Blog

Microsoft March 2019 Patch Tuesday, (Tue, Mar 12th)

This month we got patches for 64 vulnerabilities. Two of them have been exploited and four have been made public before today.

Both exploited vulnerabilities (CVE-2019-0808 and CVE-2019-0797) affects win32k component on multiple Windows versions, from Windows 7 to 2019, and may lead to privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Amongst 17 critical vulnerabilities this month, it’s worth mentioning CVE-2019-0697 which affects DHCP Client and may lead to remote code execution (RCE). This is the second critical vulnerability in DHCP client this year both scoring 9.8 CVSS v3. The other one was patched in January (CVE-2019-0547).

See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com.

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Active Directory Elevation of Privilege Vulnerability
%%cve:2019-0683%% Yes No Important 4.9 4.4
Azure SSH Keypairs Security Feature Bypass Vulnerability
%%cve:2019-0816%% No No Less Likely Less Likely Moderate    
Best Practices Regarding Sharing of a Single User Account Across Multiple Users
ADV190010 No No      
Chakra Scripting Engine Memory Corruption Vulnerability
%%cve:2019-0611%% No No Important 4.3 3.9
%%cve:2019-0746%% No No Less Likely Less Likely Important 6.4 5.8
%%cve:2019-0592%% No No Critical 4.2 3.8
Comctl32 Remote Code Execution Vulnerability
%%cve:2019-0765%% No No Less Likely Less Likely Important 6.4 5.8
Internet Explorer Memory Corruption Vulnerability
%%cve:2019-0763%% No No More Likely More Likely Critical 6.4 5.8
Internet Explorer Security Feature Bypass Vulnerability
%%cve:2019-0761%% No No Less Likely Less Likely Important    
%%cve:2019-0768%% No No More Likely More Likely Important 4.3 3.9
Jet Database Engine Remote Code Execution Vulnerability
%%cve:2019-0617%% No No Less Likely Less Likely Important 7.8 7.0
Latest Servicing Stack Updates
ADV990001 No No Critical    
MS XML Remote Code Execution Vulnerability
%%cve:2019-0756%% No No Less Likely Less Likely Critical 7.5 6.7
March 2019 Adobe Flash Security Update
ADV190008 No No More Likely More Likely Low    
Microsoft Browser Memory Corruption Vulnerability
%%cve:2019-0780%% No No Important 6.4 5.8
Microsoft Browsers Security Feature Bypass Vulnerability
%%cve:2019-0762%% No No Important 2.4 2.2
Microsoft Edge Elevation of Privilege Vulnerability
%%cve:2019-0678%% No No Important 4.2 3.8
Microsoft Edge Memory Corruption Vulnerability
%%cve:2019-0779%% No No Important 4.2 3.8
Microsoft Edge Security Feature Bypass Vulnerability
%%cve:2019-0612%% No No Important 4.3 3.9
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
%%cve:2019-0748%% No No Important    
Microsoft Office SharePoint XSS Vulnerability
%%cve:2019-0778%% No No Important    
Microsoft Windows Elevation of Privilege Vulnerability
%%cve:2019-0766%% No No Less Likely Less Likely Important 6.7 6.7
NuGet Package Manager Tampering Vulnerability
%%cve:2019-0757%% Yes No Less Likely Less Likely Important    
SHA-2 Code Sign Support Advisory
ADV190009 No No      
Scripting Engine Memory Corruption Vulnerability
%%cve:2019-0609%% No No Critical 6.4 5.8
%%cve:2019-0639%% No No Critical 4.2 3.8
%%cve:2019-0769%% No No Critical 4.2 3.8
%%cve:2019-0770%% No No Critical 4.2 3.8
%%cve:2019-0771%% No No Critical 4.2 3.8
%%cve:2019-0773%% No No Critical 4.2 3.8
%%cve:2019-0783%% No No More Likely More Likely Important 6.4 5.8
