This month we got patches for 74 vulnerabilities total. From those, 16 are critical and 2 have been exploited in the wild.
Both exploited vulnerabilities (CVE-2019-0859 and CVE-2019-0803) are related to Win32k component which fails to properly handle objects in memory and may permit a local attacker to elevate privileges and execute arbitrary code in kernel mode.
It is also worth mentioning a remote code execution vulnerability in GDI+ (Windows Graphics Device Interface) which affects the EMF (Enhanced MetaFile) parser. An attacker could exploit this vulnerability by convincing users to open specially crafted EML files in scenarios such as a file hosted on a web server or an e-mail attachment. Multiple Microsoft programs, especially Office suite, uses GDI+ component.
We got 5 vulnerabilities in the Jet Database Engine. Jet Database vulnerabilities are often exploitable via Office documents. But none of the vulnerabilities are labeled as critical.
See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com
Description |
CVE |
Disclosed |
Exploited |
Exploitability (old versions) |
current version |
Severity |
CVSS Base (AVG) |
CVSS Temporal (AVG) |
ASP.NET Core Denial of Service Vulnerability |
CVE-2019-0815 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
April 2019 Adobe Flash Security Update |
ADV190011 |
No |
No |
- |
- |
Critical |
|
|
Azure DevOps Server Elevation of Privilege Vulnerability |
CVE-2019-0875 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
Chakra Scripting Engine Memory Corruption Vulnerability |
CVE-2019-0812 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
CVE-2019-0829 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
CVE-2019-0806 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
CVE-2019-0810 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
CVE-2019-0860 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
CVE-2019-0861 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
DirectX Information Disclosure Vulnerability |
CVE-2019-0837 |
No |
No |
Less Likely |
Less Likely |
Important |
5.5 |
5.0 |
GDI+ Remote Code Execution Vulnerability |
CVE-2019-0853 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.8 |
7.8 |
Jet Database Engine Remote Code Execution Vulnerability |
CVE-2019-0846 |
No |
No |
Less Likely |
Less Likely |
Important |
7.8 |
7.0 |
CVE-2019-0847 |
No |
No |
Less Likely |
Less Likely |
Important |
7.8 |
7.0 |
CVE-2019-0851 |
No |
No |
Less Likely |
Less Likely |
Important |
7.8 |
7.0 |
CVE-2019-0877 |
No |
No |
Less Likely |
Less Likely |
Important |
7.8 |
7.0 |
CVE-2019-0879 |
No |
No |
Less Likely |
Less Likely |
Important |
7.8 |
7.0 |
Latest Servicing Stack Updates |
ADV990001 |
No |
No |
- |
- |
Critical |
|
|
MS XML Remote Code Execution Vulnerability |
CVE-2019-0790 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.8 |
7.0 |
CVE-2019-0791 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.8 |
7.0 |
CVE-2019-0792 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.8 |
7.0 |
CVE-2019-0793 |
No |
No |
More Likely |
More Likely |
Critical |
7.8 |
7.0 |
CVE-2019-0795 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.8 |
7.0 |
Microsoft Browsers Tampering Vulnerability |
CVE-2019-0764 |
No |
No |
Less Likely |
Less Likely |
Important |
2.4 |
2.2 |
Microsoft Edge Information Disclosure Vulnerability |
CVE-2019-0833 |
No |
No |
- |
- |
Important |
4.3 |
3.9 |
Microsoft Excel Remote Code Execution Vulnerability |
CVE-2019-0828 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
Microsoft Exchange Spoofing Vulnerability |
CVE-2019-0858 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0817 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
Microsoft Graphics Components Remote Code Execution Vulnerability |
CVE-2019-0822 |
No |
No |
More Likely |
More Likely |
Important |
|
|
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
CVE-2019-0823 |
No |
No |
- |
- |
Important |
|
|
CVE-2019-0824 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0825 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0826 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0827 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
Microsoft Office SharePoint XSS Vulnerability |
