Intel CSME: Multiple vulnerabilities
Date: 22 May 2019

Stay safe, stay patched, and have a good weekend!

Eric.