March, 2020: Patch Monday: Trend Micro Vulnerabilities Attacked

Welcome to this March Patch Monday Bulletin. This month there are patches from Adobe, Google, Mozilla, and Trend Micro. There are no confirmed successful attacks on platforms updated this month but Trend Micro reports that there were “active attempts of potential attacks” against several of the vulnerabilities. If Trend Micro Apex One or OfficeScan is in use, then make sure that updates are applied. Trend Micro states that Apex One as a Service automatically received the patch during their February 2020 release. Review Chrome and Firefox to ensure that updates were applied appropriately throughout the environment. Adobe has priority 2 updates for Adobe Experience Manager and Acrobat/Reader so update those products if they are present in the environment. Finally review the environment for Adobe Bridge, Adobe Photoshop, Adobe Genuine Integrity Service, and Mozilla Thunderbird and update as necessary.

By now everyone has been affected by the Covid-19 outbreak and may be wondering how it might affect them from a security perspective. Attacks against remote access solutions and phishing have long been a successful avenue for adversaries and the outbreak may cause a shift in their priorities. There have been numerous reports of Covid-19 related phishing campaigns, so it is extremely important that phishing education, especially in relation to the virus, is effective. Many organizations have also moved to a work from home policy for their workforce. Follow best practices for securing remote access solutions such as multi factor authentication and updating these services. Most importantly targeted organizations, such as healthcare and related industries, need to remain diligent during this time.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of non MS patches this month.

Patch data provided by:

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

Multiple CVE’s

Adobe Bridge

10.0

3/17/2020

Arbitrary Code Execution

Critical Priority 3: Update at admin’s discretion

CVE-2020-3769

Adobe Experience Manager

6.5 and earlier

3/17/2020

Sensitive Information Disclosure

Important Priority 2: Update within 30 days

Multiple CVE’s

Adobe Photoshop

CC 2019 20.0.8 and earlier

2020 21.1 and earlier

3/17/2020

Arbitrary Code Execution, Information Disclosure

Critical Priority 3: Update at admin’s discretion

Multiple CVE’s

Adobe Acrobat and Reader

Continuous 2020.006.20034

Classic 2017 2017.011.30158 and earlier

Classic 2015 2015.006.30510 and earlier

3/17/2020

Arbitrary Code Execution, Information Disclosure, Privilege Escalation

Critical Priority 2: Update within 30 days

CVE-2020-3766

Adobe Genuine Integrity Service

6.4?and?earlier

3/17/2020

Privilege Escalation

Important Priority 3: Update at admin’s discretion

Multiple CVE’s

Google Chrome

Before 80.0.3987.149

3/18/2020

Use After Free, Security Bypass, Information Disclosure

Update after testing

Multiple CVE’s

Mozilla Firefox

Before 74/ESR 68.6

3/10/2020

Denial of Service, Arbitrary Code Execution, Information Disclosure, Spoofing, Security Bypass

Update after testing

Multiple CVE’s

Mozilla Thunderbird

Before 68.6

3/10/2020

Denial of Service, Arbitrary Code Execution, Information Disclosure

Update after testing

Multiple CVE’s

Trend Micro Apex One and OfficeScan

Apex One 2019

OfficeScan XG, XG SP1

3/18/2020

Arbitrary Code Execution, Security Bypass

Update as soon as possible