July, 2019: Patch Tuesday: 1 Active Attack and 6 Publicly Disclosed Vulnerabilities

Welcome to this July Patch Tuesday Bulletin. This month there are 78 unique CVE’s, 6 that are publicly disclosed, 1 involved in active attacks, and 1 advisory outlining mitigations. CVE-2019-0880 outlines an elevation of privilege vulnerability in splwow64 that has been exploited in the wild. This vulnerability does not allow code execution itself but can be leveraged with other vulnerabilities to achieve code execution. Windows hosts, Azure, and SQL servers are affected by vulnerabilities (CVE-2019-0865, CVE-2019-0887, CVE-2019-0962, CVE-2019-1129, CVE-2018-15664, CVE-2019-1068) that have been publicly disclosed. These vulnerabilities will be important to track and remediate due to the public nature. Finally, ADV190021 outlines a mitigation for a cross site scripting vulnerability in Outlook on the Web. Exploiting this vulnerability requires an SVG image so Microsoft recommends blocking SVG images.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of MS patches this month.

Patch data provided by:

Technology

Products Affected

Severity

Reference

Workaround/ Exploited

Vulnerability Info

Windows

Windows 7, 8.1, RT 8.1, 10

Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019

 

Critical

CVE-2019-0785

CVE-2019-0811

CVE-2019-0865

CVE-2019-0880

CVE-2019-0887

CVE-2019-0962

CVE-2019-0966

CVE-2019-0975

CVE-2019-0999

CVE-2019-1006

CVE-2019-1037

CVE-2019-1067

CVE-2019-1071

CVE-2019-1073

CVE-2019-1074

CVE-2019-1082

CVE-2019-1084

CVE-2019-1085

CVE-2019-1086

CVE-2019-1087

CVE-2019-1088

CVE-2019-1089

CVE-2019-1090

CVE-2019-1091

CVE-2019-1093

CVE-2019-1094

CVE-2019-1095

CVE-2019-1096

CVE-2019-1097

CVE-2019-1098

CVE-2019-1099

CVE-2019-1100

CVE-2019-1101

CVE-2019-1102

CVE-2019-1108

CVE-2019-1116

CVE-2019-1117

CVE-2019-1118

CVE-2019-1119

CVE-2019-1120

CVE-2019-1129

CVE-2019-1130

CVE-2019-1132

CVE-2019-1121

CVE-2019-1122

CVE-2019-1123

CVE-2019-1124

CVE-2019-1126

CVE-2019-1127

CVE-2019-1128

ADV190020

*Workaround: No

**Public: Yes

Exploited: Yes

Remote Code Execution

Denial of Service

Elevation of Privilege

Security Feature Bypass

Information Disclosure

 

Internet Explorer

IE 9, 10, 11

Critical

CVE-2019-1001

CVE-2019-1004

CVE-2019-1056

CVE-2019-1059

CVE-2019-1063

CVE-2019-1104

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Edge

All

Critical

CVE-2019-1001

CVE-2019-1062

CVE-2019-1092

CVE-2019-1103

CVE-2019-1104

CVE-2019-1106

CVE-2019-1107

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Office, Office Services, and Web Apps

Excel 2010, 2013, 2016

Lync 2013, Basic 2013

Office 2010, 2013, 2016, 2016 for Mac, 2019, 2019 for Mac

Outlook 2010, 2013, 2016, Android, iOS

SharePoint Enterprise 2013, Enterprise 2016, Foundation 2010, Foundation 2013, Server 2019

Office 365 ProPlus

Skype for Business 2016

Important

CVE-2019-1006

CVE-2019-1084

CVE-2019-1109

CVE-2019-1110

CVE-2019-1111

CVE-2019-1112

CVE-2019-1134

CVE-2019-1105

 

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Information Disclosure

Spoofing

Remote Code Execution

Azure DevOps / Team Foundation Server

Server 2019.0.1

Critical

CVE-2019-1072

CVE-2019-1076

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Spoofing

.NET Framework

.NET 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8

Critical

CVE-2019-1006

CVE-2019-1083

CVE-2019-1113

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Denial of Service

Remote Code Execution

 

Azure

IoT Edge

Kubernetes Service

Important

CVE-2018-15664

*Workaround: No

**Public: Yes

Exploited: No

Elevation of Privilege

SQL Server

Server 2014, 2016, 2017

Important

CVE-2019-1068

*Workaround: No

**Public: Yes

Exploited: No

Remote Code Execution

ASP.NET

Core 2.1, 2.2

Moderate

CVE-2019-1075

*Workaround: No

**Public: No

Exploited: No

Spoofing

Visual Studio

Visual Studio 2010, 2012, 2013, 2015, 2017, 2019

Critical

CVE-2019-1077

CVE-2019-1079

CVE-2019-1113

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

 

Exchange Server

Server 2010, 2013, 2016, 2019

Important

ADV190021

CVE-2019-1084

CVE-2019-1136

CVE-2019-1137

*Workaround: Yes

**Public: No

Exploited: No

Spoofing

Information Disclosure

Elevation of Privilege


Send me this chart next Patch Tuesday.
Email:

We will not share your address. Unsubscribe anytime. By clicking "Submit",
you're agreeing to our Privacy Policy and consenting to be contacted by us.