Microsoft Security updates  - tuLM71552446237 - Microsoft Security updates – 64 Vulnerabilities are Fixed

A new security update released for March 2019 under patch Tuesday with the fixes for , so its time to update your Windows System.

These patched vulnerabilities are affected by many of the Microsoft products including,

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office SharePoint
  • ChakraCore
  • Team Foundation Server
  • Skype for Business
  • Visual Studio
  • NuGet

Among the 64 vulnerabilities, 15 being classified as “Critical” and the rest of the are categorized under arbitrary, moderate, low severity. 

2 Active Zero-day Bug Fixes 

This new Microsoft security update includes an active exploit discovered by Kaspersky and .

Google recently announced critical browser update for a that affected a windows 7 to run arbitrary code and take the full control of the system and it’s fixed now CVE-2019-0808

This vulnerability allow attackers to install programs; view, change, or delete data; or create new accounts with full user rights.

Another vulnerability (CVE-2019-0797)that reported by Kaspersky researchers is an elevation of privilege vulnerability exists in Windows when the Win32k component fails arbitrary.

An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Microsoft security

This Microsoft security update fixed the vulnerabilities in following product and here you can access the complete details of respective vulnerability .

Internet Explorer

Internet Explorer CVE-2019-0768 Internet Explorer Security Feature Bypass Vulnerability Important
Internet Explorer CVE-2019-0761 Internet Explorer Security Feature Bypass Vulnerability Important
Internet Explorer CVE-2019-0763 Internet Explorer Memory Corruption Vulnerability Critical

Microsoft Edge

Microsoft Edge CVE-2019-0612 Microsoft Edge Security Feature Bypass Vulnerability Important
Microsoft Edge CVE-2019-0678 Microsoft Edge Elevation of Privilege Vulnerability Important
Microsoft Edge CVE-2019-0779 Microsoft Edge Memory Corruption Vulnerability Important

Microsoft Graphics Component

Microsoft Graphics Component CVE-2019-0808 Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2019-0774 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-0797 Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2019-0614 Windows GDI Information Disclosure Vulnerability Important

Microsoft Scripting Engine

Microsoft Scripting Engine CVE-2019-0592 Chakra Scripting Engine Memory Corruption Vulnerability Moderate
Microsoft Scripting Engine CVE-2019-0746 Chakra Scripting Engine Memory Corruption Vulnerability Low
Microsoft Scripting Engine CVE-2019-0639 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0783 Scripting Engine Memory Corruption Vulnerability Important
Microsoft Scripting Engine CVE-2019-0609 Scripting Engine Memory Corruption Vulnerability Moderate
Microsoft Scripting Engine CVE-2019-0611 Chakra Scripting Engine Memory Corruption Vulnerability Low
Microsoft Scripting Engine CVE-2019-0666 Windows VBScript Engine Remote Code Execution Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0769 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0665 Windows VBScript Engine Remote Code Execution Vulnerability Important
Microsoft Scripting Engine CVE-2019-0667 Windows VBScript Engine Remote Code Execution Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0680 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0773 Scripting Engine Memory Corruption Vulnerability Moderate
Microsoft Scripting Engine CVE-2019-0770 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0771 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0772 Windows VBScript Engine Remote Code Execution Vulnerability Important

Windows Subsystem for Linux

Windows Subsystem for Linux CVE-2019-0689 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important
Windows Subsystem for Linux CVE-2019-0682 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important
Windows Subsystem for Linux CVE-2019-0694 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important
Windows Subsystem for Linux CVE-2019-0693 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important
Windows Subsystem for Linux CVE-2019-0692 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important

Windows DHCP Client

Windows DHCP Client CVE-2019-0726 Windows DHCP Client Remote Code Execution Vulnerability Critical
Windows DHCP Client CVE-2019-0697 Windows DHCP Client Remote Code Execution Vulnerability Critical
Windows DHCP Client CVE-2019-0698 Windows DHCP Client Remote Code Execution Vulnerability Critical

Microsoft Windows

Microsoft Windows CVE-2019-0603 Windows Deployment Services TFTP Server Remote Code Execution Vulnerability Critical
Microsoft Windows ADV190010 Best Practices Regarding Sharing of a Single User Account Across Multiple Users N/A
Microsoft Windows ADV190009 SHA-2 Code Sign Support Advisory N/A
Microsoft Windows CVE-2019-0754 Windows Denial of Service Vulnerability Important
Microsoft Windows CVE-2019-0765 Comctl32 Remote Code Execution Vulnerability Important
Microsoft Windows CVE-2019-0766 Microsoft Windows Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2019-0784 Windows ActiveX Remote Code Execution Vulnerability Critical

Windows Hyper-V

Windows Hyper-V CVE-2019-0695 Windows Hyper-V Denial of Service Vulnerability Important
Windows Hyper-V CVE-2019-0690 Windows Hyper-V Denial of Service Vulnerability Important
Windows Hyper-V CVE-2019-0701 Windows Hyper-V Denial of Service Vulnerability Important

Others

Microsoft XML CVE-2019-0756 MS XML Remote Code Execution Vulnerability Critical
NuGet CVE-2019-0757 NuGet Package Manager Tampering Vulnerability Important
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates Critical
Skype for Business CVE-2019-0798 Skype for Business and Lync Spoofing Vulnerability Important
Team Foundation Server CVE-2019-0777 Team Foundation Server Cross-site Scripting Vulnerability Low
Visual Studio CVE-2019-0809 Visual Studio Remote Code Execution Vulnerability Important
Active Directory CVE-2019-0683 Active Directory Elevation of Privilege Vulnerability Important
Adobe Flash Player ADV190008 March 2019 Adobe Flash Security Update Low
Azure CVE-2019-0816 Azure SSH Keypairs Security Feature Bypass Vulnerability Moderate
Microsoft Office CVE-2019-0748 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2019-0778 Microsoft Office SharePoint XSS Vulnerability Important

You can follow us on LinkedinTwitterFacebook for daily updates also you can take the Best Cybersecurity courses online to keep your self-updated.





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here