MSFT July 2019 Patch Tuesday - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Didier Stevens

Threat Level: green

MSFT July 2019 Patch Tuesday

July 2019 Security Updates

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
.NET Denial of Service Vulnerability
CVE-2019-1083	No	No	Less Likely	Less Likely	Important
.NET Framework Remote Code Execution Vulnerability
CVE-2019-1113	No	No	More Likely	More Likely	Critical
ADFS Security Feature Bypass Vulnerability
CVE-2019-0975	No	No	Less Likely	Less Likely	Important	4.3	3.9
CVE-2019-1126	No	No	Less Likely	Less Likely	Important	5.3	4.8
ASP.NET Core Spoofing Vulnerability
CVE-2019-1075	No	No	Less Likely	Less Likely	Moderate
Azure Automation Elevation of Privilege Vulnerability
CVE-2019-0962	Yes	No	Less Likely	Less Likely	Important
Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability
CVE-2019-1072	No	No	Less Likely	Less Likely	Critical
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1062	No	No	-	-	Critical	4.2	3.8
CVE-2019-1092	No	No	-	-	Critical	4.2	3.8
CVE-2019-1103	No	No	-	-	Critical	4.2	3.8
CVE-2019-1106	No	No	-	-	Critical	4.2	3.8
CVE-2019-1107	No	No	-	-	Critical	4.2	3.8
DirectWrite Information Disclosure Vulnerability
CVE-2019-1093	No	No	Less Likely	Less Likely	Important	5.5	5.0
CVE-2019-1097	No	No	Less Likely	Less Likely	Important	5.5	5.0
DirectWrite Remote Code Execution Vulnerability
CVE-2019-1117	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1118	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1119	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1120	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1121	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1122	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1123	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1124	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1127	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1128	No	No	Less Likely	Less Likely	Important	7.8	7.0
DirectX Elevation of Privilege Vulnerability
CVE-2019-0999	No	No	-	-	Important	7.8	7.0
Docker Elevation of Privilege Vulnerability
CVE-2018-15664	Yes	No	Less Likely	Less Likely	Important
GDI+ Remote Code Execution Vulnerability
CVE-2019-1102	No	No	Less Likely	Less Likely	Critical	8.4	7.6
Internet Explorer Memory Corruption Vulnerability
CVE-2019-1063	No	No	More Likely	More Likely	Critical	6.4	5.8
Latest Servicing Stack Updates
ADV990001	No	No	-	-	Critical
Microsoft Browser Memory Corruption Vulnerability
CVE-2019-1104	No	No	More Likely	More Likely	Critical	6.4	5.8
Microsoft Excel Information Disclosure Vulnerability
CVE-2019-1112	No	No	More Likely	More Likely	Important
Microsoft Excel Remote Code Execution Vulnerability
CVE-2019-1110	No	No	Less Likely	Less Likely	Important
CVE-2019-1111	No	No	Less Likely	Less Likely	Important
Microsoft Exchange Information Disclosure Vulnerability
CVE-2019-1084	No	No	Less Likely	Less Likely	Important
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2019-1136	No	No	Less Likely	Less Likely	Important
Microsoft Exchange Server Spoofing Vulnerability
CVE-2019-1137	No	No	Less Likely	Less Likely	Important
Microsoft Office SharePoint XSS Vulnerability
CVE-2019-1134	No	No	Less Likely	Less Likely	Important
Microsoft Office Spoofing Vulnerability
CVE-2019-1109	No	No	Less Likely	Less Likely	Important
Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2019-1068	Yes	No	Less Likely	Less Likely	Important
Microsoft Windows Elevation of Privilege Vulnerability
CVE-2019-1074	No	No	More Likely	More Likely	Important	5.3	5.3
CVE-2019-1082	No	No	-	-	Important	7.7	7.7
Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2019-0880	No	Yes	Detected	More Likely	Important	7.0	6.3
