Hello, welcome to the Wednesday, June 13th, 2018 edition of the Santernut Storm Center's

Stormcast. My name is Johannes Ulrich, and I am recording from Jacksonville, Florida.

And it is Microsoft's Patch Tuesday, depending on how you count, we got fixes for 50 or 51

vulnerabilities today.

Now some of them are no surprise, we got a flash update.

We also got the update for Spector version 4, which of course still requires the microcode

patch from AMD and Intel. But these are not the vulnerabilities

that I'm most worried about. There are two vulnerabilities here that I think could become a big

problem if an exploit for them should materialize. First of all, a vulnerability in Microsoft's DNS server.

A malicious DNS response may execute arbitrary code.

This of course could be done fairly easily, maybe even warmable,

where you have a malicious DNS server that then responds using the exploit to

arbitrary DNS requests.

The second vulnerability is also a server vulnerability in HTTP.Sys.

This is essentially the core of IIS that responds to HTTP requests and apparently a malicious

HTTP request may trigger arbitrary code.

Microsoft labeled the second vulnerability as unlikely to result in exploitation, meaning

that it won't be easy to come up with a reliably working

exploit. In addition, of course, we got updates for Microsoft Edge and Inan Explorer, including

the scripting engine to come with it, and that is again the bulk of the vulnerabilities.

So as far as patch priorities go, definitely take a look at these DNS and HTTP.sys vulnerabilities.

That's something you should address rather quickly if you are running affected servers and that also may take a little bit more

...