Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Microsoft March 2019 Patch Tuesday - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft March 2019 Patch Tuesday

This month we got patches for 64 vulnerabilities. Two of them have been exploited and four have been made public before today.

Both exploited vulnerabilities (CVE-2019-0808 and CVE-2019-0797) affects win32k component on multiple Windows versions, from Windows 7 to 2019, and may lead to privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Amongst 17 critical vulnerabilities this month, it's worth mentioning CVE-2019-0697 which affects DHCP Client and may lead to remote code execution (RCE). This is the second critical vulnerability in DHCP client this year both scoring 9.8 CVSS v3. The other one was patched in January (CVE-2019-0547).

See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com.

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Active Directory Elevation of Privilege Vulnerability
CVE-2019-0683 Yes No - - Important 4.9 4.4
Azure SSH Keypairs Security Feature Bypass Vulnerability
CVE-2019-0816 No No Less Likely Less Likely Moderate    
Best Practices Regarding Sharing of a Single User Account Across Multiple Users
ADV190010 No No - -      
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-0611 No No - - Important 4.3 3.9
CVE-2019-0746 No No Less Likely Less Likely Important 6.4 5.8
CVE-2019-0592 No No - - Critical 4.2 3.8
Comctl32 Remote Code Execution Vulnerability
CVE-2019-0765 No No Less Likely Less Likely Important 6.4 5.8
Internet Explorer Memory Corruption Vulnerability
CVE-2019-0763 No No More Likely More Likely Critical 6.4 5.8
Internet Explorer Security Feature Bypass Vulnerability
CVE-2019-0761 No No Less Likely Less Likely Important    
CVE-2019-0768 No No More Likely More Likely Important 4.3 3.9
Jet Database Engine Remote Code Execution Vulnerability
CVE-2019-0617 No No Less Likely Less Likely Important 7.8 7.0
Latest Servicing Stack Updates
ADV990001 No No - - Critical    
MS XML Remote Code Execution Vulnerability
CVE-2019-0756 No No Less Likely Less Likely Critical 7.5 6.7
March 2019 Adobe Flash Security Update
ADV190008 No No More Likely More Likely Low    
Microsoft Browser Memory Corruption Vulnerability
CVE-2019-0780 No No - - Important 6.4 5.8
Microsoft Browsers Security Feature Bypass Vulnerability
CVE-2019-0762 No No - - Important 2.4 2.2
Microsoft Edge Elevation of Privilege Vulnerability
CVE-2019-0678 No No - - Important 4.2 3.8
Microsoft Edge Memory Corruption Vulnerability
CVE-2019-0779 No No - - Important 4.2 3.8
Microsoft Edge Security Feature Bypass Vulnerability
CVE-2019-0612 No No - - Important 4.3 3.9
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2019-0748 No No - - Important    
Microsoft Office SharePoint XSS Vulnerability
CVE-2019-0778 No No - - Important    
Microsoft Windows Elevation of Privilege Vulnerability
CVE-2019-0766 No No Less Likely Less Likely Important 6.7 6.7
NuGet Package Manager Tampering Vulnerability
CVE-2019-0757 Yes No Less Likely Less Likely Important    
SHA-2 Code Sign Support Advisory
ADV190009 No No - -      
Scripting Engine Memory Corruption Vulnerability
CVE-2019-0609 No No - - Critical 6.4 5.8
CVE-2019-0639 No No - - Critical 4.2 3.8
CVE-2019-0769 No No - - Critical 4.2 3.8
CVE-2019-0770 No No - - Critical 4.2 3.8
CVE-2019-0771 No No - - Critical 4.2 3.8
CVE-2019-0773 No No - - Critical 4.2 3.8
CVE-2019-0783 No No More Likely More Likely Important 6.4 5.8
CVE-2019-0680 No No - - Critical 6.4 5.8
Skype for Business and Lync Spoofing Vulnerability
CVE-2019-0798 No No Less Likely Less Likely Important    
Team Foundation Server Cross-site Scripting Vulnerability
CVE-2019-0777 No No Less Likely Less Likely Low    
Visual Studio Remote Code Execution Vulnerability
CVE-2019-0809 Yes No Less Likely Less Likely Important    
Win32k Elevation of Privilege Vulnerability
CVE-2019-0797 No Yes Detected Unlikely Important 7.0 6.3
CVE-2019-0808 No Yes - - Important 7.0 6.3
Win32k Information Disclosure Vulnerability
CVE-2019-0776 No No Less Likely Less Likely Important 4.7 4.2
Windows ActiveX Remote Code Execution Vulnerability
CVE-2019-0784 No No Less Likely Less Likely Critical 4.2 3.8
Windows DHCP Client Remote Code Execution Vulnerability
CVE-2019-0697 No No Less Likely Less Likely Critical 9.8 8.8
CVE-2019-0698 No No Less Likely Less Likely Critical 9.8 8.8
CVE-2019-0726 No No Less Likely Less Likely Critical 9.8 8.8
Windows Denial of Service Vulnerability
CVE-2019-0754 Yes No Less Likely Less Likely Important 5.5 5.0
Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
CVE-2019-0603 No No Less Likely Less Likely Critical 7.5 6.7
Windows GDI Information Disclosure Vulnerability
CVE-2019-0774 No No Less Likely Less Likely Important 4.7 4.2
CVE-2019-0614 No No Less Likely Less Likely Important 4.7 4.2
Windows Hyper-V Denial of Service Vulnerability
CVE-2019-0690 No No Less Likely Less Likely Important 6.8 6.1
CVE-2019-0695 No No Less Likely Less Likely Important 6.8 6.1
CVE-2019-0701 No No Less Likely Less Likely Important 6.8 6.1
Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-0696 No No More Likely More Likely Important 7.0 6.3
Windows Kernel Information Disclosure Vulnerability
CVE-2019-0755 No No More Likely More Likely Important 5.5 5.0
CVE-2019-0767 No No More Likely More Likely Important 4.7 4.2
CVE-2019-0775 No No More Likely More Likely Important 4.7 4.2
CVE-2019-0782 No No Less Likely Less Likely Important 4.7 4.2
CVE-2019-0702 No No Less Likely Less Likely Important 5.5 5.0
Windows Print Spooler Information Disclosure Vulnerability
CVE-2019-0759 No No Less Likely Less Likely Important 4.7 4.2
Windows SMB Information Disclosure Vulnerability
CVE-2019-0703 No No More Likely More Likely Important 6.5 5.9
CVE-2019-0704 No No More Likely More Likely Important 6.5 5.9
CVE-2019-0821 No No More Likely More Likely Important 6.5 5.9
Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2019-0682 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-0689 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-0692 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-0693 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-0694 No No Less Likely Less Likely Important 7.0 6.3
Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2019-0772 No No Less Likely Less Likely Important 6.4 5.8
CVE-2019-0665 No No More Likely More Likely Important 7.5 6.7
CVE-2019-0666 No No More Likely More Likely Critical 7.5 6.7
CVE-2019-0667 No No More Likely More Likely Critical 7.5 6.7

 

--
Renato Marinho
Morphus Labs| LinkedIn|Twitt

Renato

43 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!