Microsoft unistore.dll Information Disclosure Vulnerability
CVE-2019-1091	No	No	Less Likely	Less Likely	Important	5.5	5.0
Outlook on the web Cross-Site Scripting Vulnerability
ADV190021	No	No	-	-	Important
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2019-1108	No	No	More Likely	More Likely	Important	6.5	5.9
Remote Desktop Services Remote Code Execution Vulnerability
CVE-2019-0887	Yes	No	More Likely	More Likely	Important	8.0	7.2
Scripting Engine Memory Corruption Vulnerability
CVE-2019-1056	No	No	-	-	Critical	6.4	5.8
CVE-2019-1059	No	No	Less Likely	Less Likely	Critical	6.4	5.8
CVE-2019-1001	No	No	More Likely	More Likely	Critical	6.4	5.8
CVE-2019-1004	No	No	More Likely	More Likely	Critical	6.4	5.8
SymCrypt Denial of Service Vulnerability
CVE-2019-0865	Yes	No	Less Likely	Less Likely	Important	7.5	6.7
Team Foundation Server Cross-site Scripting Vulnerability
CVE-2019-1076	No	No	Less Likely	Less Likely	Important
Visual Studio Elevation of Privilege Vulnerability
CVE-2019-1077	No	No	Less Likely	Less Likely	Important
Visual Studio Information Disclosure Vulnerability
CVE-2019-1079	No	No	Less Likely	Less Likely	Important
WCF/WIF SAML Token Authentication Bypass Vulnerability
CVE-2019-1006	No	No	Less Likely	Less Likely	Important
Win32k Elevation of Privilege Vulnerability
CVE-2019-1132	No	Yes	-	-	Important	7.8	7.2
Win32k Information Disclosure Vulnerability
CVE-2019-1096	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Audio Service Elevation of Privilege Vulnerability
CVE-2019-1086	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1087	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1088	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows DHCP Server Remote Code Execution Vulnerability
CVE-2019-0785	No	No	Less Likely	Less Likely	Critical	9.8	8.8
Windows DNS Server Denial of Service Vulnerability
CVE-2019-0811	No	No	Less Likely	Less Likely	Important	7.5	6.7
Windows Elevation of Privilege Vulnerability
CVE-2019-1129	Yes	No	More Likely	More Likely	Important	7.8	7.0
CVE-2019-1130	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2019-1037	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows GDI Information Disclosure Vulnerability
CVE-2019-1094	No	No	Less Likely	Less Likely	Important	5.5	5.0
CVE-2019-1095	No	No	Less Likely	Less Likely	Important	5.5	5.0
CVE-2019-1098	No	No	-	-	Important	5.5	5.0
CVE-2019-1099	No	No	-	-	Important	5.5	5.0
CVE-2019-1100	No	No	-	-	Important	5.5	5.0
CVE-2019-1101	No	No	-	-	Important	5.5	5.0
CVE-2019-1116	No	No	-	-	Important	5.5	5.0
Windows Hyper-V Denial of Service Vulnerability
CVE-2019-0966	No	No	Less Likely	Less Likely	Important	6.8	6.1
Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-1067	No	No	More Likely	More Likely	Important	7.8	7.0
Windows Kernel Information Disclosure Vulnerability
CVE-2019-1071	No	No	More Likely	More Likely	Important	5.5	5.0
CVE-2019-1073	No	No	More Likely	More Likely	Important	5.5	5.0
Windows RPCSS Elevation of Privilege Vulnerability
CVE-2019-1089	No	No	More Likely	More Likely	Important	7.8	7.0
Windows WLAN Service Elevation of Privilege Vulnerability
CVE-2019-1085	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows dnsrlvr.dll Elevation of Privilege Vulnerability
CVE-2019-1090	No	No	Less Likely	Less Likely	Important	7.8	7.0

--
John Bambenek
bambenek \at\ gmail /dot/ com
ThreatSTOP

John

262 Posts
ISC Handler

Jul 9th 2019

Thread locked Subscribe

Jul 9th 2019
3 years ago

Thanks guys! Its great to have the chart above but the CVEs are mostly NOT live in the NVD. It would be more helpful to have the links to the MSFT security advisory or KB

Anonymous

Quote

Jul 9th 2019
3 years ago