May, 2019: Patch Tuesday: Active Attacks and RDP Vulnerability

Welcome to this May Patch Tuesday Bulletin. This month there are 80 unique Microsoft related CVE’s, 1 public and exploited, 1 publicly disclosed, and 17 technologies affected. The most pressing issue this month is CVE-2019-0863 affecting Windows. This is an elevation of privilege vulnerability caused by the way Windows Error Reporting handles files. An attacker would have to be able to run code on the system as a standard user in order to exploit this vulnerability. CVE-2019-0932 is an interesting information disclosure vulnerability that affects Skype for Android. An attacker could listen to a conversation by calling an android phone with Skype without the users knowledge. CVE-2019-0708 does has not been disclosed or exploited but could be very impactful to organizations if it were to be exploited. This vulnerability could be exploited remotely using RDP. Let’s hope, just after the 2 year anniversary of the WannaCry ransomware outbreak, that we do not have a WannaCry 2 outbreak.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of MS patches this month.

Patch data provided by:

Technology

Products Affected

Severity

Reference

Workaround/ Exploited

Vulnerability Info

Adobe

Flash Player 32.0.0.171 and earlier

Critical

ADV190012

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Windows

Windows 7, 8.1, RT 8.1, 10

Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019

Critical

CVE-2019-0707

CVE-2019-0708

CVE-2019-0725

CVE-2019-0727

CVE-2019-0733

CVE-2019-0734

CVE-2019-0758

CVE-2019-0863

CVE-2019-0881

CVE-2019-0882

CVE-2019-0885

CVE-2019-0886

CVE-2019-0889

CVE-2019-0890

CVE-2019-0891

CVE-2019-0892

CVE-2019-0893

CVE-2019-0894

CVE-2019-0895

CVE-2019-0896

CVE-2019-0897

CVE-2019-0898

CVE-2019-0899

CVE-2019-0900

CVE-2019-0901

CVE-2019-0902

CVE-2019-0903

CVE-2019-0931

CVE-2019-0936

CVE-2019-0942

CVE-2019-0961

 

*Workaround: No

**Public: Yes

Exploited: Yes

Elevation of Privilege, Security Feature Bypass, Information Disclosure, Remote Code Execution

Internet Explorer

IE 9, 10, 11

Critical

CVE-2019-0884

CVE-2019-0911

CVE-2019-0918

CVE-2019-0921

CVE-2019-0929

CVE-2019-0930

CVE-2019-0940

CVE-2019-0995

 

*Workaround: No

**Public: No

Exploited: No

Spoofing, Information Disclosure, Remote Code Execution, Security Feature Bypass

Edge

Edge

Critical

CVE-2019-0884

CVE-2019-0911

CVE-2019-0912

CVE-2019-0913

CVE-2019-0914

CVE-2019-0915

CVE-2019-0916

CVE-2019-0917

CVE-2019-0922

CVE-2019-0923

CVE-2019-0924

CVE-2019-0925

CVE-2019-0926

CVE-2019-0927

CVE-2019-0933

CVE-2019-0937

CVE-2019-0938

CVE-2019-0940

 

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution, Elevation of Privilege

Office, Office Services, and Web Apps

Office 2010, 2013, 2016, 2016 for Mac, 2019, 2019 for Mac

SharePoint Enterprise 2016, Foundation 2010, Foundation 2013, 2019

Word 2016

Office 365

Critical

CVE-2019-0945

CVE-2019-0946

CVE-2019-0947

CVE-2019-0949

CVE-2019-0950

CVE-2019-0951

CVE-2019-0952

CVE-2019-0953

CVE-2019-0956

CVE-2019-0957

CVE-2019-0958

CVE-2019-0963

*Workaround: No

**Public: No

Exploited: No

Information Disclosure, Remote Code Execution, Spoofing, Elevation of Privilege

Team Foundation Server

2015 U 4.2, 2017 U 3.1, 2018 U 1.2, 2018 U 3.2

Important

CVE-2019-0872

CVE-2019-0971

CVE-2019-0979

 

*Workaround: No

**Public: No

Exploited: No

Spoofing, Information Disclosure

Visual Studio

2015, 2017, 2019

Important

CVE-2019-0727

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Azure DevOps Server

Server 2019

Important

CVE-2019-0872

CVE-2019-0971

CVE-2019-0979

 

*Workaround: No

**Public: No

Exploited: No

Spoofing, Information Disclosure

SQL Server

Server 2018

Important

CVE-2019-0819

*Workaround: No

**Public: No

Exploited: No

Information Disclosure

.NET Framework

.NET 2.0, 3.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8

Important

CVE-2019-0820

CVE-2019-0980

CVE-2019-0981

CVE-2019-0864

*Workaround: No

**Public: No

Exploited: No

Denial of Service

.NET Core

Core 1.0, 1.1, 2.1, 2.2

 

Important

CVE-2019-0820

CVE-2019-0980

CVE-2019-0981

*Workaround: No

**Public: No

Exploited: No

Denial of Service

ASP.NET Core

Core 2.1, 2.2

Important

CVE-2019-0982

*Workaround: No

**Public: No

Exploited: No

Denial of Service

ChakraCore

ChakraCore

Critical

CVE-2019-0911

CVE-2019-0912

CVE-2019-0913

CVE-2019-0914

CVE-2019-0915

CVE-2019-0916

CVE-2019-0917

CVE-2019-0922

CVE-2019-0924

CVE-2019-0925

CVE-2019-0927

CVE-2019-0933

CVE-2019-0937

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Online Services

Online Server

Critical

CVE-2019-0953

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Azure

Azure Active Directory Connect

Important

CVE-2019-1000

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

NuGet

Nuget 5.0.2

Important

CVE-2019-0976

*Workaround: No

**Public: No

Exploited: No

Tampering

Skype for Android

Sype 8.35

Important

CVE-2019-0932

*Workaround: No

**Public: Yes

Exploited: No

Information Disclosure


Send me this chart next Patch Tuesday.
Email:

We will not share your address. Unsubscribe anytime. By clicking "Submit",
you're agreeing to our Privacy Policy and consenting to be contacted by us.