Microsoft March 2019 Patch Tuesday
This month we got patches for 64 vulnerabilities. Two of them have been exploited and four have been made public before today.
Both exploited vulnerabilities (CVE-2019-0808 and CVE-2019-0797) affects win32k component on multiple Windows versions, from Windows 7 to 2019, and may lead to privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Amongst 17 critical vulnerabilities this month, it's worth mentioning CVE-2019-0697 which affects DHCP Client and may lead to remote code execution (RCE). This is the second critical vulnerability in DHCP client this year both scoring 9.8 CVSS v3. The other one was patched in January (CVE-2019-0547).
See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
Active Directory Elevation of Privilege Vulnerability | |||||||
CVE-2019-0683 | Yes | No | - | - | Important | 4.9 | 4.4 |
Azure SSH Keypairs Security Feature Bypass Vulnerability | |||||||
CVE-2019-0816 | No | No | Less Likely | Less Likely | Moderate | ||
Best Practices Regarding Sharing of a Single User Account Across Multiple Users | |||||||
ADV190010 | No | No | - | - | |||
Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2019-0611 | No | No | - | - | Important | 4.3 | 3.9 |
CVE-2019-0746 | No | No | Less Likely | Less Likely | Important | 6.4 | 5.8 |
CVE-2019-0592 | No | No | - | - | Critical | 4.2 | 3.8 |
Comctl32 Remote Code Execution Vulnerability | |||||||
CVE-2019-0765 | No | No | Less Likely | Less Likely | Important | 6.4 | 5.8 |
Internet Explorer Memory Corruption Vulnerability | |||||||
CVE-2019-0763 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
Internet Explorer Security Feature Bypass Vulnerability | |||||||
CVE-2019-0761 | No | No | Less Likely | Less Likely | Important | ||
CVE-2019-0768 | No | No | More Likely | More Likely | Important | 4.3 | 3.9 |
Jet Database Engine Remote Code Execution Vulnerability | |||||||
CVE-2019-0617 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Latest Servicing Stack Updates | |||||||
ADV990001 | No | No | - | - | Critical | ||
MS XML Remote Code Execution Vulnerability | |||||||
CVE-2019-0756 | No | No | Less Likely | Less Likely | Critical | 7.5 | 6.7 |
March 2019 Adobe Flash Security Update | |||||||
ADV190008 | No | No | More Likely | More Likely | Low | ||
Microsoft Browser Memory Corruption Vulnerability | |||||||
CVE-2019-0780 | No | No | - | - | Important | 6.4 | 5.8 |
Microsoft Browsers Security Feature Bypass Vulnerability | |||||||
CVE-2019-0762 | No | No | - | - | Important | 2.4 | 2.2 |
Microsoft Edge Elevation of Privilege Vulnerability | |||||||
CVE-2019-0678 | No | No | - | - | Important | 4.2 | 3.8 |
Microsoft Edge Memory Corruption Vulnerability | |||||||
CVE-2019-0779 | No | No | - | - | Important | 4.2 | 3.8 |
Microsoft Edge Security Feature Bypass Vulnerability | |||||||
CVE-2019-0612 | No | No | - | - | Important | 4.3 | 3.9 |
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | |||||||
CVE-2019-0748 | No | No | - | - | Important | ||
Microsoft Office SharePoint XSS Vulnerability | |||||||
CVE-2019-0778 | No | No | - | - | Important | ||
Microsoft Windows Elevation of Privilege Vulnerability | |||||||
CVE-2019-0766 | No | No | Less Likely | Less Likely | Important | 6.7 | 6.7 |
NuGet Package Manager Tampering Vulnerability | |||||||
CVE-2019-0757 | Yes | No | Less Likely | Less Likely | Important | ||
SHA-2 Code Sign Support Advisory | |||||||
ADV190009 | No | No | - | - | |||
Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2019-0609 | No | No | - | - | Critical | 6.4 | 5.8 |
CVE-2019-0639 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-0769 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-0770 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-0771 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-0773 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-0783 | No | No | More Likely | More Likely | Important | 6.4 | 5.8 |
CVE-2019-0680 | No | No | - | - | Critical | 6.4 | 5.8 |
Skype for Business and Lync Spoofing Vulnerability | |||||||
CVE-2019-0798 | No | No | Less Likely | Less Likely | Important | ||
Team Foundation Server Cross-site Scripting Vulnerability | |||||||
CVE-2019-0777 | No | No | Less Likely | Less Likely | Low | ||
Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2019-0809 | Yes | No | Less Likely | Less Likely | Important | ||
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2019-0797 | No | Yes | Detected | Unlikely | Important | 7.0 | 6.3 |
CVE-2019-0808 | No | Yes | - | - | Important | 7.0 | 6.3 |
Win32k Information Disclosure Vulnerability | |||||||
CVE-2019-0776 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
Windows ActiveX Remote Code Execution Vulnerability | |||||||
CVE-2019-0784 | No | No | Less Likely | Less Likely | Critical | 4.2 | 3.8 |
Windows DHCP Client Remote Code Execution Vulnerability | |||||||
CVE-2019-0697 | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.8 |
CVE-2019-0698 | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.8 |
CVE-2019-0726 | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.8 |
Windows Denial of Service Vulnerability | |||||||
CVE-2019-0754 | Yes | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Deployment Services TFTP Server Remote Code Execution Vulnerability | |||||||
CVE-2019-0603 | No | No | Less Likely | Less Likely | Critical | 7.5 | 6.7 |
Windows GDI Information Disclosure Vulnerability | |||||||
CVE-2019-0774 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
CVE-2019-0614 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2019-0690 | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
CVE-2019-0695 | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
CVE-2019-0701 | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2019-0696 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2019-0755 | No | No | More Likely | More Likely | Important | 5.5 | 5.0 |
CVE-2019-0767 | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
CVE-2019-0775 | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
CVE-2019-0782 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
CVE-2019-0702 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Print Spooler Information Disclosure Vulnerability | |||||||
CVE-2019-0759 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
Windows SMB Information Disclosure Vulnerability | |||||||
CVE-2019-0703 | No | No | More Likely | More Likely | Important | 6.5 | 5.9 |
CVE-2019-0704 | No | No | More Likely | More Likely | Important | 6.5 | 5.9 |
CVE-2019-0821 | No | No | More Likely | More Likely | Important | 6.5 | 5.9 |
Windows Subsystem for Linux Elevation of Privilege Vulnerability | |||||||
CVE-2019-0682 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2019-0689 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2019-0692 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2019-0693 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2019-0694 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
Windows VBScript Engine Remote Code Execution Vulnerability | |||||||
CVE-2019-0772 | No | No | Less Likely | Less Likely | Important | 6.4 | 5.8 |
CVE-2019-0665 | No | No | More Likely | More Likely | Important | 7.5 | 6.7 |
CVE-2019-0666 | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
CVE-2019-0667 | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitt
Comments