TL;DR - Go straight to the Patch Tuesday report
Microsoft Releases Patches for 74 Flaws, 13 Rated Critical
It's time for another batch of "Patch Tuesday" updates from Microsoft. Microsoft released its April 2019 updates to address a total of 74 CVE-listed vulnerabilities, 13 of which are rated critical and the rest are rated important in severity.
This month's security updates come with 13 critical fixes. Most of these updates address vulnerabilities in scripting engines like Chakra Scripting Engine, VBScript Engine, and DHCP Client as well as in browsers like Internet Explorer and Edge. Failing to patch these vulnerabilities could lead to arbitrary code execution.
Publicly Exploited Vulnerabilities
This month's Patch Tuesday from Microsoft also addressed two vulnerabilities that are actively being exploited. Both the exploited vulnerabilities - CVE-2019-0803 and CVE-2019-0859 - reside in the win32k component of the Windows operating system and are rated important. These are Win32k elevation-of-privilege vulnerabilities that could allow a locally authenticated attacker to run arbitrary code in kernel mode.
It's highly recommended to apply the latest security patches as soon as possible. Make sure to the patches prior to deployment, to avoid stability issues. For addressing problematic update issues on Windows 10 devices, Microsoft last month also introduced a safety measure that automatically uninstalls buggy software updates installed on your system if your OS detects a startup failure.
Run the Patch Tuesday Report
Similar to previous months, we've created a report which checks if the assets in your network are on the latest Microsoft patch update. It's color-coded to give you an easy and quick overview which assets are already on the latest Windows update, and which ones still need to be patched. You can find the report on our forum.
If you haven't already, start your free trial of Lansweeper to run the Microsoft Patch Tuesday Report. Make sure to subscribe via the form below if you want to receive the latest Microsoft Patch reports and bonus network reports.