Microsoft July 2019 Patch Tuesday fixes zero-day exploited by Russian hackers

Microsoft patches 77 security flaws, including 15 rated "critical."

Earlier today, Microsoft published its monthly roll-up of security updates known as Patch Tuesday. This month, the Redmond-based company patched 77 vulnerabilities, including two zero-days -- security flaws that were being actively exploited in the wild.

The two zero-days are CVE-2019-0880 and CVE-2019-1132, and both are privilege escalation issues.

They don't allow hackers to take over users' computers remotely, but are used after the hacker has gained access to a system to elevate access rights to a high-privileged account.

The most important of the two zero-days patched today is CVE-2019-1132, a privilege escalation in the Win32k component. The zero-day was discovered by ESET as part of the attack chain of a group of Russian state-funded hackers. The company told ZDNet it plans to publish an in-depth blog post about these attacks and the zero-day tomorrow, July 10.

The second zero-day is CVE-2019-0880. This one is also a privilege escalation, but in splwow64.exe, another Windows core process. This vulnerability was discovered by Resecurity, and no other details about in-the-wild exploitation are currently available.

Besides these two highly critical flaws, Microsoft also patched six other vulnerabilities whose exploitation details became public and could have helped attackers; however, they were not exploited until today, when Microsoft shipped patches. These include:

CVE-2018-15664 (Docker flaw in Azure)

CVE-2019-0865 (SymCrypt DoS, see here)

CVE-2019-0887 (RDP RCE, see here)

CVE-2019-0962 (Azure Automation elevation of privilege)

CVE-2019-1068 (Microsoft SQL Server RCE)

CVE-2019-1129 (ZDNet coverage here)

On top of these, there are also 15 security flaws in the July 2018 Patch Tuesday that have a rating of "Critical," which is Microsoft's highest severity rating.

These include remote code execution and memory corruption flaws in the Windows DHCP server service and the Chakra scripting engine that's used with Microsoft Edge. These are privately reported vulnerabilities, but due to their nature, they will most likely be targeted for exploitation in the future, and patches will need to be applied.

Since the Microsoft Patch Tuesday is also the day when other vendors also release security patches, it's also worth mentioning that Adobe and SAP have also published their respective security updates earlier today.

More in-depth information on today's Patch Tuesday updates is available on Microsoft's official Security Update Guide portal. You can also consult the table embedded below, this Patch Tuesday report generated by ZDNet, or this one, put together by Trend Micro.

Tag	CVE ID	CVE Title
Servicing Stack Updates	ADV990001	Latest Servicing Stack Updates
Microsoft Exchange Server	ADV190021	Outlook on the web Cross-Site Scripting Vulnerability
.NET Framework	CVE-2019-1083	.NET Denial of Service Vulnerability
.NET Framework	CVE-2019-1113	.NET Framework Remote Code Execution Vulnerability
.NET Framework	CVE-2019-1006	WCF/WIF SAML Token Authentication Bypass Vulnerability
ASP.NET	CVE-2019-1075	ASP.NET Core Spoofing Vulnerability
Azure	CVE-2019-0962	Azure Automation Elevation of Privilege Vulnerability
Azure DevOps	CVE-2019-1076	Team Foundation Server Cross-site Scripting Vulnerability
Azure DevOps	CVE-2019-1072	Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability
Internet Explorer	CVE-2019-1063	Internet Explorer Memory Corruption Vulnerability
Microsoft Browsers	CVE-2019-1104	Microsoft Browser Memory Corruption Vulnerability
Microsoft Exchange Server	CVE-2019-1136	Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server	CVE-2019-1137	Microsoft Exchange Server Spoofing Vulnerability
Microsoft Graphics Component	CVE-2019-1118	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1119	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1117	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1127	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1116	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1120	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1124	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-0999	DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component	CVE-2019-1128	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1121	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1122	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1123	DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1097	DirectWrite Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1096	Win32k Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1101	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1098	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1095	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1102	GDI+ Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1100	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1094	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1093	DirectWrite Information Disclosure Vulnerability
Microsoft Office	CVE-2019-1084	Microsoft Exchange Information Disclosure Vulnerability
Microsoft Office	CVE-2019-1111	Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office	CVE-2019-1110	Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office	CVE-2019-1109	Microsoft Office Spoofing Vulnerability
Microsoft Office	CVE-2019-1112	Microsoft Excel Information Disclosure Vulnerability
Microsoft Office SharePoint	CVE-2019-1134	Microsoft Office SharePoint XSS Vulnerability
Microsoft Scripting Engine	CVE-2019-1062	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1004	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1001	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1059	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1056	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1106	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1092	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1103	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1107	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows	CVE-2019-1067	Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-1074	Microsoft Windows Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-1091	Microsoft unistore.dll Information Disclosure Vulnerability
Microsoft Windows	CVE-2019-1082	Microsoft Windows Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-0975	ADFS Security Feature Bypass Vulnerability
Microsoft Windows	CVE-2019-1130	Windows Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-1129	Windows Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-1037	Windows Error Reporting Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-0880	Microsoft splwow64 Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-0865	SymCrypt Denial of Service Vulnerability
Microsoft Windows	CVE-2019-0785	Windows DHCP Server Remote Code Execution Vulnerability
Microsoft Windows	CVE-2019-0887	Remote Desktop Services Remote Code Execution Vulnerability
Microsoft Windows	CVE-2019-0966	Windows Hyper-V Denial of Service Vulnerability
Microsoft Windows	CVE-2019-1126	ADFS Security Feature Bypass Vulnerability
Microsoft Windows DNS	CVE-2019-1090	Windows dnsrlvr.dll Elevation of Privilege Vulnerability
Microsoft Windows DNS	CVE-2019-0811	Windows DNS Server Denial of Service Vulnerability
Open Source Software	CVE-2018-15664	Docker Elevation of Privilege Vulnerability
SQL Server	CVE-2019-1068	Microsoft SQL Server Remote Code Execution Vulnerability
Visual Studio	CVE-2019-1077	Visual Studio Elevation of Privilege Vulnerability
Visual Studio	CVE-2019-1079	Visual Studio Information Disclosure Vulnerability
Windows Kernel	CVE-2019-1073	Windows Kernel Information Disclosure Vulnerability
Windows Kernel	CVE-2019-1132	Win32k Elevation of Privilege Vulnerability
Windows Kernel	CVE-2019-1071	Windows Kernel Information Disclosure Vulnerability
Windows Kernel	CVE-2019-1089	Windows RPCSS Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1086	Windows Audio Service Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1088	Windows Audio Service Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1087	Windows Audio Service Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1085	Windows WLAN Service Elevation of Privilege Vulnerability
Windows RDP	CVE-2019-1108	Remote Desktop Protocol Client Information Disclosure Vulnerability
Windows Shell	CVE-2019-1099	Windows GDI Information Disclosure Vulnerability

ctto: zdnet.com

Search This Blog

Dream Team IT Solutions and Consultancy

Microsoft July 2019 Patch Tuesday fixes zero-day exploited by Russian hackers

Comments

Post a Comment

Popular posts from this blog

How to Make Windows Photo Viewer Your Default Image Viewer on Windows 10

How to configure your Outlook GMail account

B1SiteUser Password Reset and Recovery