Patch Impact Assessment July 2019

Vulnerability Assessment

6

PUBLICLY DISCLOSED

2

EXPLOITED

2

ZERO-DAY

This is a big Patch Tuesday for some Windows users. Older systems such as Windows 7 and Server 2008 need both urgent and important updates to resolve publicly disclosed and exploited vulnerabilities. If you are running later versions of Windows 10, the situation is much improved, with recommendations for scheduled updates and comprehensive testing before deployment.

Windows

If you have moved, and if you are on the latest Windows 10 build (1903) then your build team needs to spend some time on the new sandbox functionality, as there were reported testing issues this month. And, please test your Remote Desktop Services (RDS) implementation. I am not sure that there is a direct mapping to an application specific issue, but it may be time to run RDS through your basic unit tests before a general deployment of the Windows 10 updates. If you are using Windows 7 and 8, add these updates to your “Patch Now” release schedule. If you are using Windows 10, add these updates to your standard deployment schedule of patches.

VULNERABILITIES

0
LOW

0
MODERATE

48
IMPORTANT

2
CRITICAL

PATCH NOW!

Browsers

Unfortunately, Microsoft has reported that these vulnerabilities are likely to be exploited on all platforms, they could lead to code execution with  full user or admin privileges and may only require a visit to a specially crafted web page to exploit. This makes these updates both urgent and important. Add these browser updates to your “Patch Now” release cycle.

VULNERABILITIES

0
LOW

9
MODERATE

0
IMPORTANT

8
CRITICAL

PATCH NOW!

Office

Microsoft has released seven updates for Microsoft, none rated as critical. Add these Microsoft Office updates to your standard office patch schedule.

VULNERABILITIES

0
LOW

0
MODERATE

7
IMPORTANT

0
CRITICAL

SCHEDULE

Dev Tools

We advise adding the .NET changes to a scheduled development update. The Chakra scripting engine updates need to be added to your “Patch Now” release schedule.

VULNERABILITIES

0
LOW

1
MODERATE

6
IMPORTANT

8
CRITICAL

SCHEDULE

Adobe Flash Player

There are no updates for Adobe products this month from Microsoft. Yes, it’s true.

VULNERABILITIES

0
LOW

0
MODERATE

0
IMPORTANT

0
CRITICAL

Margarita Time!

Related Posts

Opinion

Migrate from Windows 7 to Windows 10 Before It’s Too Late: Everything You Need to Know!

Out-dated operating systems such as the beloved Windows 7, may still be functional but leave your company vulnerable. It is inherently risky to continue running Windows 7 and much safer to migrate to Windows 10 before it is too late.

Read More
Patch Tuesday

A Troubled Update to Critical Browser Patches for October Patch Tuesday

This October Patch Tuesday is an important but troubled patch release from Microsoft with a critical, out-of-band browser update that has been widely reported as causing a number of deployment issues.

Read More
Patch Impact Assessment Summary

Patch Impact Assessment October 2019

This October Patch Tuesday is an important but troubled patch release from Microsoft. With a browser out-of-band critical update that has been widely reported as causing a number of deployment issues.

Read More