February Patching: Leaping Ahead of Vulnerabilities

As we embrace the extra day this leap year brings, OneNeck is here to ensure that February’s additional time is met with heightened cybersecurity vigilance. This month, we navigate through a blend of routine maintenance and critical zero-day patches that demand immediate attention. Let’s leap into this month’s updates, highlighting not only the routine patching tasks but also addressing essential vulnerabilities that could significantly impact the security posture of your IT environment.

Microsoft’s Patching Synopsis

Microsoft has addressed 73 vulnerabilities, categorized as follows:

• 16 Elevation of Privilege Vulnerabilities
• 3 Security Feature Bypass Vulnerabilities
• 30 Remote Code Execution Vulnerabilities
• 5 Information Disclosure Vulnerabilities
• 9 Denial of Service Vulnerabilities
• 10 Spoofing Vulnerabilities

This release includes patching two zero-day vulnerabilities, highlighted in the following, underscoring the importance of timely updates.

February’s Patching Highlights

Key vulnerabilities spotlighted for this month include:

• CVE-2024-21351 – Windows SmartScreen Security Feature Bypass
• CVE-2024-21412 – Internet Shortcut Files Security Feature Bypass
• CVE-2024-21410 – Exchange Server Elevation of Privilege Vulnerability
• CVE-2024-21413 – Outlook Remote Code Execution Vulnerability

Given their critical nature, these vulnerabilities demand immediate attention from IT professionals. The risk they pose, if left unpatched, could lead to significant breaches, data loss, and system compromise. We urge organizations to prioritize these updates to safeguard their networks against attacks.

Exchange Updates

OneNeck has proactively addressed the Exchange Server vulnerability identified in this month’s update cycle for those under our Exchange Management service. Furthermore, for clients utilizing Exchange 2019 and covered under our management services, deploying this month’s Cumulative Update will proceed through distinct change requests. Note: Microsoft has discontinued Cumulative Updates for Exchange Server 2016. In light of this, we strongly advocate for all our clients to consider migrating to Exchange Server 2019 to ensure continued security and support. If you have questions about how OneNeck can assist you, please reach out to our Service Desk (800-272-3077).

Linux Patching Overview

This month, our Linux Team has meticulously identified a series of necessary patches for bolstering your Linux environments’ security and functionality. Here’s a detailed breakdown of these vital updates:

• CVE-2023-42753: Security update for the RHEL 7 Kernel, enhancing system defenses.
• CVE-2023-5633, CVE-2023-20569, CVE-2023-42753: Addresses multiple vulnerabilities for the RHEL 8 Kernel,
• CVE-2023-40283, CVE-2023-42753, CVE-2023-46813: Security enhancements for the RHEL 9 Kernel, closing multiple critical gaps.
• CVE-2024-20926, CVE-2024-20945, CVE-2024-20952: Java-1.8.0-Openjdk and Java-11-Openjdk security updates are crucial for maintaining Java applications’ security integrity.
• CVE-2023-44446: Update for Gstreamer-Plugins-Bad-Free, safeguarding multimedia processing.
• CVE-2024-0409, CVE-2024-21885, CVE-2024-21886: Xorg-X11-Server security updates, crucial for graphical system stability and security.
• CVE-2024-0751, CVE-2024-0753, CVE-2024-0755: Firefox security updates for secure web browsing.
• CVE-2024-0229, CVE-2024-21885, CVE-2024-21886: Tigervnc security updates, enhancing remote desktop security.

While categorized as moderate, the following updates are still important for maintaining the integrity and security of various system components and services:

• CVE-2023-43804, CVE-2023-45803: These patches for Python-Urllib3 address vulnerabilities in HTTP client software, mitigating risks that could compromise web communication security.
• CVE-2023-39615: The Libxml2 security update for XML processing ensures the security and integrity of XML applications.
• CVE-2022-44638: A Pixman update strengthening the core image rendering libraries, protecting systems from vulnerabilities affecting graphic content processing.
• CVE-2023-7104: Fortifies Sqlite database stability and security, preventing data integrity issues.
• CVE-2023-27043: Enhances the overall security framework of Python3 applications, addressing vulnerabilities in scripting and automation.
• CVE-2023-5981, CVE-2024-0553, CVE-2024-0567: Updates to Openssh ensuring secure system access and communication.
• CVE-2024-0553: Gnutls security update marks improvements in SSL/TLS communication security, addressing vulnerabilities in encrypted data transmission.

While these patches are classified as moderate in severity, their implementation is vital for proactively safeguarding Linux environments against a range of security threats. We recommend system administrators apply these updates promptly to ensure ongoing security and stability.

Microsoft Office and SharePoint Updates

While our scheduled patching activities are comprehensive, they are designed to complement your internal update processes for a wide range of products, including Microsoft Office and SharePoint. We encourage our clients to regularly review and apply updates across all software to ensure the highest level of security. For insights on integrating these updates seamlessly into your security strategy or to find out how OneNeck can support your efforts, do not hesitate to reach out to our Service Desk.

TLS 1.0 and TLS 1.1 Update Advisory

As previously announced, Microsoft will disable TLS 1.0 and TLS 1.1. While no specific date has been set, we urge all customers to prepare their environment for these changes. For more information, visit the Tech Community Blog.

Closing Thoughts

This month, taking a “leap” into cybersecurity vigilance reminds us of the extra steps we can take to fortify our digital defenses. With each monthly patching cycle, we reaffirm our commitment to your cybersecurity. Remember, staying up-to-date with patches is a key defense strategy. Please contact us for any assistance or questions; our team is ready to help.

Stay secure and patched; let’s use this extra day– and every day– as an opportunity to continue safeguarding your IT infrastructure together.

Each month, OneNeck engineers review newly released updates from vendors, like Microsoft, to understand any known issues, actions required and understand the priority of each. This is done immediately following Patch Tuesday releases, and we monitor for adjustments to patches throughout each month.

The information above is gathered monthly during this review and posted for awareness to our customers. This information is generally updated only once per month and is based on our engineers’ review of the information provided by the vendor at that time. As always, for the most up-to-date patching information, please see the vendor’s website or contact us.

Note: If OneNeck actively manages a device or software that is impacted by any of these vulnerabilities, when necessary, OneNeck will be in direct contact with you regarding remediation.

 

Additional Resources: