Preethi KorothThreat Analysis Engineer
Posted: 26 Min ReadThreat Intelligence

Microsoft Patch Tuesday – August 2019

This month the vendor has patched 93 vulnerabilities, 27 of which are rated Critical.

This month Microsoft has patched 93 vulnerabilities, 27 of which are rated Critical.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the August 2019 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

 

This month's update covers vulnerabilities in:

  • Internet Explorer
  • Microsoft Edge
  • ChakraCore
  • Microsoft Office
  • Microsoft Windows
  • Microsoft Hyper-V
  • Graphics Device Interface (GDI)
  • Jet Database Engine
  • Visual Studio

The following is a breakdown of the issues being addressed this month:

  1. Cumulative Security Update for Microsoft Browsers

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1131) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2019-1133) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1139) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1140) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1141) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2019-1183) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Internet Explorer Remote Code Execution Vulnerability (CVE-2019-1194) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1195) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1196) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1197) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Microsoft Edge Information Disclosure Vulnerability (CVE-2019-1030) MS Rating: Important

    A security bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins and improperly handles browser cookies. An attacker who successfully exploited this vulnerability could trick a browser into overwriting a secure cookie with an insecure cookie.

     

    MS XML Remote Code Execution Vulnerability (CVE-2019-1057) MS Rating: Important

    A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user's system.

     

    Microsoft Browsers Security Bypass Vulnerability (CVE-2019-1192) MS Rating: Important

    A security bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored.

     

    Internet Explorer Memory Corruption Vulnerability (CVE-2019-1193) MS Rating: Important

    A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

  2. Cumulative Security Update for Microsoft Office

    Microsoft Outlook Memory Corruption Vulnerability (CVE-2019-1199) MS Rating: Critical

    A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

     

    Microsoft Outlook Remote Code Execution Vulnerability (CVE-2019-1200) MS Rating: Critical

    A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

     

    Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1201) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

     

    Microsoft SharePoint Information Disclosure Vulnerability (CVE-2019-1202) MS Rating: Important

    An information disclosure vulnerabilty exists in the way Microsoft SharePoint handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.

     

    Microsoft Office SharePoint XSS Vulnerability (CVE-2019-1203) MS Rating: Important

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft Outlook Privilege Escalation Vulnerability (CVE-2019-1204) MS Rating: Important

    A privilege escalation vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message store (over SMB).

     

    Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1205) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

     

    Outlook iOS Spoofing Vulnerability (CVE-2019-1218) MS Rating: Important

    A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.

     

  3. Cumulative Security Update for Microsoft Windows Kernel

    Windows Hyper-V Remote Code Execution Vulnerability (CVE-2019-0965) MS Rating: Critical

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

     

    Hyper-V Remote Code Execution Vulnerability (CVE-2019-0720) MS Rating: Critical

    A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

     

    Windows Kernel Privilege Escalation Vulnerability (CVE-2019-1159) MS Rating: Important

    A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2019-1169) MS Rating: Important

    A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Windows Kernel Information Disclosure Vulnerability (CVE-2019-1227) MS Rating: Important

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

     

    Windows Kernel Information Disclosure Vulnerability (CVE-2019-1228) MS Rating: Important

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

     

  4. Cumulative Security Update for Microsoft Hyper-V

    Windows Hyper-V Denial of Service Vulnerability (CVE-2019-0714) MS Rating: Important

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.

     

    Windows Hyper-V Denial of Service Vulnerability (CVE-2019-0715) MS Rating: Important

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.

     

    Windows Hyper-V Denial of Service Vulnerability (CVE-2019-0717) MS Rating: Important

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.

     

    Windows Hyper-V Denial of Service Vulnerability (CVE-2019-0718) MS Rating: Important

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.

     

    Windows Hyper-V Denial of Service Vulnerability (CVE-2019-0723) MS Rating: Important

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.

     

  5. Security Update for Microsoft Graphics

    Microsoft Graphics Remote Code Execution Vulnerability (CVE-2019-1149) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.

     

    Microsoft Graphics Remote Code Execution Vulnerability (CVE-2019-1150) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.

     

    Microsoft Graphics Remote Code Execution Vulnerability (CVE-2019-1151) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.

     

    Microsoft Graphics Remote Code Execution Vulnerability (CVE-2019-1152) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.

     

    Microsoft Graphics Remote Code Execution Vulnerability (CVE-2019-1144) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.

     

    Microsoft Graphics Remote Code Execution Vulnerability (CVE-2019-1145) MS Rating: Critical

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.

     

    Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2019-1078) MS Rating: Important

    An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

     

    Windows Graphics Component Information Disclosure Vulnerability (CVE-2019-1143) MS Rating: Important

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.

     

    Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2019-1148) MS Rating: Important

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

     

    Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2019-1153) MS Rating: Important

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

     

    Windows Graphics Component Information Disclosure Vulnerability (CVE-2019-1154) MS Rating: Important

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.

     

    Windows Graphics Component Information Disclosure Vulnerability (CVE-2019-1158) MS Rating: Important

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.

     

    Windows Kernel Elevation of Privilege Vulnerability (CVE-2019-1164) MS Rating: Important

    A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

  6. Security Update for Microsoft Windows

    Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-1226) MS Rating: Critical

    A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.

