Patching in Review – Week 35 of 2019
Brian Secrist
As we approach Labor Day weekend, vendors have been busy releasing numerous updates, with Google Chrome getting a final security release for the month.
This week Microsoft finally removed the WSUS hold for KB4512506/KB4512486. In review, the highest-profile bug from August’s Patch Tuesday originated from the SHA-2 migration for Windows 7 and Server 2008 R2 and its compatibility with Symantec Endpoint Protection. The issue stemmed from a fear that the software may not correctly identify system files being patched and might leave the machine in an incomplete state, which could affect stability. Woody on Windows via ComputerWorld wrote an article detailing the aftermath with a great point: “The block is gone, but questions remain. Nothing has changed, so why was it blocked in the first place?”
Security Releases
Google Chrome released version 76.0.3809.132 with a total of three security fixes reported by the vendor and a single CVE. Although CVE-2019-5869 was classified as a “High” severity, CIS released an advisory recommending expedited remediation. The vulnerability covers a scenario where an attacker could execute arbitrary code though a maliciously crafted website to perform numerous functions in the context of the user rights.
Third-Party Updates
Outside of the critical release above, this week has not been boring with considerable non-security releases for the week. It’s worth remembering that these updates may contain undisclosed security remediations as well as helpful stability fixes.
|
Software Title |
Ivanti ID |
Ivanti KB |
|
AIMP 4.60.0.2146 |
AIMP-016 |
QAIMP4602146 |
|
Camtasia 2019.0.7 |
CAMTA-022 |
QCAMTASIA1907 |
|
Citrix Receiver 4.9.8000, LTSR Cumulative Update 8 |
CTXR-020 |
QCTXR498000 |
|
GoodSync 10.10.7.7 |
GOODSYNC-129 |
QGS101077 |
|
GoToMeeting 8.46.1 |
GOTOM-069 |
QGTM8461 |
|
Malwarebytes 3.8.3.2965 |
MBAM-014 |
QMBAM3832965 |
|
Node.JS 12.9.1 (Current) |
NOJSC-022 |
QNODEJSC1291 |
|
Opera 63.0.3368.53 |
OPERA-226 |
QOP630336853 |
|
PDF-Xchange PRO 8.0.332.0 |
PDFX-032 |
QPDFX803320 |
|
PeaZip 6.9.1 |
PZIP-018 |
QPZIP691 |
|
Plex Media Server 1.16.5.1554 |
PLXS-043 |
QPLXS11651554 |
|
Skype 8.51.0.92 |
SKYPE-166 |
QSKY851092 |
|
Tableau Desktop 2018.1.16 |
TABDESK2018-019 |
QTABDESK2018116 |
|
Tableau Desktop 2018.2.13 |
TABDESK2018-020 |
QTABDESK2018213 |
|
Tableau Desktop 2018.3.10 |
TABDESK2018-021 |
QTABDESK2018310 |
|
Tableau Desktop 2019.1.7 |
TABDESK2019-010 |
QTABDESK201917 |
|
Tableau Desktop 2019.2.3 |
TABDESK2019-011 |
QTABDESK201923 |
|
Tableau Reader 2019.2.3 |
TABREAD2019-007 |
QTABREAD201923 |
|
TeamViewer 14.5.5819 |
TVIEW-052 |
QTVIEW1455819 |
|
Thunderbird 68.0 |
TB19-6800 |
QTB6800 |
|
Zoom Client 4.5.3261 |
ZOOM-027 |
QZOOM453261 |