CVE-2019-0830 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0831 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
Microsoft Scripting Engine Information Disclosure Vulnerability |
CVE-2019-0835 |
No |
No |
Less Likely |
Less Likely |
Important |
4.3 |
3.9 |
OLE Automation Remote Code Execution Vulnerability |
CVE-2019-0794 |
No |
No |
More Likely |
More Likely |
Important |
7.8 |
7.0 |
Office Remote Code Execution Vulnerability |
CVE-2019-0801 |
No |
No |
More Likely |
More Likely |
Important |
|
|
Open Enclave SDK Information Disclosure Vulnerability |
CVE-2019-0876 |
No |
No |
- |
- |
Important |
|
|
SMB Server Elevation of Privilege Vulnerability |
CVE-2019-0786 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.8 |
7.0 |
Scripting Engine Memory Corruption Vulnerability |
CVE-2019-0739 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
CVE-2019-0752 |
No |
No |
More Likely |
More Likely |
Important |
6.4 |
5.8 |
CVE-2019-0753 |
No |
No |
More Likely |
More Likely |
Critical |
6.4 |
5.8 |
CVE-2019-0862 |
No |
No |
More Likely |
More Likely |
Important |
|
|
Team Foundation Server Cross-site Scripting Vulnerability |
CVE-2019-0866 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0867 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0868 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0870 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0871 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
CVE-2019-0874 |
No |
No |
- |
- |
Important |
|
|
Team Foundation Server HTML Injection Vulnerability |
CVE-2019-0869 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
Team Foundation Server Spoofing Vulnerability |
CVE-2019-0857 |
No |
No |
- |
- |
Important |
|
|
Win32k Elevation of Privilege Vulnerability |
CVE-2019-0803 |
No |
Yes |
Detected |
More Likely |
Important |
7.0 |
6.3 |
CVE-2019-0685 |
No |
No |
More Likely |
More Likely |
Important |
7.8 |
7.0 |
CVE-2019-0859 |
No |
Yes |
Detected |
More Likely |
Important |
7.8 |
7.0 |
Win32k Information Disclosure Vulnerability |
CVE-2019-0848 |
No |
No |
Less Likely |
Less Likely |
Important |
4.7 |
4.2 |
CVE-2019-0814 |
No |
No |
More Likely |
More Likely |
Important |
4.7 |
4.2 |
Windows Admin Center Elevation of Privilege Vulnerability |
CVE-2019-0813 |
No |
No |
- |
- |
Important |
|
|
Windows CSRSS Elevation of Privilege Vulnerability |
CVE-2019-0735 |
No |
No |
More Likely |
More Likely |
Important |
7.0 |
6.3 |
Windows Elevation of Privilege Vulnerability |
CVE-2019-0805 |
No |
No |
More Likely |
More Likely |
Important |
6.7 |
6.0 |
CVE-2019-0841 |
No |
No |
Less Likely |
Less Likely |
Important |
6.8 |
6.1 |
CVE-2019-0730 |
No |
No |
More Likely |
More Likely |
Important |
6.7 |
6.0 |
CVE-2019-0731 |
No |
No |
More Likely |
More Likely |
Important |
6.8 |
6.1 |
CVE-2019-0796 |
No |
No |
More Likely |
More Likely |
Important |
6.3 |
5.7 |
CVE-2019-0836 |
No |
No |
More Likely |
More Likely |
Important |
7.0 |
6.3 |
Windows GDI Information Disclosure Vulnerability |
CVE-2019-0802 |
No |
No |
Less Likely |
Less Likely |
Important |
4.7 |
4.2 |
CVE-2019-0849 |
No |
No |
Less Likely |
Less Likely |
Important |
4.7 |
4.2 |
Windows IOleCvt Interface Remote Code Execution Vulnerability |
CVE-2019-0845 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.5 |
6.7 |
Windows Information Disclosure Vulnerability |
CVE-2019-0838 |
No |
No |
Less Likely |
Less Likely |
Important |
6.6 |
5.9 |
CVE-2019-0839 |
No |
No |
Less Likely |
Less Likely |
Important |
4.4 |
4.0 |
Windows Kernel Information Disclosure Vulnerability |
CVE-2019-0840 |
No |
No |
More Likely |
More Likely |
Important |
5.5 |
5.0 |
CVE-2019-0844 |
No |
No |
More Likely |
More Likely |
Important |
5.5 |
5.0 |
Windows Remote Code Execution Vulnerability |
CVE-2019-0856 |
No |
No |
Less Likely |
Less Likely |
Important |
7.3 |
6.6 |
Windows Security Feature Bypass Vulnerability |
CVE-2019-0732 |
No |
No |
More Likely |
More Likely |
Important |
5.3 |
4.8 |
Windows TCP/IP Information Disclosure Vulnerability |
CVE-2019-0688 |
No |
No |
Less Likely |
Less Likely |
Important |
5.3 |
4.9 |
Windows VBScript Engine Remote Code Execution Vulnerability |
CVE-2019-0842 |
No |
No |
Less Likely |
Less Likely |
Important |
6.4 |
5.8 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter