Rewterz

Rewterz Threat Alert – Multiple Malware Campaigns – IoCs

March 18, 2019
Rewterz

Rewterz Threat Advisory – F5 Multiple Products OpenSSL Denial of Service Vulnerability

March 18, 2019

Rewterz threat Advisory – Microsoft SharePoint Server 2016 Multiple Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2019-0604
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’.

CVE-2019-0668
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft SharePoint Elevation of Privilege Vulnerability’.

CVE-2019-0594
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’.

Impact

  • Cross site scripting
  • Security Bypass

Affected Products

Microsoft SharePoint Server 2016

Remediation

Vendor has released updates for the following product.

Microsoft SharePoint Enterprise Server 2016 (KB4462155):

https://www.microsoft.com/downloads/details.aspx?familyid=2a51ab39-b043-4c60-b567-f0d89bff4603

Microsoft SharePoint Enterprise Server 2016 (KB4462211):

https://www.microsoft.com/downloads/details.aspx?familyid=d7a12d15-0230-487d-a2cf-ceb50a424559

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.