Lansweeper holds more than 450 built-in network reports, but ad-hoc vulnerabilities mostly require a custom vulnerability report to assess if you’re vulnerable and need to update. We regularly create custom hardware and software reports to address known issues.
Indisputably, the uppermost popular audit report in 2019 was our Windows 7 End of Life Audit. Although we’ve surpassed the official end of life date on January 14, 2020, the report is still highly-relevant as of today. Many businesses failed to migrate their Windows 7 devices in time and researchers are observing a serious 125% increase in malware targeting the deprecated OS.
Aside from Windows 7 EOL, several high-severity vulnerabilities surfaced in 2019. Here’s our top 10 of the most accessed Vulnerability Reports in 2019.
1. Critical IE Zero-Day Vulnerability
CVE-2019-1367
On September 22, 2019, Microsoft issued a rare emergency security update for Internet Explorer to address a critical Zero-Day flaw in the browser that’s being exploited in the wild. Tracked as CVE-2019-1367, the IE 0-day is a remote code execution vulnerability in the way Microsoft’s scripting engine handles objects in memory in Internet Explorer. The Internet Explorer vulnerability affected versions 9, 10 and 11.
2. Actively Exploited Google Chrome Zero-Day Flaw
CVE-2019-5786
This major Chrome Zero-Day Flaw, known as CVE-2019-5786, leads to remote code execution attacks. Google warned that this Zero-Day vulnerability is actively being exploited in the wild by attackers. The vulnerability affects the web browsing software for all major operating systems including Microsoft Windows, Apple macOS, and Linux.
3. Plundervolt Attack Hits Intel Processors
CVE-2019-11157
Dubbed Plundervolt and tracked as CVE-2019-11157, this critical Intel attack relies on the fact that modern processors allow frequency and voltage to be adjusted when needed, which can be modified in a controlled way to induce errors in the memory by flipping bits. By ‘undervolting’ the CPU, Intel’s secure enclave technology becomes vulnerable to attack.
4. SWAPGS Attack
CVE-2019-1125
Dubbed as “the latest Spectre for Intel CPUs”, the SWAPGS vulnerability allows unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory, including passwords, tokens, and encryption keys, that would otherwise be inaccessible. Microsoft silently issued patches for the new speculative execution vulnerability in its July 2019 Patch Tuesday security update.
5. Linux Sudo Open Root Access Vulnerability
CVE-2019-14287
The vulnerability in question is a Sudo security policy bypass flaw that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system. The bug requires a system to have a non-standard configuration. In other words, Linux computers are not vulnerable by default. All systems prior to version 1.8.28 are affected by the Linux Sudo vulnerability.
6. SupportAssist Exploit on Dell PCs
CVE-2019-3719
An exploit in SupportAssist Client software from Dell allows potential hackers to remotely get the execute arbitrary executables. This remote code execution, known as CVE-2019-3719, affects all SupportAssist versions before version 3.2.0.90. The SupportAssist utility, formerly known as Dell System Detect, comes pre-installed on most Dell computers.
7. 19-Year Old Critical WinRAR Vulnerability
CVE-2018-20250
Potentially impacting 500 million users, this 19-year old WinRAR vulnerability gives hackers the opportunity to extract malicious software to anywhere on your hard drive. It was UNACEV2.DLL that caused the security breach but it was patched in version 5.70 of WinRAR.
8. WhatsApp Zero-Day Used to Install Spyware
CVE-2019-3568
CVE-2019-3568 is a severe vulnerability in WhatsApp that can be exploited to install Pegasus Spyware. The exploit allows hackers to remotely install surveillance spyware on mobile devices by simply calling the targeted phone numbers over Whatsapp. Pegasus spyware allows attackers to access an incredible amount of data from victims’ smartphones, including their emails, WhatsApp messages, contact details, and much more.
9. Two Critical Confluence Vulnerabilities
CVE-2019-3395 & CVE-2019-3396
The 2 vulnerabilities, tracked as CVE-2019-3395 and CVE-2019-3396, affect almost all locally-running Confluence versions. Both WebDAV and the Widget Connector are vulnerable and were reportedly being exploited in the wild.
10. Multiple NVIDIA GPU Display Driver Flaws
CVE-2019-5675, CVE-2019-5676, and CVE-2019-5677
In summary: three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. The most severe of the flaws, CVE-2019-5675, could be exploited to launch DoS attacks that could cripple the system.
