Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: MSFT June 2019 Patch Tuesday SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MSFT June 2019 Patch Tuesday

June 2019 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
CVE-2019-0888 No No Less Likely Less Likely Critical 8.8 7.9
Azure DevOps Server Spoofing Vulnerability
CVE-2019-0996 No No Less Likely Less Likely Important    
Bluetooth Low Energy Advisory
ADV190016 No No - - Important    
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-0989 No No - - Critical 4.2 3.8
CVE-2019-0991 No No - - Critical 4.2 3.8
CVE-2019-0992 No No - - Critical 4.2 3.8
CVE-2019-0993 No No - - Critical 4.2 3.8
CVE-2019-1002 No No - - Critical 4.2 3.8
CVE-2019-1003 No No - - Critical 4.2 3.8
CVE-2019-1024 No No - - Critical 4.2 3.8
CVE-2019-1051 No No - - Critical 4.2 3.8
CVE-2019-1052 No No - - Critical 4.2 3.8
Comctl32 Remote Code Execution Vulnerability
CVE-2019-1043 No No Less Likely Less Likely Important 6.4 5.8
DirectX Elevation of Privilege Vulnerability
CVE-2019-1018 No No - - Important 7.0 6.3
Jet Database Engine Remote Code Execution Vulnerability
CVE-2019-0904 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-0905 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-0906 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-0907 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-0908 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-0909 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-0974 No No Less Likely Less Likely Important 7.8 7.0
June 2019 Adobe Flash Security Update
ADV190015 No No - - Critical    
Latest Servicing Stack Updates
ADV990001 No No - - Critical    
Local Security Authority Subsystem Service Denial of Service Vulnerability
CVE-2019-0972 No No Less Likely Less Likely Important 6.5 5.6
Microsoft Browser Information Disclosure Vulnerability
CVE-2019-1081 No No - - Important 4.3 3.9
Microsoft Browser Memory Corruption Vulnerability
CVE-2019-1038 No No More Likely More Likely Critical 6.4 5.8
Microsoft Edge Security Feature Bypass Vulnerability
CVE-2019-1054 No No - - Important 5.0 4.5
Microsoft Exchange Server Defense in Depth Update
ADV190018 No No - -      
Microsoft HoloLens Remote Code Execution Vulnerabilities
ADV190017 No No - - Important    
Microsoft IIS Server Denial of Service Vulnerability
CVE-2019-0941 No No Less Likely Less Likely Important 7.5 6.7
Microsoft Office SharePoint XSS Vulnerability
CVE-2019-1036 No No Less Likely Less Likely Important    
CVE-2019-1031 No No Less Likely Less Likely Important    
CVE-2019-1032 No No Less Likely Less Likely Important    
CVE-2019-1033 No No Less Likely Less Likely Important    
Microsoft Speech API Remote Code Execution Vulnerability
CVE-2019-0985 No No - - Critical 7.8 7.0
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2019-1019 No No Less Likely Less Likely Important 8.5 7.6
Microsoft Word Remote Code Execution Vulnerability
CVE-2019-1034 No No Less Likely Less Likely Important    
CVE-2019-1035 No No Less Likely Less Likely Important    
Scripting Engine Information Disclosure Vulnerability
CVE-2019-0990 No No - - Critical 6.5 5.9
CVE-2019-1023 No No - - Critical 6.5 5.9
Scripting Engine Memory Corruption Vulnerability
CVE-2019-0988 No No More Likely More Likely Critical 7.5 6.7
CVE-2019-1055 No No More Likely More Likely Critical 6.4 5.8
CVE-2019-0920 No No More Likely More Likely Critical 6.4 5.8
CVE-2019-1005 No No More Likely More Likely Important 6.4 5.8
CVE-2019-1080 No No More Likely More Likely Critical 6.4 5.8
Skype for Business and Lync Server Denial of Service Vulnerability
CVE-2019-1029 No No Less Likely Less Likely Important    
Task Scheduler Elevation of Privilege Vulnerability
CVE-2019-1069 Yes No More Likely More Likely Important 7.8 7.0
Win32k Elevation of Privilege Vulnerability
CVE-2019-1014 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1017 No No More Likely More Likely Important 7.0 6.3
CVE-2019-0960 No No - - Important 7.0 6.3
Windows ALPC Elevation of Privilege Vulnerability
CVE-2019-0943 No No More Likely More Likely Important 7.8 7.0
Windows Audio Service Elevation of Privilege Vulnerability
CVE-2019-1007 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1021 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1022 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1026 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1027 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1028 No No Less Likely Less Likely Important 7.8 7.0
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2019-0959 No No More Likely More Likely Important 7.0 6.3
CVE-2019-0984 No No More Likely More Likely Important 7.0 6.3
Windows Denial of Service Vulnerability
CVE-2019-1025 No No More Likely More Likely Important 6.5 5.9
Windows Elevation of Privilege Vulnerability
CVE-2019-1064 Yes No More Likely More Likely Important 7.8 7.0
Windows Event Viewer Information Disclosure Vulnerability
CVE-2019-0948 No No Less Likely Less Likely Moderate 4.7 4.2
Windows GDI Information Disclosure Vulnerability
CVE-2019-1009 No No - - Important 4.7 4.2
CVE-2019-1010 No No Less Likely Less Likely Important 4.7 4.2
CVE-2019-1011 No No - - Important 4.7 4.2
CVE-2019-1012 No No Less Likely Less Likely Important 4.7 4.2
CVE-2019-1013 No No - - Important 4.7 4.2
CVE-2019-1015 No No - - Important 4.7 4.2
CVE-2019-1016 No No - - Important 4.7 4.2
CVE-2019-1046 No No Less Likely Less Likely Important 4.7 4.2
CVE-2019-1047 No No - - Important 4.7 4.2
CVE-2019-1048 No No - - Important 4.7 4.2
CVE-2019-1049 No No - - Important 4.7 4.2
CVE-2019-1050 No No Less Likely Less Likely Important 4.7 4.2
CVE-2019-0968 No No - - Important 5.5 5.0
CVE-2019-0977 No No - - Important 4.7 4.2
Windows Hyper-V Denial of Service Vulnerability
CVE-2019-0710 No No Less Likely Less Likely Important 6.8 6.1
CVE-2019-0711 No No Less Likely Less Likely Important 6.8 6.1
CVE-2019-0713 No No - - Important 6.8 6.1
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2019-0620 No No Less Likely Less Likely Critical 7.6 6.8
CVE-2019-0709 No No Less Likely Less Likely Critical 7.6 6.8
CVE-2019-0722 No No Less Likely Less Likely Critical 8.8 7.9
Windows Installer Elevation of Privilege Vulnerability
CVE-2019-0973 Yes No Less Likely Less Likely Important 7.8 7.0
Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-1041 No No More Likely More Likely Important 7.0 6.3
CVE-2019-1065 No No More Likely More Likely Important 7.8 7.0
Windows Kernel Information Disclosure Vulnerability
CVE-2019-1039 No No Less Likely Less Likely Important 5.5 5.0
Windows NTLM Tampering Vulnerability
CVE-2019-1040 No No Less Likely Less Likely Important 5.3 4.8
Windows Network File System Elevation of Privilege Vulnerability
CVE-2019-1045 No No - - Important 7.8 7.0
Windows Secure Kernel Mode Security Feature Bypass Vulnerability
CVE-2019-1044 No No - - Important 5.3 4.8
Windows Shell Elevation of Privilege Vulnerability
CVE-2019-1053 Yes No More Likely More Likely Important 6.3 5.7
Windows Storage Service Elevation of Privilege Vulnerability
CVE-2019-0983 No No More Likely More Likely Important 7.8 7.0
CVE-2019-0998 No No More Likely More Likely Important 7.8 7.0
Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2019-0986 No No More Likely More Likely Important 6.3 5.7
Richard

168 Posts
ISC Handler
Jun 11th 2019
Thread locked Subscribe Jun 11th 2019
1 year ago

Sign Up for Free or Log In to start participating in the conversation!