     

    Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-1222) MS Rating: Critical

    A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.

     

    Windows DHCP Server Remote Code Execution Vulnerability (CVE-2019-1213) MS Rating: Critical

    A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server.

     

    Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-1181) MS Rating: Critical

    A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.

     

    LNK Remote Code Execution Vulnerability (CVE-2019-1188) MS Rating: Critical

    A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a . LNK file is processed.

     

    Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-1182) MS Rating: Critical

    A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.

     

    Windows DHCP Client Remote Code Execution Vulnerability (CVE-2019-0736) MS Rating: Critical

    A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine.

     

    Windows Denial of Service Vulnerability (CVE-2019-0716) MS Rating: Important

    A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

     

    Microsoft Defender Privilege Escalation Vulnerability (CVE-2019-1161) MS Rating: Important

    A privilege escalation vulnerability exists when the MpSigStub. exe for Defender allows file deletion in arbitrary locations.

     

    Windows ALPC Privilege Escalation Vulnerability (CVE-2019-1162) MS Rating: Important

    A privilege escalation vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system.

     

    Windows File Signature Security Bypass Vulnerability (CVE-2019-1163) MS Rating: Important

    A security bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature.

     

    Microsoft Windows p2pimsvc Privilege Escalation Vulnerability (CVE-2019-1168) MS Rating: Important

    A privilege escalation exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system.

     

    Windows Shell Privilege Escalation Vulnerability (CVE-2019-1170) MS Rating: Important

    A privilege escalation vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.

     

    SymCrypt Information Disclosure Vulnerability (CVE-2019-1171) MS Rating: Important

    An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

     

    Windows Information Disclosure Vulnerability (CVE-2019-1172) MS Rating: Important

    An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1173) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the PsmServiceExtHost. dll handles objects in memory.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1174) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the PsmServiceExtHost. dll handles objects in memory.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1175) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the psmsrv. dll handles objects in memory.

     

    DirectX Privilege Escalation Vulnerability (CVE-2019-1176) MS Rating: Important

    A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1177) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the rpcss. dll handles objects in memory.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1178) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the ssdpsrv. dll handles objects in memory.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1179) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the unistore. dll handles objects in memory.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1180) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the wcmsvc. dll handles objects in memory.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1184) MS Rating: Important

    A privilege escalation vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.

     

    Windows Subsystem for Linux Privilege Escalation Vulnerability (CVE-2019-1185) MS Rating: Important

    A privilege escalation vulnerability exists due to a stack corruption in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-1186) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the wcmsvc. dll handles objects in memory.

     

    XmlLite runtime Denial of Service Vulnerability (CVE-2019-1187) MS Rating: Important

    A denial of service vulnerability exists when the XmlLite runtime (XmlLite. dll) improperly parses XML input.

     

    Windows Image Privilege Escalation Vulnerability (CVE-2019-1190) MS Rating: Important

    A privilege escalation vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Microsoft Windows Privilege Escalation Vulnerability (CVE-2019-1198) MS Rating: Important

    A privilege escalation exists in SyncController. dll.

     

    Windows DHCP Server Remote Code Execution Vulnerability (CVE-2019-1206) MS Rating: Important

    A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive.

     

    Windows DHCP Server Denial of Service Vulnerability (CVE-2019-1212) MS Rating: Important

    A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding.

     

    Bluetooth Key Length Enforcement (CVE-2019-9506) MS Rating: Important

    Executive Summary Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes.

     

    HTTP/2 Server Denial of Service Vulnerability (CVE-2019-9511) MS Rating: Important

    A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.

     

    HTTP/2 Server Denial of Service Vulnerability (CVE-2019-9513) MS Rating: Important

    A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.

     

    HTTP/2 Server Denial of Service Vulnerability (CVE-2019-9514) MS Rating: Important

    A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.

     

    Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability (CVE-2019-1223) MS Rating: Important

    A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.

     

    Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2019-1224) MS Rating: Important

    An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.

     

    Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2019-1225) MS Rating: Important

    An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.

     

    Dynamics On-Premise Elevation of Privilege Vulnerability (CVE-2019-1229) MS Rating: Important

    An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfully exploited the vulnerability could leverage a customizer privilege within Dynamics to gain control of the Web Role hosting the Dynamics installation.

     

    HTTP/2 Server Denial of Service Vulnerability (CVE-2019-9512) MS Rating: Important

    A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.

     

    HTTP/2 Server Denial of Service Vulnerability (CVE-2019-9518) MS Rating: Important

    A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.

     

  7. Security Update for Jet Database Engine

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1155) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1156) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1157) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1146) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1147) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

     

  8. Security Update for Visual Studio

    Git for Visual Studio Privilege Escalation Vulnerability (CVE-2019-1211) MS Rating: Important

    A privilege escalation vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user.

     

More information is available on Symantec's free Security Center portal and to our customers through the DeepSight Threat Management System.

About the Author

Preethi Koroth

Threat Analysis Engineer

Preethi Koroth is a member of Symantec's Cyber Security Services organization which provides round-the-clock monitoring and protection services against cyber attacks.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.