Posted: 25 Min ReadThreat Intelligence

Microsoft Patch Tuesday – May 2019

This month the vendor has patched 79 vulnerabilities, 22 of which are rated Critical.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

IMPORTANT: Due to the severity of CVE-2019-0708, and the high likelihood of exploitation, Symantec recommends that customers apply patches immediately. If immediate patching is not possible, customers should take the following steps:

  • Disable Remote Desktop Services if not required
  • Block TCP port 3389 at the firewall
  • Enable Network Level Protection

UPDATE 05-22-2019: Symantec has released the following IPS signatures to detect and block attempts to exploit CVE-2019-0708:

Microsoft's summary of the May 2019 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

 

This month's update covers vulnerabilities in:

  • Internet Explorer
  • Microsoft Edge
  • ChakraCore
  • Microsoft Office
  • Microsoft .NET
  • Microsoft Windows
  • Microsoft Remote Desktop Services
  • Graphics Device Interface (GDI)
  • Jet Database Engine
  • Team Foundation Server
  • Skype for Android
  • Azure
  • NuGet

 

The following is a breakdown of the issues being addressed this month:

  1. Cumulative Security Update for Microsoft Browsers

    Scripting Engine Memory Corruption Vulnerability (CVE-2019-0911) MS Rating: Critical

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0912) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0913) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0914) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0915) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0916) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0917) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2019-0918) MS Rating: Critical

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Internet Explorer Spoofing Vulnerability (CVE-2019-0921) MS Rating: Important

    A spoofing vulnerability exists when Internet Explorer improperly handles URLs. An attacker who successfully exploits this vulnerability could trick a user by redirecting the user to a specially crafted website.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0922) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0923) MS Rating: Important

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0924) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0925) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0926) MS Rating: Critical

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0927) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Internet Explorer Memory Corruption Vulnerability (CVE-2019-0929) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Internet Explorer Information Disclosure Vulnerability (CVE-2019-0930) MS Rating: Important

    An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploits this vulnerability could obtain information to further compromise the user's system.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2019-0884) MS Rating: Critical

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0937) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Microsoft Edge Privilege Escalation Vulnerability (CVE-2019-0938) MS Rating: Important

    A privilege escalation vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploits this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox.

     

    Microsoft Browser Memory Corruption Vulnerability (CVE-2019-0940) MS Rating: Critical

    A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. This vulnerability may corrupt memory in such a way that could allow an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0933) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

     

    Internet Explorer Security Bypass Vulnerability (CVE-2019-0995) MS Rating: Important

    A security bypass vulnerability exists when 'urlmon.dll' improperly handles certain Mark of the Web queries. The vulnerability allows Internet Explorer to bypass Mark of the Web warnings or restrictions for files downloaded or created in a specific way.

     

  2. Cumulative Security Update for Microsoft Office

    Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability (CVE-2019-0945) MS Rating: Important

    A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability (CVE-2019-0946) MS Rating: Important

    A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability (CVE-2019-0947) MS Rating: Important

    A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Microsoft SharePoint Spoofing Vulnerability (CVE-2019-0949) MS Rating: Important

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft SharePoint Spoofing Vulnerability (CVE-2019-0950) MS Rating: Important

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft SharePoint Spoofing Vulnerability (CVE-2019-0951) MS Rating: Important

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2019-0952) MS Rating: Important

    A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.NET web controls.

     

    Microsoft Word Remote Code Execution Vulnerability (CVE-2019-0953) MS Rating: Critical

    A remote code execution vulnerability exists in Microsoft Word when it fails to properly handle objects in memory. An attacker who successfully exploits the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

     

    Microsoft SharePoint Server Information Disclosure Vulnerability (CVE-2019-0956) MS Rating: Important

    An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2019-0957) MS Rating: Important

    A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2019-0958) MS Rating: Important

    A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft Office SharePoint XSS Vulnerability (CVE-2019-0963) MS Rating: Important

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

  3. Cumulative Security Update for Microsoft .NET

    .NET Framework and .NET Core Denial of Service Vulnerability (CVE-2019-0820) MS Rating: Important

    A denial of service (DoS) vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully exploits this vulnerability could cause a denial of service against a .NET application.

     

    .NET Framework Denial of Service Vulnerability (CVE-2019-0864) MS Rating: Important

    A denial of service (DoS) vulnerability exists when .NET Framework improperly handles objects in heap memory. An attacker who successfully exploits this vulnerability could cause a denial of service against a .NET application.

     

    ASP.NET Core Denial of Service Vulnerability (CVE-2019-0980) MS Rating: Important

    A denial of service (DoS) vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploits this vulnerability could cause a denial of service against an ASP.NET Core web application.

     

    ASP.NET Core Denial of Service Vulnerability (CVE-2019-0981) MS Rating: Important

    A denial of service vulnerability (DoS) exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploits this vulnerability could cause a denial of service against an ASP.NET Core web application.

     

    ASP.NET Denial of Service Vulnerability (CVE-2019-0982) MS Rating: Important

    A denial of service (DoS) vulnerability exists when ASP.NET improperly handles web requests. An attacker who successfully exploits this vulnerability could cause a denial of service against an ASP.NET web application.

     

    NuGet Package Manager Tampering Vulnerability (CVE-2019-0976) MS Rating: Important

    A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure. An attacker who successfully exploits this vulnerability could potentially modify files and folders that are unpacked on a system.

