Microsoft Patch Tuesday: January 2019 – 51 vulnerabilities 7 critical

Welcome to the first Microsoft Patch Tuesday Bulletin of 2019. January has 51 security updates, 47 unique MS related CVE’s including Adobe Flash Player and Servicing Stack Updates (SSU), with 7 of them being labeled as Critical. Here is the list of Microosft released patches that affect Windows platforms since last month.

 

The following is a breakdown of the issues being addressed this month:

 

A. Cumulative Security Update for Microsoft Browsers

 

  • Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0539) MS Rating: Critical A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit the vulnerability to corrupt memory and execute arbitrary code in the context of the current user.
  • Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0567) MS Rating: Critical 
    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit the vulnerability to corrupt memory and execute arbitrary code in the context of the current user.
  • Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0568) MS Rating: Critical
    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit the vulnerability to corrupt memory and execute arbitrary code in the context of the current user.
  • Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0565) MS Rating: Critical
    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. An attacker can exploit the vulnerability to corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.
    Microsoft Edge Privilege Escalation Vulnerability (CVE-2019-0566) MS Rating: Important

    A privilege escalation vulnerability exists in the Microsoft Edge Browser Broker COM object. An attacker can exploit the vulnerability to use the Browser Broker COM object to elevate privileges on an affected system.
  • Internet Explorer Remote Code Execution Vulnerability (CVE-2019-0541) MS Rating: Important
    A remote code execution vulnerability exists in the way that Internet Explorer (IE) improperly validates input. An attacker could execute arbitrary code in the context of the current user.

 

B. Cumulative Security Update for Microsoft Office

 

  • Microsoft XmlDocument Privilege Escalation Vulnerability (CVE-2019-0555) MS Rating: Important
    A privilege escalation vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker can exploit this vulnerability to gain elevated privileges and break out of the Edge AppContainer sandbox.
  • Microsoft Office SharePoint XSS Vulnerability (CVE-2019-0556) MS Rating: Important
    A cross-site scripting vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
  • Microsoft Office SharePoint XSS Vulnerability (CVE-2019-0557) MS Rating: Important
    A cross-site scripting vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
  • Microsoft Office SharePoint XSS Vulnerability (CVE-2019-0558) MS Rating: Important
    A cross-site scripting vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
  • Microsoft Outlook Information Disclosure Vulnerability (CVE-2019-0559) MS Rating: Important
    An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages. An attacker can exploit this vulnerability to gather information about the victim.
  • Microsoft Office Information Disclosure Vulnerability (CVE-2019-0560) MS Rating: Important
    An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker can exploit the vulnerability to use the information to compromise the user’s computer or data.
  • Microsoft Word Information Disclosure Vulnerability (CVE-2019-0561) MS Rating: Important
    An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly. An attacker can exploit this vulnerability to read arbitrary files from a targeted system.
  • Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2019-0562) MS Rating: Important
    A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
  • Microsoft Word Remote Code Execution Vulnerability (CVE-2019-0585) MS Rating: Important
    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker can exploit the vulnerability to use a specially crafted file to perform actions in the security context of the current user.

 

C. Cumulative Security Update for Microsoft Exchange

 

  • Microsoft Exchange Memory Corruption Vulnerability (CVE-2019-0586) MS Rating: Important
    A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker can exploit the vulnerability to run arbitrary code in the context of the System user.
  • Microsoft Exchange Information Disclosure Vulnerability (CVE-2019-0588) MS Rating: Important
    An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended. To exploit this vulnerability, an attacker would need to be granted contributor access to an Exchange Calendar by an administrator via PowerShell.

 

D. Cumulative Security Update for Microsoft Windows Kernel

 

  • Windows Kernel Information Disclosure Vulnerability (CVE-2019-0536) MS Rating: Important
    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker can exploit this vulnerability to obtain information to further compromise the user’s system.
  • Windows Kernel Information Disclosure Vulnerability (CVE-2019-0549) MS Rating: Important
    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker can exploit this vulnerability to obtain information to further compromise the user’s system.
  • Windows Kernel Information Disclosure Vulnerability (CVE-2019-0554) MS Rating: Important
    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker can exploit this vulnerability to obtain information to further compromise the user’s system.
  • Windows Kernel Information Disclosure Vulnerability (CVE-2019-0569) MS Rating: Important
    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker can exploit this vulnerability to obtain information to further compromise the user’s system.

