End-of-Day report
Timeframe: Dienstag 14-01-2020 18:00 - Mittwoch 15-01-2020 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
News
Patch Tuesday: Windows patzt bei Zertifikatsprüfung
Eine Lücke in der Zertifikatsvalidierung von Windows ermöglicht es, die Codesignaturprüfung auszutricksen und TLS-Verbindungen anzugreifen. Zudem gibt es eine Sicherheitslücke im Remote Desktop Gateway.
https://www.golem.de/news/patch-tuesday-windows-patzt-bei-zertifikatspruefung-2001-146064-rss.html
CISA Releases Emergency Directive and Activity Alert on Critical Microsoft Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Windows CryptoAPI, Windows Remote Desktop Gateway (RD Gateway), and Windows Remote Desktop Client. A remote attacker could exploit these vulnerabilities to decrypt, modify, or inject data on user connections.
https://www.us-cert.gov/ncas/current-activity/2020/01/14/cisa-releases-emergency-directive-and-activity-alert-critical
Critical Cisco DCNM flaws: Patch right now as PoC exploits are released
The need to patch Cisco Data Center Network Manager for Nexus switches becomes even more urgent.
https://www.zdnet.com/article/critical-cisco-dcnm-flaws-patch-right-now-as-poc-exploits-are-released/#ftag=RSSbaffb68
Vulnerabilities
Oracle Critical Patch Update Advisory - January 2020
This Critical Patch Update contains 334 new security patches across the product families listed below.
https://www.oracle.com/security-alerts/cpujan2020.html
Huawei Security Advisories
* Intel Microarchitectural Data Sampling (MDS) vulnerabilities
* Three OpenSSL Vulnerabilities in Huawei Products
* Page-Cache Side-Channel Vulnerability
* Three DoS Vulnerabilities in the SIP Module of Some Huawei Products
* Information Leakage Vulnerability in some Huawei Firewall Product
* Buffer Overflow Vulnerability in QEMU-KVM
* FRP Bypass Vulnerability in Huawei Smart Phones
* Insufficient Authentication Vulnerability in Some Huawei Smart Phones
* Improper Authentication Vulnerability in Smartphones
* FragmentSmack Vulnerability in Linux Kernel
* Two Integer Overflow Vulnerabilities in LDAP of Some Huawei Products
https://www.huawei.com/en/psirt/all-bulletins?name=security-advisories&year=2020
Sicherheitsupdates: Intel-Lücken zur Rechteausweitung geschlossen
Intels Entwickler haben gefährliche Lücken in unter anderem Chip-/CPU-Software und VTune geschlossen.
https://heise.de/-4638307
VMSA-2020-0002
VMware Tools workaround addresses a local privilege escalation vulnerability (CVE-2020-3941)
https://www.vmware.com/security/advisories/VMSA-2020-0002.html
Security updates for Wednesday
Security updates have been issued by Arch Linux (thunderbird), CentOS (firefox), openSUSE (chromium, firefox, GraphicsMagick, log4j, nodejs8, phpMyAdmin, singularity, and virglrenderer), Oracle (kernel), Red Hat (firefox), SUSE (man, nodejs10, openssl-1_1, and php7), and Ubuntu (php5, php7.0, php7.2, php7.3 and spamassassin).
https://lwn.net/Articles/809624/