This month we got patches for 79 vulnerabilities from Microsoft and 1 from Adobe. From those, 23 are critical and 2 were previously known - including the one that has been exploited in the wild.
The exploited vulnerability (CVE-2019-0863) affects the way Windows Error Reporting (WER) handles files. It may allow a local attacker to elevate privileges and run arbitrary code in kernel mode. The CVSS V3 for this vulnerability is 7.8.
The other previously known (CVE-2019-0932) is an information disclosure vulnerability which affects Skype for Android. Exploiting this vulnerability, an attacker could listen to the conversation of a Skype for Android without the user’s knowledge.
Amongst critical vulnerabilities, it worth mentioning a remote code execution in Windows Remote Desktop Services (CVE-2019-0708). An unauthenticated attacker may exploit this vulnerability by sending specially crafted packets to the vulnerable service and then execute arbitrary code on the target system. It affects Windows 7 and Windows Server 2008. The CVSS V3 score for this vulnerability is 9.8.
Last but not least, we have a new critical remote execution vulnerability affecting GDI+ (Windows Graphics Device Interface). An attacker could exploit this vulnerability by convincing the user to open a specially crafted attachment in an e-mail or instant messenger, for example. The CVSS V3 for this vulnerability is 8.8.
UPDATE: Today's Patch Tuesday also addresses the new CPU side-channel attack published today known as Zombieload[1] (ADV190013). As Meltdown, Spectre, and Foreshadow the new flaw may allow an attacker to steal sensitive data and keys being processed by the CPU. To fix the issue you must apply OS updates provided by Microsoft today (not available for all versions yet) and firmware microcode from device OEMs. The details for this advisory are available at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190013.
See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com
.png)
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| .NET Framework Denial of Service Vulnerability | |||||||
| %%cve:2019-0864%% | No | No | Less Likely | Less Likely | Important | ||
| .NET Framework and .NET Core Denial of Service Vulnerability | |||||||
| %%cve:2019-0820%% | No | No | Less Likely | Less Likely | Important | ||
| .Net Framework and .Net Core Denial of Service Vulnerability | |||||||
| %%cve:2019-0980%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0981%% | No | No | Less Likely | Less Likely | Important | ||
| ASP.NET Core Denial of Service Vulnerability | |||||||
| %%cve:2019-0982%% | No | No | Less Likely | Less Likely | Important | ||
| Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | |||||||
| %%cve:2019-0872%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0979%% | No | No | - | - | Important | ||
| Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability | |||||||
| %%cve:2019-0971%% | No | No | Less Likely | Less Likely | Important | ||
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
| %%cve:2019-0912%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0913%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0914%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0915%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0916%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0917%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0922%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0923%% | No | No | - | - | Important | 4.2 | 3.8 |
| %%cve:2019-0924%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0925%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0927%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0933%% | No | No | - | - | Critical | 4.2 | 3.8 |
| %%cve:2019-0937%% | No | No | - | - | Critical | 4.2 | 3.8 |
| Diagnostic Hub Standard Collector, Visual Studio Standard Collector Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0727%% | No | No | Less Likely | Less Likely | Important | 6.7 | 6.0 |
| GDI+ Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0903%% | No | No | More Likely | More Likely | Critical | 8.8 | 7.9 |
| Internet Explorer Information Disclosure Vulnerability | |||||||
| %%cve:2019-0930%% | No | No | More Likely | More Likely | Important | 2.4 | 2.2 |
| Internet Explorer Memory Corruption Vulnerability | |||||||
| %%cve:2019-0929%% | No | No | - | - | Critical | 7.5 | 6.7 |
| Internet Explorer Security Feature Bypass Vulnerability | |||||||
| %%cve:2019-0995%% | No | No | - | - | Important | 7.3 | 6.6 |
| Internet Explorer Spoofing Vulnerability | |||||||
| %%cve:2019-0921%% | No | No | Less Likely | Less Likely | Important | 2.4 | 2.2 |
| Jet Database Engine Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0893%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0894%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0895%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0896%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0897%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0898%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0899%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0900%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0901%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0902%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0889%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0890%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0891%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Latest Servicing Stack Updates | |||||||
| ADV990001 | No | No | - | - | Critical | ||
| May 2019 Adobe Flash Security Update | |||||||
| ADV190012 | No | No | - | - | Critical | ||
| Microsoft Azure AD Connect Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-1000%% | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Browser Memory Corruption Vulnerability | |||||||
| %%cve:2019-0940%% | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
| Microsoft Dynamics On-Premise Security Feature Bypass | |||||||
| %%cve:2019-1008%% | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Edge Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0938%% | No | No | - | - | Important | 4.2 | 3.8 |
| Microsoft Edge Memory Corruption Vulnerability | |||||||
| %%cve:2019-0926%% | No | No | - | - | Critical | 4.2 | 3.8 |
| Microsoft Guidance to mitigate Microarchitectural Data Sampling vulnerabilities | |||||||
| ADV190013 | No | No | More Likely | More Likely | Important | ||
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0945%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0946%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0947%% | No | No | - | - | Important | ||
| Microsoft Office SharePoint XSS Vulnerability | |||||||
| %%cve:2019-0963%% | No | No | - | - | Important | ||
| Microsoft SQL Server Analysis Services Information Disclosure Vulnerability | |||||||
| %%cve:2019-0819%% | No | No | Less Likely | Less Likely | Important | ||
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0957%% | No | No | Less Likely | Less Likely | Important | ||
| %%cve:2019-0958%% | No | No | Less Likely | Less Likely | Important | ||
| Microsoft SharePoint Server Information Disclosure Vulnerability | |||||||
| %%cve:2019-0956%% | No | No | - | - | Important | ||
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0952%% | No | No | - | - | Important | ||
| Microsoft SharePoint Spoofing Vulnerability | |||||||
| %%cve:2019-0949%% | No | No | - | - | Important | ||
| %%cve:2019-0950%% | No | No | - | - | Important | ||
| %%cve:2019-0951%% | No | No | - | - | Important | ||
| Microsoft Word Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0953%% | No | No | Less Likely | Less Likely | Critical | ||
| NuGet Package Manager Tampering Vulnerability | |||||||
| %%cve:2019-0976%% | No | No | Less Likely | Less Likely | Important | ||
| Remote Desktop Services Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0708%% | No | No | - | - | Critical | 9.8 | 8.8 |
| Scripting Engine Memory Corruption Vulnerability | |||||||
| %%cve:2019-0884%% | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
| %%cve:2019-0911%% | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
| %%cve:2019-0918%% | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
| Skype for Android Information Disclosure Vulnerability | |||||||
| %%cve:2019-0932%% | Yes | No | Less Likely | Less Likely | Important | ||
| Unified Write Filter Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0942%% | No | No | Less Likely | Less Likely | Important | 4.4 | 4.0 |
| Win32k Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0892%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows DHCP Server Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0725%% | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.3 |
| Windows Defender Application Control Security Feature Bypass Vulnerability | |||||||
| %%cve:2019-0733%% | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
| Windows Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0734%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2019-0936%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows Error Reporting Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0863%% | Yes | Yes | Detected | Detected | Important | 7.8 | 7.0 |
| Windows GDI Information Disclosure Vulnerability | |||||||
| %%cve:2019-0882%% | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
| %%cve:2019-0961%% | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
| %%cve:2019-0758%% | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
| Windows Hyper-V Information Disclosure Vulnerability | |||||||
| %%cve:2019-0886%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Windows Kernel Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0881%% | No | No | More Likely | More Likely | Important | 8.8 | 7.9 |
| Windows NDIS Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0707%% | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
| Windows OLE Remote Code Execution Vulnerability | |||||||
| %%cve:2019-0885%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows Storage Service Elevation of Privilege Vulnerability | |||||||
| %%cve:2019-0931%% | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
References
[1] https://zombieloadattack.com/
--
Renato Marinho
Morphus Labs| LinkedIn| Twitter