This month we got patches for 79 vulnerabilities from Microsoft and 2 from Adobe. From those, 23 are critical and 2 were previously known – including the one that has been exploited in the wild.
The exploited vulnerability (CVE-2019-0863) affects the way Windows Error Reporting (WER) handles files. It may allow a local attacker to elevate privileges and run arbitrary code in kernel mode. The CVSS V3 for this vulnerability is 7.8.
The other previously known (CVE-2019-0932) is an information disclosure vulnerability which affects Skype for Android. Exploiting this vulnerability, an attacker could listen to the conversation of a Skype for Android without the user’s knowledge.
Amongst critical vulnerabilities, it worth mentioning a remote code execution in Windows Remote Desktop Services (CVE-2019-0708). An unauthenticated attacker may exploit this vulnerability by sending specially crafted packets to the vulnerable service and then execute arbitrary code on the target system. It affects Windows 7 and Windows Server 2008. The CVSS V3 score for this vulnerability is 9.8.
Last but not least, we have a new critical remote execution vulnerability affecting GDI+ (Windows Graphics Device Interface). An attacker could exploit this vulnerability by convincing the user to open a specially crafted attachment in an e-mail or instant messenger, for example. The CVSS V3 for this vulnerability is 8.8.
See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com
.png)
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| .NET Framework Denial of Service Vulnerability | |||||||
| %%cve:2019-0864%% | No | No | Less Likely | Less Likely | Important | ||
| .NET Framework and .NET Core Denial of Service Vulnerability | |||||||
| %%cve:2019-0820%% | No | No | Less Likely | Less Likely | Important | ||
| .Net Framework and .Net Core Denial of Service Vulnerability | |||||||
| %%cve:2019-0980%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0981%% | No | No | Less Likely | Less Likely | Important | ||
| ASP.NET Core Denial of Service Vulnerability | |||||||
| %%cve:2019-0982%% | No | No | Less Likely | Less Likely | Important | ||
| Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | |||||||
| %%cve:2019-0872%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0979%% | No | No | – | – | Important | ||
| Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability | |||||||
| %%cve:2019-0971%% | No | No | Less Likely | Less Likely | Important | ||
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
| %%cve:2019-0912%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0913%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0914%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0915%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0916%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0917%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0922%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0923%% | No | No | – | – | Important | 4.2 | 3.8 |
| %%cve:2019-0924%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0925%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0927%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0933%% | No | No | – | – | Critical | 4.2 | 3.8 |
| %%cve:2019-0937%% | No | No | – | – | Critical | 4.2 | 3.8 |
| Diagnostic Hub Standard Collector, Visual Studio Standard Collector Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0727%% | No | No | Less Likely | Less Likely | Important | 6.7 | 6.0 |
| GDI+ Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0903%% | No | No | More Likely | More Likely | Critical | 8.8 | 7.9 |
| Internet Explorer Information Disclosure Vulnerability | |||||||
| %%cve:2019-0930%% | No | No | More Likely | More Likely | Important | 2.4 | 2.2 |
| Internet Explorer Memory Corruption Vulnerability | |||||||
| %%cve:2019-0929%% | No | No | – | – | Critical | 7.5 | 6.7 |
| Internet Explorer Security Feature Bypass Vulnerability | |||||||
| %%cve:2019-0995%% | No | No | – | – | Important | 7.3 | 6.6 |
| Internet Explorer Spoofing Vulnerability | |||||||
| %%cve:2019-0921%% | No | No | Less Likely | Less Likely | Important | 2.4 | 2.2 |
| Jet Database Engine Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0893%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0894%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0895%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0896%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0897%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0898%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0899%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0900%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0901%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0902%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0889%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0890%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0891%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Latest Servicing Stack Updates | |||||||
| ADV990001 | No | No | – | – | Critical | ||
| May 2019 Adobe Flash Security Update | |||||||
| ADV190012 | No | No | – | – | Critical | ||
| Microsoft Azure AD Connect Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-1000%% | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Browser Memory Corruption Vulnerability | |||||||
| %%cve:2019-0940%% | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
| Microsoft Dynamics On-Premise Security Feature Bypass | |||||||
| %%cve:2019-1008%% | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Edge Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0938%% | No | No | – | – | Important | 4.2 | 3.8 |
| Microsoft Edge Memory Corruption Vulnerability | |||||||
| %%cve:2019-0926%% | No | No | – | – | Critical | 4.2 | 3.8 |
| Microsoft Guidance to mitigate Microarchitectural Data Sampling vulnerabilities | |||||||
| ADV190013 | No | No | More Likely | More Likely | Important | ||
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0945%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0946%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0947%% | No | No | – | – | Important | ||
| Microsoft Office SharePoint XSS Vulnerability | |||||||
| %%cve:2019-0963%% | No | No | – | – | Important | ||
| Microsoft SQL Server Analysis Services Information Disclosure Vulnerability | |||||||
| %%cve:2019-0819%% | No | No | Less Likely | Less Likely | Important | ||
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0957%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0958%% | No | No | Less Likely | Less Likely | Important | ||
| Microsoft SharePoint Server Information Disclosure Vulnerability | |||||||
| %%cve:2019-0956%% | No | No | – | – | Important | ||
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0952%% | No | No | – | – | Important | ||
| Microsoft SharePoint Spoofing Vulnerability | |||||||
| %%cve:2019-0949%% | No | No | – | – | Important | ||
| %%cve:2019-0950%% | No | No | – | – | Important | ||
| %%cve:2019-0951%% | No | No | – | – | Important | ||
| Microsoft Word Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0953%% | No | No | Less Likely | Less Likely | Critical | ||
| NuGet Package Manager Tampering Vulnerability | |||||||
| %%cve:2019-0976%% | No | No | Less Likely | Less Likely | Important | ||
| Remote Desktop Services Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0708%% | No | No | – | – | Critical | 9.8 | 8.8 |
| Scripting Engine Memory Corruption Vulnerability | |||||||
| %%cve:2019-0884%% | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
| %%cve:2019-0911%% | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
| %%cve:2019-0918%% | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
| Skype for Android Information Disclosure Vulnerability | |||||||
| %%cve:2019-0932%% | Yes | No | Less Likely | Less Likely | Important | ||
| Unified Write Filter Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0942%% | No | No | Less Likely | Less Likely | Important | 4.4 | 4.0 |
| Win32k Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0892%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows DHCP Server Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0725%% | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.3 |
| Windows Defender Application Control Security Feature Bypass Vulnerability | |||||||
| %%cve:2019-0733%% | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
| Windows Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0734%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0936%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows Error Reporting Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0863%% | Yes | Yes | Detected | Detected | Important | 7.8 | 7.0 |
| Windows GDI Information Disclosure Vulnerability | |||||||
| %%cve:2019-0882%% | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
| %%cve:2019-0961%% | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
| %%cve:2019-0758%% | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
| Windows Hyper-V Information Disclosure Vulnerability | |||||||
| %%cve:2019-0886%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Windows Kernel Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0881%% | No | No | More Likely | More Likely | Important | 8.8 | 7.9 |
| Windows NDIS Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0707%% | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
| Windows OLE Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0885%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows Storage Service Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0931%% | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
—
Renato Marinho
Morphus Labs| LinkedIn| Twitter
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.