Notice of Emergency Windows/Internet Explorer Security Patch

Security Patching

Overview of Windows/Internet Explorer Security Patch

Microsoft has advised Windows/Internet Explorer users to install an “emergency” out-of-band security patch (i.e. not released on patch-Tuesday) for a recently detected Zero-Day-Exploit (i.e an exploit that has already been actively used prior to the release of the patch).

A security flaw in some versions of Internet Explorer could allow an attacker to remotely run malicious code on an affected device. A user could be stealthily infected by visiting a malicious web page or by being tricked into clicking on a link in an email. “An attacker who successfully exploited the vulnerability could take control of an affected system,” said Microsoft.

Microsoft also issued a fix for its in-built malware scanner Windows Defender, which if exploited, could have triggered a denial-of-service condition resulting in the app failing to work.

Technical Details

Application Affect: Internet Explorer 9, 10 and 11
Security Advisory: CVE-2019-1367
Link to Mitre Advisory: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1367
Link to NIST Advisory: https://nvd.nist.gov/vuln/detail/CVE-2019-1367
Link to Microsoft Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367

As a Patchworx Client…

We are always working, 24x7x365, to make sure your systems are patched and secured. Our valued Patchworx clients received the below message from us shortly after the Microsoft advisory.

IF you are a customer with Patchworx for Workstations AND…

Have a “24x7” patching schedule (i.e. deployment of software update packages once a week on a 24 x 7 cycle) THEN…

    • Alvaka has updated your latest workstation software update package to include the necessary patch for this vulnerability.
    • Your users will receive the patch once connected to an internal network or the internet. The workstation will automatically reboot itself within 24 hours of receiving the patch to fully enable its capability.
    • It is therefore recommended that you notify all staff members to turn on their workstations and leave them connected to the internal network or internet so that they receive the software update package in a timely manner.

DO NOT have a “24x7” patching schedule (i.e. non-continuous deployment of software update packages. Ex: Deployment of software update packages during a one-week period once a month) THEN…

    • Alvaka will be reaching out to you shortly to schedule an out-of-phase software deployment.

IF you are a Patchworx for Servers Customer THEN…

    • Alvaka will be reaching out to you shortly to determine which servers are at risk and to schedule an out-of-phase software deployment where necessary.

With Patchworx, you can be assured that we will not only provide you with comprehensive patch management, but we will keep you updated on any security threats that may affect you and your systems.
Microsoft WSUS Consultant

WSUS Consulting Services

Software update service for system administrators to manage Microsoft product updates

SCCM Consulting Services

Systems management software for managing large numbers of computers running multiple operating systems and application.

We utilize a proven 31-step patching process.

*Diagram represents a portion of our process

Patch Management As A Service

FREE Webinar Every Thursday
from 10:00 - 11:00 AM. PST

RSVP Early - Limited Seats

$250K Cyber Insurance Coverage

Our integrated insurance coverage and breach response services includes $250,000 of cyber liability insurance (annual aggregate) with $0 deductible.

As a Patchworx℠ client, you will be protected for the cost of an actual or suspected violation of a privacy regulation due to a security breach that results in the unauthorized release of protected personal information (PPI) up to the policy limits.

PPI is defined as any private, non-public information of any kind in the merchant’s care, custody or control. This coverage territory is worldwide and is backed by a carrier rated A+ by AM Best.

ACHIEVE PATCH COMPLIANCE ASSURANCE