Microsoft April 2019 Patch Tuesday
This month we got patches for 74 vulnerabilities total. From those, 16 are critical and 2 have been exploited in the wild.
Both exploited vulnerabilities (CVE-2019-0859 and CVE-2019-0803) are related to Win32k component which fails to properly handle objects in memory and may permit a local attacker to elevate privileges and execute arbitrary code in kernel mode.
It is also worth mentioning a remote code execution vulnerability in GDI+ (Windows Graphics Device Interface) which affects the EMF (Enhanced MetaFile) parser. An attacker could exploit this vulnerability by convincing users to open specially crafted EML files in scenarios such as a file hosted on a web server or an e-mail attachment. Multiple Microsoft programs, especially Office suite, uses GDI+ component.
We got 5 vulnerabilities in the Jet Database Engine. Jet Database vulnerabilities are often exploitable via Office documents. But none of the vulnerabilities are labeled as critical.
See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| ASP.NET Core Denial of Service Vulnerability | |||||||
| CVE-2019-0815 | No | No | Less Likely | Less Likely | Important | ||
| April 2019 Adobe Flash Security Update | |||||||
| ADV190011 | No | No | - | - | Critical | ||
| Azure DevOps Server Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0875 | No | No | Less Likely | Less Likely | Important | ||
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
| CVE-2019-0812 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-0829 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-0806 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-0810 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-0860 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-0861 | No | No | - | - | Critical | 4.2 | 3.8 |
| DirectX Information Disclosure Vulnerability | |||||||
| CVE-2019-0837 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| GDI+ Remote Code Execution Vulnerability | |||||||
| CVE-2019-0853 | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.8 |
| Jet Database Engine Remote Code Execution Vulnerability | |||||||
| CVE-2019-0846 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-0847 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-0851 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-0877 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-0879 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Latest Servicing Stack Updates | |||||||
| ADV990001 | No | No | - | - | Critical | ||
| MS XML Remote Code Execution Vulnerability | |||||||
| CVE-2019-0790 | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| CVE-2019-0791 | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| CVE-2019-0792 | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| CVE-2019-0793 | No | No | More Likely | More Likely | Critical | 7.8 | 7.0 |
| CVE-2019-0795 | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| Microsoft Browsers Tampering Vulnerability | |||||||
| CVE-2019-0764 | No | No | Less Likely | Less Likely | Important | 2.4 | 2.2 |
| Microsoft Edge Information Disclosure Vulnerability | |||||||
| CVE-2019-0833 | No | No | - | - | Important | 4.3 | 3.9 |
| Microsoft Excel Remote Code Execution Vulnerability | |||||||
| CVE-2019-0828 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Exchange Spoofing Vulnerability | |||||||
| CVE-2019-0858 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0817 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Graphics Components Remote Code Execution Vulnerability | |||||||
| CVE-2019-0822 | No | No | More Likely | More Likely | Important | ||
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | |||||||
| CVE-2019-0823 | No | No | - | - | Important | ||
| CVE-2019-0824 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0825 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0826 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0827 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Office SharePoint XSS Vulnerability | |||||||
| CVE-2019-0830 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0831 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Scripting Engine Information Disclosure Vulnerability | |||||||
| CVE-2019-0835 | No | No | Less Likely | Less Likely | Important | 4.3 | 3.9 |
| OLE Automation Remote Code Execution Vulnerability | |||||||
| CVE-2019-0794 | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Office Remote Code Execution Vulnerability | |||||||
| CVE-2019-0801 | No | No | More Likely | More Likely | Important | ||
| Open Enclave SDK Information Disclosure Vulnerability | |||||||
| CVE-2019-0876 | No | No | - | - | Important | ||
| SMB Server Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0786 | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| Scripting Engine Memory Corruption Vulnerability | |||||||
| CVE-2019-0739 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-0752 | No | No | More Likely | More Likely | Important | 6.4 | 5.8 |
| CVE-2019-0753 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
| CVE-2019-0862 | No | No | More Likely | More Likely | Important | ||
| Team Foundation Server Cross-site Scripting Vulnerability | |||||||
| CVE-2019-0866 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0867 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0868 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0870 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0871 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-0874 | No | No | - | - | Important | ||
| Team Foundation Server HTML Injection Vulnerability | |||||||
| CVE-2019-0869 | No | No | Less Likely | Less Likely | Important | ||
| Team Foundation Server Spoofing Vulnerability | |||||||
| CVE-2019-0857 | No | No | - | - | Important | ||
| Win32k Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0803 | No | Yes | Detected | More Likely | Important | 7.0 | 6.3 |
| CVE-2019-0685 | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| CVE-2019-0859 | No | Yes | Detected | More Likely | Important | 7.8 | 7.0 |
| Win32k Information Disclosure Vulnerability | |||||||
| CVE-2019-0848 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
| CVE-2019-0814 | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
| Windows Admin Center Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0813 | No | No | - | - | Important | ||
| Windows CSRSS Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0735 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
| Windows Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0805 | No | No | More Likely | More Likely | Important | 6.7 | 6.0 |
| CVE-2019-0841 | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
| CVE-2019-0730 | No | No | More Likely | More Likely | Important | 6.7 | 6.0 |
| CVE-2019-0731 | No | No | More Likely | More Likely | Important | 6.8 | 6.1 |
| CVE-2019-0796 | No | No | More Likely | More Likely | Important | 6.3 | 5.7 |
| CVE-2019-0836 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
| Windows GDI Information Disclosure Vulnerability | |||||||
| CVE-2019-0802 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
| CVE-2019-0849 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
| Windows IOleCvt Interface Remote Code Execution Vulnerability | |||||||
| CVE-2019-0845 | No | No | Less Likely | Less Likely | Critical | 7.5 | 6.7 |
| Windows Information Disclosure Vulnerability | |||||||
| CVE-2019-0838 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.9 |
| CVE-2019-0839 | No | No | Less Likely | Less Likely | Important | 4.4 | 4.0 |
| Windows Kernel Information Disclosure Vulnerability | |||||||
| CVE-2019-0840 | No | No | More Likely | More Likely | Important | 5.5 | 5.0 |
| CVE-2019-0844 | No | No | More Likely | More Likely | Important | 5.5 | 5.0 |
| Windows Remote Code Execution Vulnerability | |||||||
| CVE-2019-0856 | No | No | Less Likely | Less Likely | Important | 7.3 | 6.6 |
| Windows Security Feature Bypass Vulnerability | |||||||
| CVE-2019-0732 | No | No | More Likely | More Likely | Important | 5.3 | 4.8 |
| Windows TCP/IP Information Disclosure Vulnerability | |||||||
| CVE-2019-0688 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.9 |
| Windows VBScript Engine Remote Code Execution Vulnerability | |||||||
| CVE-2019-0842 | No | No | Less Likely | Less Likely | Important | 6.4 | 5.8 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments