Webinar Library
Welcome to this June Patch Tuesday Bulletin. This month there are 89 unique CVE’s, 4 publicly disclosed vulnerabilities, 9 technologies affected, and no reported attacks. All 4 of the publicly disclosed vulnerabilities (CVE-2019-1053, CVE-2019-1064, CVE-2019-1069, CVE-2019-0973) are privilege escalation vulnerabilities affecting Windows. In order to exploit these vulnerabilities an attacker would need to be able to execute malicious on a victim machine and there have been zero attacks reported in the wild. Exchange is being updated this month but there are no related CVE’s as this update is providing security enhancements only.
Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.
So, without further ado, here’s the chart of MS patches this month.
Patch data provided by:
Technology
Products Affected
Severity
Reference
Workaround/ Exploited
Vulnerability Info
Adobe
Adobe Flash Player 32.0.0.192 ?and earlier
Critical
CVE-2019-7845
*Workaround: No
**Public: No
Exploited: No
Arbitrary Code Execution
Windows
Windows 7, 8.1, RT 8.1, 10
Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
CVE-2019-0713
CVE-2019-0722
CVE-2019-0888
CVE-2019-0904
CVE-2019-1025
CVE-2019-1026
CVE-2019-1027
CVE-2019-1028
CVE-2019-1039
CVE-2019-0620
CVE-2019-0709
CVE-2019-0710
CVE-2019-0711
CVE-2019-1019
CVE-2019-1021
CVE-2019-1022
CVE-2019-0905
CVE-2019-0906
CVE-2019-1040
CVE-2019-1041
CVE-2019-1043
CVE-2019-0907
CVE-2019-0908
CVE-2019-1044
CVE-2019-1045
CVE-2019-1046
CVE-2019-1047
CVE-2019-0909
CVE-2019-0941
CVE-2019-1048
CVE-2019-1049
CVE-2019-1050
CVE-2019-1053
CVE-2019-0943
CVE-2019-0948
CVE-2019-0959
CVE-2019-1064
CVE-2019-1065
CVE-2019-1069
CVE-2019-0960
CVE-2019-0968
CVE-2019-0972
CVE-2019-0973
CVE-2019-0974
CVE-2019-0977
CVE-2019-0983
CVE-2019-0984
CVE-2019-0985
CVE-2019-0986
CVE-2019-0998
CVE-2019-1007
CVE-2019-1009
CVE-2019-1010
CVE-2019-1011
CVE-2019-1012
CVE-2019-1013
CVE-2019-1014
CVE-2019-1015
CVE-2019-1016
CVE-2019-1017
CVE-2019-1018
**Public: Yes
Denial of Service
Remote Code Execution
Elevation of Privilege
Information Disclosure
Security Feature Bypass
Tampering
Internet Explorer
IE 9, 10, 11
CVE-2019-0920
CVE-2019-0988
CVE-2019-1005
CVE-2019-1038
CVE-2019-1055
CVE-2019-1080
CVE-2019-1081
Edge
All
CVE-2019-1002
CVE-2019-1003
CVE-2019-1023
CVE-2019-1024
CVE-2019-1051
CVE-2019-0989
CVE-2019-0990
CVE-2019-0991
CVE-2019-0992
CVE-2019-0993
CVE-2019-1052
CVE-2019-1054
Office, Office Services, and Web Apps
Lync Server 2010, 2013
Office 2010, 2016 for Mac, 2019, 2019 for Mac, Web Apps 2010
Project Server 2010
SharePoint Enterprise 2013, 2016
SharePoint Foundation 2010, 2013
SharePoint Server 2010, 2019
Word 2010, 2013, 2016
Office 365
Important
CVE-2019-1029
CVE-2019-1031
CVE-2019-1032
CVE-2019-1033
CVE-2019-1034
CVE-2019-1035
CVE-2019-1036
Spoofing
ChakraCore
Skype for Business and Lync
Lync Server
Exchange
Server 2010, 2013, 2016, 2019
None
ADV190018
Enhanced Security
Azure
DevOps Server 2019
CVE-2019-0996
We will not share your address. Unsubscribe anytime. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us.