Hello, welcome to the Wednesday, March 13th, 2019 edition of the Sands and the Storm Center's

Stormcast. My name is Johannes Ulrich. And I'm recording from Jacksonville, Florida.

Today, of course, Microsoft patched Tuesday, and with that we got 64 vulnerabilities being

patched by Microsoft. Two of the vulnerabilities

have already been exploited in the wild and four vulnerabilities have been known prior to the patch

being released. Both of the exploited vulnerabilities are in Win 32K. These are privilege escalation vulnerabilities and one in particular has been used together with a bug in Google Chrome in some targeted attacks.

And this was the vulnerability I mentioned last week where Chrome already released a patch for it and now we got

the corresponding Microsoft patch for the exploited vulnerabilities. The already publicly

known vulnerabilities include an active directory elevation of privilege vulnerabilities, also

vulnerability in the Nuget packet manager.

That actually could be sort of interesting.

Nuget is published together with Visual Studio usually and used to either retrieve or build these Nuget packages.

We also have a separate code execution vulnerability in Visual Studio itself.

And well, probably the last one I would consider the least important one here is Windows

denial of service vulnerability, but an attacker already has to have local access to the system.

Among the 17 critical bugs that have been fixed here is again another DHCP client

remote code execution vulnerability.

These of course are always interesting because all it takes is a user connecting to a DHCP server, which essentially

you have to do if you are connecting to a public network.

So that's kind of an interesting little new twist that we see a lot of vulnerabilities lately

against DHCP clients.

Now as far as Adobe goes, things are a little bit confusing here.

...