Vulnerability Assessment
0
PUBLICLY DISCLOSED
0
EXPLOITED
0
ZERO-DAY
This is a huge month for Patch Tuesday as Microsoft attempts to address 78 unique vulnerabilities spanning Windows desktop and server platforms, Microsoft Office and core development tools. Without the pressure of a publicly reported vulnerability and no Zero-days to urgently address, we recommend a measure pace of testing before deployment for the Windows and Office updates, with a more rapid pace for the IE and development tools patches.
Windows
VULNERABILITIES
0
LOW
0
MODERATE
55
IMPORTANT
16
CRITICAL
PATCH NOW!
Browsers
Microsoft has attempted to address twelve vulnerabilities to both its web browsers (Edge and Internet Explorer) with nine rated as critical. Though we don’t have any vulnerabilities publicly reported or known to be exploited, two groups of issues relate to the Chakra scripting engine and how both browsers handle memory.
VULNERABILITIES
3
LOW
9
MODERATE
3
IMPORTANT
9
CRITICAL
PATCH NOW!
Office
VULNERABILITIES
0
LOW
0
MODERATE
9
IMPORTANT
5
CRITICAL
SCHEDULE
Dev Tools
Microsoft has attempted to address eight vulnerabilities to their development platform with seven rated as critical and the remainder rated as important. All the critical updates relate to the Chakra scripting engine (which also relate to the IE and Edge security issues. In addition to the Chakra issues and updates.
VULNERABILITIES
0
LOW
0
MODERATE
1
IMPORTANT
7
CRITICAL
SCHEDULE
Adobe Flash Player
Microsoft has not released any specific bulletins or advisories for Adobe products.
VULNERABILITIES
0
LOW
0
MODERATE
0
IMPORTANT
0
CRITICAL
WAIT
1 thought on “Patch Impact Assessment August 2019”
Is it common that when MSFT deploys patches it can bring ReAccess/Powerline down for a week? Our dev shop has reported 3 patches over the past 5 months that have brought our system down from 3 – 7 days each time.
It does not seem likely that MSFT would risk damage to their reputation by doing this, which is starting to happen with our company.
Any feedback would be appreciated.