%%cve:2019-0680%% No No Critical 6.4 5.8
Skype for Business and Lync Spoofing Vulnerability
%%cve:2019-0798%% No No Less Likely Less Likely Important    
Team Foundation Server Cross-site Scripting Vulnerability
%%cve:2019-0777%% No No Less Likely Less Likely Low    
Visual Studio Remote Code Execution Vulnerability
%%cve:2019-0809%% Yes No Less Likely Less Likely Important    
Win32k Elevation of Privilege Vulnerability
%%cve:2019-0797%% No Yes Detected Unlikely Important 7.0 6.3
%%cve:2019-0808%% No Yes Important 7.0 6.3
Win32k Information Disclosure Vulnerability
%%cve:2019-0776%% No No Less Likely Less Likely Important 4.7 4.2
Windows ActiveX Remote Code Execution Vulnerability
%%cve:2019-0784%% No No Less Likely Less Likely Critical 4.2 3.8
Windows DHCP Client Remote Code Execution Vulnerability
%%cve:2019-0697%% No No Less Likely Less Likely Critical 9.8 8.8
%%cve:2019-0698%% No No Less Likely Less Likely Critical 9.8 8.8
%%cve:2019-0726%% No No Less Likely Less Likely Critical 9.8 8.8
Windows Denial of Service Vulnerability
%%cve:2019-0754%% Yes No Less Likely Less Likely Important 5.5 5.0
Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
%%cve:2019-0603%% No No Less Likely Less Likely Critical 7.5 6.7
Windows GDI Information Disclosure Vulnerability
%%cve:2019-0774%% No No Less Likely Less Likely Important 4.7 4.2
%%cve:2019-0614%% No No Less Likely Less Likely Important 4.7 4.2
Windows Hyper-V Denial of Service Vulnerability
%%cve:2019-0690%% No No Less Likely Less Likely Important 6.8 6.1
%%cve:2019-0695%% No No Less Likely Less Likely Important 6.8 6.1
%%cve:2019-0701%% No No Less Likely Less Likely Important 6.8 6.1
Windows Kernel Elevation of Privilege Vulnerability
%%cve:2019-0696%% No No More Likely More Likely Important 7.0 6.3
Windows Kernel Information Disclosure Vulnerability
%%cve:2019-0755%% No No More Likely More Likely Important 5.5 5.0
%%cve:2019-0767%% No No More Likely More Likely Important 4.7 4.2
%%cve:2019-0775%% No No More Likely More Likely Important 4.7 4.2
%%cve:2019-0782%% No No Less Likely Less Likely Important 4.7 4.2
%%cve:2019-0702%% No No Less Likely Less Likely Important 5.5 5.0
Windows Print Spooler Information Disclosure Vulnerability
%%cve:2019-0759%% No No Less Likely Less Likely Important 4.7 4.2
Windows SMB Information Disclosure Vulnerability
%%cve:2019-0703%% No No More Likely More Likely Important 6.5 5.9
%%cve:2019-0704%% No No More Likely More Likely Important 6.5 5.9
%%cve:2019-0821%% No No More Likely More Likely Important 6.5 5.9
Windows Subsystem for Linux Elevation of Privilege Vulnerability
%%cve:2019-0682%% No No Less Likely Less Likely Important 7.0 6.3
%%cve:2019-0689%% No No Less Likely Less Likely Important 7.0 6.3
%%cve:2019-0692%% No No Less Likely Less Likely Important 7.0 6.3
%%cve:2019-0693%% No No Less Likely Less Likely Important 7.0 6.3
%%cve:2019-0694%% No No Less Likely Less Likely Important 7.0 6.3
Windows VBScript Engine Remote Code Execution Vulnerability
%%cve:2019-0772%% No No Less Likely Less Likely Important 6.4 5.8
%%cve:2019-0665%% No No More Likely More Likely Important 7.5 6.7
%%cve:2019-0666%% No No More Likely More Likely Critical 7.5 6.7
%%cve:2019-0667%% No No More Likely More Likely Critical 7.5 6.7

 


Renato Marinho
Morphus Labs| LinkedIn|Twitt

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

Posted in: SANS

Leave a Comment (0) ↓