Site icon CT Link Systems, Inc.

Security Advisory: Vulnerabilities found on DHCP and Microsoft Exchange

Microsoft released patches for vulnerabilities that were actively being exploited via their regular security release on the last few months of 2018. They released 49 security patches and two advisories for 2019, seven were vulnerabilities rated as critical while 40 were important.

The highlight of these vulnerabilities is regarding to Windows DHCP Client (CVE-2019-0547), this allows a hacker to send commands on a machine by issuing DHCP responses. Alarmingly, most machines have DHCP client enabled across all windows operating systems, therefore applying this patch is a must. Another notable vulnerability is in the Microsoft Exchange software (CVE-2019-0586), this vulnerability could allow hackers to execute code as the system users and potentially can perform various tasks such as view, change, or delete data and even create new accounts.

Luckily for Trend Micro Customers specifically for Deep Security and Tipping point customers, Trend Micro has released virtual patch rules to protect you on those vulnerabilities immediately. While testing on the security patches released by Microsoft, Trend Micro customers can first apply virtual patch rules to eliminate exposure against possible attacks.  Please see below for the recommended virtual patches:

Trend Micro Deep Security and Vulnerability Protection recommended virtual patch rules are as follows:

Trend Micro Tipping Point MainlineDV filters to be applied are as follows:


If you have any further inquiries with regards to these vulnerabilities with Trend Micro or as a non-Trend Micro user, contact us at 893-9515 and we would be happy to answer your inquiries!

Exit mobile version