     

  4. Cumulative Security Update for Microsoft Windows Kernel

    Windows Kernel Privilege Escalation Vulnerability (CVE-2019-0881) MS Rating: Important

    A privilege escalation vulnerability exists when the Windows Kernel improperly handles key enumeration. An attacker who successfully exploits the vulnerability could gain elevated privileges on a targeted system.

     

    Win32k Privilege Escalation Vulnerability (CVE-2019-0892) MS Rating: Important

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode.

     

  5. Cumulative Security Update for Microsoft Windows

    Windows DHCP Server Remote Code Execution Vulnerability (CVE-2019-0725) MS Rating: Critical

    A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploits this vulnerability could run arbitrary code on the DHCP server.

     

    Windows NDIS Privilege Escalation Vulnerability (CVE-2019-0707) MS Rating: Important

    A privilege escalation vulnerability exists in the Network Driver Interface Specification (NDIS) when 'ndis.sys' fails to check the length of a buffer prior to copying memory to it.

     

    Diagnostic Hub Standard Collector,Visual Studio Standard Collector Privilege Escalation Vulnerability (CVE-2019-0727) MS Rating: Important

    A privilege escalation vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system.

     

    Windows Defender Application Control Security Bypass Vulnerability (CVE-2019-0733) MS Rating: Important

    A security bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploits this vulnerability could circumvent Windows PowerShell Constrained Language Mode on the machine.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-0734) MS Rating: Important

    A privilege escalation vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully decode and replace authentication requests using Kerberos, allowing an attacker to be validated as an Administrator. The update addresses this vulnerability by changing how these requests are validated.

     

    Microsoft SQL Server Analysis Services Information Disclosure Vulnerability (CVE-2019-0819) MS Rating: Important

    An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions. An attacker who successfully exploits the vulnerability could query tables or columns for which they do not have access rights.

     

    Windows Error Reporting Privilege Escalation Vulnerability (CVE-2019-0863) MS Rating: Important

    A privilege escalation vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode.

     

    Windows OLE Remote Code Execution Vulnerability (CVE-2019-0885) MS Rating: Important

    A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.

     

    Windows Hyper-V Information Disclosure Vulnerability (CVE-2019-0886) MS Rating: Important

    An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information.

     

    Windows Storage Service Privilege Escalation Vulnerability (CVE-2019-0931) MS Rating: Important

    A privilege escalation vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploits this vulnerability could gain elevated privileges on the victim system.

     

    Windows Privilege Escalation Vulnerability (CVE-2019-0936) MS Rating: Important

    A privilege escalation vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links. An attacker who successfully exploits this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.

     

    Unified Write Filter Privilege Escalation Vulnerability (CVE-2019-0942) MS Rating: Important

    A privilege escalation vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry. An attacker who successfully exploits the vulnerability could make changes to the registry keys protected by UWF without having administrator privileges.

     

    Microsoft Dynamics On-Premise Security Bypass Vulnerability (CVE-2019-1008) MS Rating: Important

    A security bypass vulnerability exists in Dynamics On Premise. An attacker who successfully exploits the vulnerability could send attachment types that are blocked by the email attachment system.

     

  6. Security Update for Microsoft Remote Desktop Services

    Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708) MS Rating: Critical

    A remote code execution vulnerability exists in Remote Desktop Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.

     

  7. Security Update for Windows Graphics Device Interface (GDI)

    GDI+ Remote Code Execution Vulnerability (CVE-2019-0903) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploits this vulnerability could take control of the affected system.

     

    Windows GDI Information Disclosure Vulnerability (CVE-2019-0758) MS Rating: Important

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploits the vulnerability could obtain information to further compromise the user's system.

     

    Windows GDI Information Disclosure Vulnerability (CVE-2019-0882) MS Rating: Important

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploits the vulnerability could obtain information to further compromise the user's system.

     

    Windows GDI Information Disclosure Vulnerability (CVE-2019-0961) MS Rating: Important

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploits the vulnerability could obtain information to further compromise the user's system.

     

  8. Security Update for Skype for Android

    Skype for Android Information Disclosure Vulnerability (CVE-2019-0932) MS Rating: Important

    An information disclosure vulnerability exists in Skype for Android. An attacker who successfully exploits this vulnerability could listen to the conversation of a Skype for Android user without the user's knowledge.

     

  9. Security Update for Jet Database Engine

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0889) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0890) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0891) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0893) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0894) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0895) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0896) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0897) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0898) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0899) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0900) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0901) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

    Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-0902) MS Rating: Important

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploits this vulnerability could execute arbitrary code on a victim system.

     

  10. Security Update for Azure and Team Foundation Server

    Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability (CVE-2019-0872) MS Rating: Important

    A cross-site scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, which will get executed in the context of the user every time a user visits the compromised page.

     

    Microsoft Azure AD Connect Privilege Escalation Vulnerability (CVE-2019-1000) MS Rating: Important

    A privilege escalation vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in the context of a privileged account, and perform privileged actions.

     

    Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability (CVE-2019-0971) MS Rating: Important

    An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server. An attacker who successfully exploits this vulnerability could execute malicious code on a vulnerable server.

     

    Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability (CVE-2019-0979) MS Rating: Important

    A cross-site scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user-provided input. An authenticated attacker could exploit this vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, which will get executed in the context of the user every time a user visits the compromised page.

     

More information is available on Symantec's free Security Center portal and to our customers through the DeepSight Threat Management System.

About the Author

Ratheesh PM

Sr Threat Analysis Engineer

Ratheesh is a member of Symantec's Cyber Security Services organization which provides round-the-clock monitoring and protection services against cyber attacks.