Blog

Microsoft May 2019 Patch Tuesday, (Tue, May 14th)

This month we got patches for 79 vulnerabilities from Microsoft and 2 from Adobe. From those, 23 are critical and 2 were previously known – including the one that has been exploited in the wild.

The exploited vulnerability (CVE-2019-0863) affects the way Windows Error Reporting (WER) handles files. It may allow a local attacker to elevate privileges and run arbitrary code in kernel mode. The CVSS V3 for this vulnerability is 7.8.

The other previously known (CVE-2019-0932) is an information disclosure vulnerability which affects Skype for Android. Exploiting this vulnerability, an attacker could listen to the conversation of a Skype for Android without the user’s knowledge.

Amongst critical vulnerabilities, it worth mentioning a remote code execution in Windows Remote Desktop Services (CVE-2019-0708). An unauthenticated attacker may exploit this vulnerability by sending specially crafted packets to the vulnerable service and then execute arbitrary code on the target system. It affects Windows 7 and Windows Server 2008. The CVSS V3 score for this vulnerability is 9.8.

Last but not least, we have a new critical remote execution vulnerability affecting GDI+ (Windows Graphics Device Interface). An attacker could exploit this vulnerability by convincing the user to open a specially crafted attachment in an e-mail or instant messenger, for example. The CVSS V3 for this vulnerability is 8.8.  

