Microsoft Management Console (MMC) Vulnerabilities

[Guest]

Quote

 

Recently, Check Point Research discovered several vulnerabilities in the console that would allow an attacker to deliver a malicious payload.

Microsoft has granted CVE-2019-0948 to this vulnerability and patched it in their June 11th Patch Tuesday release.

 

 

https://research.checkpoint.com/microsoft-management-console-mmc-vulnerabilities/

Probably, I have not verified, the Windows Vista can find the relative patch.
Not available for Windows XP.

It would be interesting to open a debate on the countermeasures to be taken.

Personally at the moment I have taken the following precautions:

 

1) Block direct execution of Vbscript code and block execution of .vbs scripts.

2) Block any process executed from mmc.exe.

3) Block execution .msc script executed outside Sytem Folder.

Edited June 18, 2019 by Sampei.Nihira

[Mcinwwl]

Isn't MMC available only in Pro and higher Windows versions?

[Guest]

Hi.

It is also available in the Home version.

[VistaLover]

On 6/18/2019 at 7:37 PM, Sampei.Nihira said:

Probably, I have not verified, the Windows Vista can find the relative patch.

Vista SP2 users can manually install provided patch(es) for WS2008SP2:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0948

https://support.microsoft.com/en-us/help/4503273/windows-server-2008-update-kb4503273

https://support.microsoft.com/en-us/help/4503287/windows-server-2008-update-kb4503287