 

E. Cumulative Security Update for Microsoft Windows

 

  • Windows Hyper-V Remote Code Execution Vulnerability (CVE-2019-0550) MS Rating: Critical
    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.
  • Windows Hyper-V Remote Code Execution Vulnerability (CVE-2019-0551) MS Rating: Critical
    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.
  • Windows DHCP Client Remote Code Execution Vulnerability (CVE-2019-0547) MS Rating: Critical
    A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker can exploit the vulnerability to run arbitrary code on the client machine.
  • Microsoft Windows Privilege Escalation Vulnerability (CVE-2019-0543) MS Rating: Important
    A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker can exploit this vulnerability to run processes in an elevated context.
  • Windows COM Privilege Escalation Vulnerability (CVE-2019-0552) MS Rating: Important
    A privilege escalation exists in Windows COM Desktop Broker. An attacker can exploit the vulnerability to run arbitrary code with elevated privileges.
  • Windows Subsystem for Linux Information Disclosure Vulnerability (CVE-2019-0553) MS Rating: Important
    An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory. An attacker can exploit this vulnerability to obtain information to further compromise the user’s system.
  • Windows Runtime Privilege Escalation Vulnerability (CVE-2019-0570) MS Rating: Important
    A privilege escalation vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker can exploit this vulnerability to run arbitrary code in an elevated context.
  • Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2019-0571) MS Rating: Important
    A privilege escalation vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker can exploit this vulnerability to run processes in an elevated context.
  • Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2019-0572) MS Rating: Important
    A privilege escalation vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker can exploit this vulnerability to run processes in an elevated context.
  • Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2019-0573) MS Rating: Important
    A privilege escalation vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker can exploit this vulnerability to run processes in an elevated context.
  • Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2019-0574) MS Rating: Important
    A privilege escalation vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker can exploit this vulnerability to run processes in an elevated context.

 

F. Security Update for Jet Database Engine

 

  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0538) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0575) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0576) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0577) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0578) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0579) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0580) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0581) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0582) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0583) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.
  • Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0584) MS Rating: Important
    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker can exploit this vulnerability to execute arbitrary code on a victim system by enticing a victim to open a specially crafted file.

 

G. Security Update for Microsoft ASP.NET

 

  • ASP.NET Information Disclosure Vulnerability (CVE-2019-0545) MS Rating: Important
    An information disclosure vulnerability exists in ASP.NET and ASP.NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations. An attacker can exploit the vulnerability to retrieve content, which is normally restricted, from a web application.
  • ASP.NET Core Denial of Service Vulnerability (CVE-2019-0548) MS Rating: Important
    A denial-of-service (DoS) vulnerability exists when ASP.NET Core improperly handles web requests. An attacker can exploit this vulnerability by issuing specially crafted requests to the .NET Core application to cause a denial of service against an ASP.NET Core web application.
  • ASP.NET Core Denial of Service Vulnerability (CVE-2019-0564) MS Rating: Important
    A denial-of-service (DoS) vulnerability exists when ASP.NET Core improperly handles web requests. An attacker can exploit this vulnerability by issuing specially crafted requests to the .NET Core application to cause a denial of service against an ASP.NET Core web application.

 

H. Security Update for Visual Studio

 

  • Microsoft Visual Studio Information Disclosure Vulnerability (CVE-2019-0537) MS Rating: Important
    An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file. An attacker can exploit this vulnerability by tricking a user into opening a malicious .vscontent file using a vulnerable version of Visual Studio to view arbitrary file contents from the computer where the victim launched Visual Studio.
  • Visual Studio Remote Code Execution Vulnerability (CVE-2019-0546) MS Rating: Moderate
    A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project. An attacker can exploit the vulnerability to run arbitrary code in the context of the current user.

 

I. Security Update for Skype for Android

 

  • Skype for Android Elevation of Privilege Vulnerability (CVE-2019-0622) MS Rating: Moderate
    A privilege escalation vulnerability exists when Skype for Android fails to properly handle specific authentication requests. An attacker with physical access to the phone can exploit this vulnerability to bypass Android’s lockscreen and access a victim’s personal information.

For more information on Microsoft Updates please visit the link here.

 

Back to the Technology News Main Page