Threat Advisory: CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server

January 4, 2019

The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Notes VU#289907 and VU#531281 and Microsoft’s security advisories for CVE-2018-8611 and CVE-2018-8626 and apply the necessary updates.

Recommendations

Herjavec Group recommends that affected customers apply the referenced patches as soon as possible. One vulnerability allows attackers to execute arbitrary code and the other vulnerability escalates privileges.  Either vulnerability would potentially allow access to sensitive information, user credentials, or enable further pivoting into the enterprise network.

Endpoint protection solutions should also be updated once relevant signatures have been released and systems should be monitored for any suspicious activity.

For HG Managed Services customers, our Managed Services team will engage with the appropriate technical contacts in your respective organizations directly to provide alerts, escalations, actions and or reports based our service agreement with you. If you have questions or concerns, please engage your Herjavec Group account representative directly or contact Herjavec Group.