Patch Impact Assessment June 2019

Vulnerability Assessment

4

PUBLICLY DISCLOSED

0

EXPLOITED

0

ZERO-DAY

This month, Microsoft delivers a big, complex series of updates to Windows, Azure and Edge. With 88 vulnerabilities addressed and four made public, we see “Patch Now” recommendations for both browsers, Windows and Adobe. I think that we should pay special attention to this month’s significant updates to ADO and JET.

Windows

This is a big, complex update that affects many of the core operating system components. If you have a reliance on JET/ADO, Hyper-V or specialist line of business applications that relay on core GDI services, then this updates needs application compatibility testing. Otherwise, add this large Windows update to your standard deployment effort.

VULNERABILITIES

0
LOW

1
MODERATE

57
IMPORTANT

5
CRITICAL

PATCH NOW!

Browsers

For this Patch Tuesday, Microsoft has attempted to resolve 16 critical, three important, and 16 moderate vulnerabilities in Microsoft’s Edge browser. Add this update to your Patch Now release cycle.

VULNERABILITIES

3
LOW

16
MODERATE

3
IMPORTANT

16
CRITICAL

PATCH NOW!

Office

These reported issues are more difficult to exploit, and with no critical updates this month, we recommend that you “Schedule” this update as part of your standard deployment effort.

VULNERABILITIES

0
LOW

0
MODERATE

7
IMPORTANT

0
CRITICAL

SCHEDULE

Dev Tools

Schedule the Azure DevOps update, but add the Chakra update to your “Patch Now” release schedule.

VULNERABILITIES

0
LOW

0
MODERATE

1
IMPORTANT

9
CRITICAL

SCHEDULE

Adobe Flash Player

As usual, its serious as its ridiculously easy to exploit and if you have Flash on your systems (you really shouldn’t) please add to this critical update to your “Patch Now” deployment effort. 

VULNERABILITIES

0
LOW

0
MODERATE

0
IMPORTANT

1
CRITICAL

PATCH NOW!

Related Posts

Patch Impact Assessment Summary

Patch Impact Assessment (Threatscape Report) September 2019

Here’s our 2019 Patch Impact assessment report reformatted with our new “Threatscape” report, showing a more complete assessment of the risk of not installing September’s Patch Tuesday updates in an easily-digestible, at-a-glance report.

Read More
Patch Tuesday

Complex September Update Brings Large Windows, Browser and Development Tool Patches

Greg Lambert’s Patch Tuesday post for September is here. This September update cycle brings two zero-days and three publicly reported vulnerabilities in the Windows platform.

Read More
Patch Impact Assessment Summary

Patch Impact Assessment September 2019

This September update cycle brings two zero-days and three publicly reported vulnerabilities in the Windows platform. Both browser and Windows updates require immediate attention and your development team will need to spend some time with the latest patches to .NET and .NET Core.

Read More