Hello, welcome to the Wednesday, July 10th, 2019 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich.

And then I'm recording from London, England.

Of course, today we'll have to start with Microsoft's Patch Tuesday.

We got patches for a total of 77 different vulnerabilities, 15 of which are rated as

critical. Among those vulnerabilities, there are two privilege escalation vulnerabilities that have

already been exploited in the wild. Now, five additional vulnerabilities have been disclosed by Google's

project zero ahead of this patch Tuesday. None of these vulnerabilities have been exploited, yet

the one that sort of sounded the most dangerous one was CBE 2019 1068.

This one is this Microsoft SQL Server remote code execution vulnerability,

but exploitation requires that an attacker is able to submit SQL queries to the Microsoft SQL server.

So possibly exploitable via maybe SQL injection in a vulnerable web application.

Interesting to note also that there is one vulnerability CVE 2019, 1130.

That's another evaluation of privilege vulnerability that was reported by Sandbox

Escaper. In the past Sandbox Escaper, tenant to release details about vulnerabilities publicly

via Twitter. This particular vulnerability appears to have been reported privately to Microsoft.

Other than the fact that the number of vulnerabilities is a bit higher than what we usually see,

the rest of the vulnerabilities are pretty much standard.

Most of the critical vulnerabilities are confined to the scripting engines and the browser.

So again, your web browser remains a huge target here and you definitely should try to apply these

patches quickly. Now, one vulnerability that's not actually related to the browser is critical remote code execution vulnerability in the DHCP server.

That sort of continues that trend of vulnerabilities related to DHCP.

...