See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Framework Denial of Service Vulnerability
%%cve:2019-0864%% No No Less Likely Less Likely Important    
.NET Framework and .NET Core Denial of Service Vulnerability
%%cve:2019-0820%% No No Less Likely Less Likely Important    
.Net Framework and .Net Core Denial of Service Vulnerability
%%cve:2019-0980%% No No Less Likely Less Likely Important    
%%cve:2019-0981%% No No Less Likely Less Likely Important    
ASP.NET Core Denial of Service Vulnerability
%%cve:2019-0982%% No No Less Likely Less Likely Important    
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
%%cve:2019-0872%% No No Less Likely Less Likely Important    
%%cve:2019-0979%% No No Important    
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
%%cve:2019-0971%% No No Less Likely Less Likely Important    
Chakra Scripting Engine Memory Corruption Vulnerability
%%cve:2019-0912%% No No Critical 4.2 3.8
%%cve:2019-0913%% No No Critical 4.2 3.8
%%cve:2019-0914%% No No Critical 4.2 3.8
%%cve:2019-0915%% No No Critical 4.2 3.8
%%cve:2019-0916%% No No Critical 4.2 3.8
%%cve:2019-0917%% No No Critical 4.2 3.8
%%cve:2019-0922%% No No Critical 4.2 3.8
%%cve:2019-0923%% No No Important 4.2 3.8
%%cve:2019-0924%% No No Critical 4.2 3.8
%%cve:2019-0925%% No No Critical 4.2 3.8
%%cve:2019-0927%% No No Critical 4.2 3.8
%%cve:2019-0933%% No No Critical 4.2 3.8
%%cve:2019-0937%% No No Critical 4.2 3.8
Diagnostic Hub Standard Collector, Visual Studio Standard Collector Elevation of Privilege Vulnerability
%%cve:2019-0727%% No No Less Likely Less Likely Important 6.7 6.0
GDI+ Remote Code Execution Vulnerability
%%cve:2019-0903%% No No More Likely More Likely Critical 8.8 7.9
Internet Explorer Information Disclosure Vulnerability
%%cve:2019-0930%% No No More Likely More Likely Important 2.4 2.2
Internet Explorer Memory Corruption Vulnerability
%%cve:2019-0929%% No No Critical 7.5 6.7
Internet Explorer Security Feature Bypass Vulnerability
%%cve:2019-0995%% No No Important 7.3 6.6
Internet Explorer Spoofing Vulnerability
%%cve:2019-0921%% No No Less Likely Less Likely Important 2.4 2.2
Jet Database Engine Remote Code Execution Vulnerability
%%cve:2019-0893%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0894%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0895%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0896%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0897%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0898%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0899%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0900%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0901%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0902%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0889%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0890%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0891%% No No Less Likely Less Likely Important 7.8 7.0
Latest Servicing Stack Updates
ADV990001 No No Critical    
May 2019 Adobe Flash Security Update
ADV190012 No No Critical    
Microsoft Azure AD Connect Elevation of Privilege Vulnerability
%%cve:2019-1000%% No No Less Likely Less Likely Important    
Microsoft Browser Memory Corruption Vulnerability
%%cve:2019-0940%% No No More Likely More Likely Critical 7.5 6.7
Microsoft Dynamics On-Premise Security Feature Bypass
%%cve:2019-1008%% No No Less Likely Less Likely Important    
Microsoft Edge Elevation of Privilege Vulnerability
%%cve:2019-0938%% No No Important 4.2 3.8
Microsoft Edge Memory Corruption Vulnerability
%%cve:2019-0926%% No No Critical 4.2 3.8
Microsoft Guidance to mitigate Microarchitectural Data Sampling vulnerabilities
ADV190013 No No More Likely More Likely Important    
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
%%cve:2019-0945%% No No Less Likely Less Likely Important    
%%cve:2019-0946%% No No Less Likely Less Likely Important    
%%cve:2019-0947%% No No Important    
Microsoft Office SharePoint XSS Vulnerability
%%cve:2019-0963%% No No Important    
Microsoft SQL Server Analysis Services Information Disclosure Vulnerability
%%cve:2019-0819%% No No Less Likely Less Likely Important    
Microsoft SharePoint Elevation of Privilege Vulnerability
%%cve:2019-0957%% No No Less Likely Less Likely Important    
%%cve:2019-0958%% No No Less Likely Less Likely Important    
Microsoft SharePoint Server Information Disclosure Vulnerability
%%cve:2019-0956%% No No Important    
Microsoft SharePoint Server Remote Code Execution Vulnerability
%%cve:2019-0952%% No No Important    
Microsoft SharePoint Spoofing Vulnerability
%%cve:2019-0949%% No No Important    
%%cve:2019-0950%% No No Important    
%%cve:2019-0951%% No No Important    
Microsoft Word Remote Code Execution Vulnerability
%%cve:2019-0953%% No No Less Likely Less Likely Critical    
NuGet Package Manager Tampering Vulnerability
%%cve:2019-0976%% No No Less Likely Less Likely Important    
Remote Desktop Services Remote Code Execution Vulnerability
%%cve:2019-0708%% No No Critical 9.8 8.8
Scripting Engine Memory Corruption Vulnerability
%%cve:2019-0884%% No No More Likely More Likely Critical 6.4 5.8
%%cve:2019-0911%% No No More Likely More Likely Critical 7.5 6.7
%%cve:2019-0918%% No No More Likely More Likely Critical 7.5 6.7
Skype for Android Information Disclosure Vulnerability
%%cve:2019-0932%% Yes No Less Likely Less Likely Important    
Unified Write Filter Elevation of Privilege Vulnerability
%%cve:2019-0942%% No No Less Likely Less Likely Important 4.4 4.0
Win32k Elevation of Privilege Vulnerability
%%cve:2019-0892%% No No More Likely More Likely Important 7.8 7.0
Windows DHCP Server Remote Code Execution Vulnerability
%%cve:2019-0725%% No No Less Likely Less Likely Critical 8.1 7.3
Windows Defender Application Control Security Feature Bypass Vulnerability
%%cve:2019-0733%% No No Less Likely Less Likely Important 5.3 4.8
Windows Elevation of Privilege Vulnerability
%%cve:2019-0734%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-0936%% No No More Likely More Likely Important 7.8 7.0
Windows Error Reporting Elevation of Privilege Vulnerability
%%cve:2019-0863%% Yes Yes Detected Detected Important 7.8 7.0
Windows GDI Information Disclosure Vulnerability
%%cve:2019-0882%% No No More Likely More Likely Important 4.7 4.2
%%cve:2019-0961%% No No More Likely More Likely Important 4.7 4.2
%%cve:2019-0758%% No No More Likely More Likely Important 4.7 4.2
Windows Hyper-V Information Disclosure Vulnerability
%%cve:2019-0886%% No No Less Likely Less Likely Important 5.5 5.0
Windows Kernel Elevation of Privilege Vulnerability
%%cve:2019-0881%% No No More Likely More Likely Important 8.8 7.9
Windows NDIS Elevation of Privilege Vulnerability
%%cve:2019-0707%% No No More Likely More Likely Important 7.0 6.3
Windows OLE Remote Code Execution Vulnerability
%%cve:2019-0885%% No No More Likely More Likely Important 7.8 7.0
Windows Storage Service Elevation of Privilege Vulnerability
%%cve:2019-0931%% No No More Likely More Likely Important 7.0 6.3


Renato Marinho
Morphus Labs| LinkedInTwitter

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

Posted in: SANS

Leave a Comment (0) ↓