Notice of Emergency Windows/Internet Explorer Security Patch

Security Patching

Overview of Windows/Internet Explorer Security Patch

Microsoft has advised Windows/Internet Explorer users to install an “emergency” out-of-band security patch (i.e. not released on patch-Tuesday) for a recently detected Zero-Day-Exploit (i.e an exploit that has already been actively used prior to the release of the patch).

A security flaw in some versions of Internet Explorer could allow an attacker to remotely run malicious code on an affected device. A user could be stealthily infected by visiting a malicious web page or by being tricked into clicking on a link in an email. “An attacker who successfully exploited the vulnerability could take control of an affected system,” said Microsoft.

Microsoft also issued a fix for its in-built malware scanner Windows Defender, which if exploited, could have triggered a denial-of-service condition resulting in the app failing to work.

Technical Details

Application Affect: Internet Explorer 9, 10 and 11
Security Advisory: CVE-2019-1367
Link to Mitre Advisory: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1367
Link to NIST Advisory: https://nvd.nist.gov/vuln/detail/CVE-2019-1367
Link to Microsoft Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367

As a Patchworx Client…

We are always working, 24x7x365, to make sure your systems are patched and secured. Our valued Patchworx clients received the below message from us shortly after the Microsoft advisory.

IF you are a customer with Patchworx for Workstations AND…

Have a “24x7” patching schedule (i.e. deployment of software update packages once a week on a 24 x 7 cycle) THEN…

    • Alvaka has updated your latest workstation software update package to include the necessary patch for this vulnerability.
    • Your users will receive the patch once connected to an internal network or the internet. The workstation will automatically reboot itself within 24 hours of receiving the patch to fully enable its capability.
    • It is therefore recommended that you notify all staff members to turn on their workstations and leave them connected to the internal network or internet so that they receive the software update package in a timely manner.

DO NOT have a “24x7” patching schedule (i.e. non-continuous deployment of software update packages. Ex: Deployment of software update packages during a one-week period once a month) THEN…

    • Alvaka will be reaching out to you shortly to schedule an out-of-phase software deployment.

IF you are a Patchworx for Servers Customer THEN…

    • Alvaka will be reaching out to you shortly to determine which servers are at risk and to schedule an out-of-phase software deployment where necessary.

With Patchworx, you can be assured that we will not only provide you with comprehensive patch management, but we will keep you updated on any security threats that may affect you and your systems.
Microsoft WSUS Consultant

WSUS Consulting Services

Software update service for system administrators to manage Microsoft product updates
  • Help resolving common WSUS server issues
  • Solve the problem of PCs not reporting to WSUS
  • Identify and repair the common WSUS system errors
  • Fix high CPU utilization problems
  • Stop duplicate SUSClientIDs
  • Diagnose and fix failed downloads
  • Fix IIS permissions that lead to failed Windows Update Agent Error Codes
  • Using Group Policy to set WSUS agent policies
  • Troubleshooting issues with WSUS client agents

SCCM Consulting Services

Systems management software for managing large numbers of computers running multiple operating systems and application.
  • Help with the frequent updates required to maintain security and version updates
  • Develop a program to get a monthly cadence for distributing updates
  • Understanding the of conflicting reports coming from SCCM
  • Verify accuracy before starting the deployment
  • How to properly initiate Client Notification Actions
  • Troubleshooting (DRS) Database Replication Service within SCCM
  • Proactively fixing client issues
  • Fixing failed deployments so you can move on to other more important tasks
  • Fixing ConfigMgr problems
  • Integrate third party add-ins(like Ivanti) for third party updates
  • Support Wake on Lan(WOL) patching
  • Maintenance Windows feature to prevent Servers restart during business hours
  • Updates Windows 10 image during build process that way your workstation will always have the latest security updates
  • Integrate with PowerBi for better reporting

We utilize a proven 31-step patching process.

*Diagram represents a portion of our process”
Patch Management As A Service

FREE Webinar Every Thursday
from 10:00 - 11:00 AM. PST

RSVP Early - Limited Seats

$250K Cyber Insurance Coverage

Our integrated insurance coverage and breach response services includes $250,000 of cyber liability insurance (annual aggregate) with $0 deductible.

As a Patchworx℠ client, you will be protected for the cost of an actual or suspected violation of a privacy regulation due to a security breach that results in the unauthorized release of protected personal information (PPI) up to the policy limits.

PPI is defined as any private, non-public information of any kind in the merchant’s care, custody or control. This coverage territory is worldwide and is backed by a carrier rated A+ by AM Best.

ACHIEVE PATCH COMPLIANCE ASSURANCE