Today, Microsoft Patch Tuesday June 2019 has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 88 new vulnerabilities, with 21 of them rated critical, 66 are rated Important and 1 is listed as Moderate in severity. These vulnerabilities impact Servicing Stack Updates, Windows Kernel, Adobe Flash Player, Microsoft Devices, Kerberos, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Scripting Engine, Skype for Business and Microsoft Lync, Microsoft Edge, Internet Explorer, Microsoft Exchange Server, Microsoft Office, Microsoft Office SharePoint, etc.
Publicly disclosed
1) CVE-2019-1069 – An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. To exploit the vulnerability, an attacker would require unprivileged code execution on a victim system.
2)CVE-2019-1064 – An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
3)CVE-2019-1053 – An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require unprivileged execution on the victim system.
4)CVE-2019-0973 – An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Few other critical vulnerabilities
1) Hyper-V and Office Vulnerabilities: Three remote code execution vulnerabilities, CVE-2019-0620, CVE-2019-0709, and CVE-2019-0722 were found in Hyper-V that would allow an authenticated user to run arbitrary code. Two REC vulnerabilities were found in Word, CVE-2019-1034 and CVE-2019-1035 by Allan Liska, threat intelligence analyst at Recorded Future.
2)NTLM Relay Attack Bug: CVE-2019-1040 and CVE-2019-1019 were found and patched that would allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.
None were found being exploited in the wild.
Microsoft Patch Tuesday June 2019 release consists of security updates for the following products:
- Internet Explorer
- Microsoft Edge
- Servicing Stack Updates
- Windows Kernel
- Adobe Flash Player
- Microsoft Devices
- Microsoft JET Database Engine
- Windows Authentication Methods
- Windows IIS
- Windows Installer
- Windows Media
- Windows NTLM
- Windows Shell
- Windows Kernel
- Skype for Business and Microsoft Lync
- Team Foundation Server
- VBScript
- Kerberos
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Windows
- ChakraCore
- Microsoft Windows Hyper-V
- Microsoft Exchange Server
Microsoft security bulletin summary for June 2019:
Product : Adobe Flash Player
CVE’s/Advisory : ADV190015
Severity : Critical
Impact : Remote Code Execution
KB’s : 4503308
Product : Internet Explorer
CVE’s/Advisory : CVE-2019-0920, CVE-2019-0988, CVE-2019-1005, CVE-2019-1038, CVE-2019-1055, CVE-2019-1080, CVE-2019-1081
Severity : Critical
Impact : Remote Code Execution, Information Disclosure
KB’s : 4503259, 4503267, 4503273, 4503276, 4503279, 4503284, 4503285, 4503286, 4503287, 4503290, 4503291, 4503292, 4503293, 4503327
Product : Microsoft Edge
CVE’s/Advisory : CVE-2019-0989, CVE-2019-0990, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1023, CVE-2019-1024, CVE-2019-1038, CVE-2019-1051, CVE-2019-1052, CVE-2019-1054, CVE-2019-1081
Severity : Critical
Impact : Security Feature Bypass, Remote Code Execution, Information Disclosure
KB’s : 4503267, 4503279, 4503284, 4503286, 4503291, 4503293, 4503327
Product : ChakraCore
CVE’s/Advisory : CVE-2019-0989, CVE-2019-0990, CVE-2019-0991, CVE-2019-0993, CVE-2019-1003, CVE-2019-1023, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052
Severity : Critical
Impact : Remote Code Execution, Information Disclosure
Product : Azure DevOps Server 2019
CVE’s/Advisory : CVE-2019-0996
Severity : Important
Impact : Spoofing
Product : Microsoft Exchange Server
CVE’s/Advisory : ADV190018
Impact : Defense in Depth
KB’s : 4503028, 45030287
Product : Microsoft Office
CVE’s/Advisory : CVE-2019-1029, CVE-2019-1031, CVE-2019-1032, CVE-2019-1033, CVE-2019-1034, CVE-2019-1035, CVE-2019-1036
Severity : Important
Impact : Denial of Service, Spoofing, Remote Code Execution
KB’s : 4092442, 4461611, 4461619, 4461621, 4462178, 4464571, 4464590, 4464594, 4464596, 4464597, 4464602, 4475511, 4475512, 4506009
Product : Windows
CVE’s/Advisory : ADV190016, ADV190017, CVE-2019-0620, CVE-2019-0709, CVE-2019-0710, CVE-2019-0711, CVE-2019-0713, CVE-2019-0722, CVE-2019-0888, CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0941, CVE-2019-0943, CVE-2019-0948, CVE-2019-0959, CVE-2019-0960, CVE-2019-0968, CVE-2019-0972, CVE-2019-0973, CVE-2019-0974, CVE-2019-0977, CVE-2019-0983, CVE-2019-0984, CVE-2019-0985, CVE-2019-0986, CVE-2019-0998, CVE-2019-1007, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1014, CVE-2019-1015, CVE-2019-1016, CVE-2019-1017, CVE-2019-1018, CVE-2019-1019, CVE-2019-1021, CVE-2019-1022, CVE-2019-1025, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028, CVE-2019-1039, CVE-2019-1040, CVE-2019-1041, CVE-2019-1043, CVE-2019-1044, CVE-2019-1045, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050, CVE-2019-1053, CVE-2019-1064, CVE-2019-1065, CVE-2019-1069
Severity : Critical
Impact : Denial of Service, Elevation of Privilege, Impact, Information Disclosure, Remote Code Execution, Security Feature Bypass, Tampering
KB’s : 4503263, 4503267, 4503269, 4503273, 4503276, 4503279, 4503284, 4503285, 4503286, 4503287, 4503290, 4503291, 4503292, 4503293, 4503327
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.