Kaspersky ID:
KLA11874
Detect Date:
06/11/2019
Updated:
01/22/2024

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, spoof user interface, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
  2. An elevation of privilege vulnerability in Windows Audio Service can be exploited remotely via specially crafted application to gain privileges.
  3. An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
  4. A remote code execution vulnerability in ActiveX Data Objects (ADO) can be exploited remotely to execute arbitrary code.
  5. A tampering vulnerability in Windows NTLM can be exploited remotely to spoof user interface.
  6. A denial of service vulnerability in Windows can be exploited remotely via specially crafted application to cause denial of service.
  7. An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
  8. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  9. An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted content to obtain sensitive information.
  10. A denial of service vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
  11. A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
  12. An elevation of privilege vulnerability in Windows User Profile Service can be exploited remotely via specially crafted application to gain privileges.
  13. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to gain privileges.
  14. A remote code execution vulnerability in Microsoft Speech API can be exploited remotely via specially crafted document to execute arbitrary code.
  15. An elevation of privilege vulnerability in Windows Network File System can be exploited remotely via specially crafted application to gain privileges.
  16. An elevation of privilege vulnerability in Windows ALPC can be exploited remotely via specially crafted application to gain privileges.
  17. A denial of service vulnerability in Microsoft IIS Server can be exploited remotely via specially crafted request to cause denial of service.
  18. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
  19. An information disclosure vulnerability in Windows Event Viewer can be exploited remotely via specially crafted to obtain sensitive information.
  20. A security feature bypass vulnerability in Microsoft Windows can be exploited remotely via specially crafted authentication to bypass security restrictions.
  21. An elevation of privilege vulnerability in Windows Shell can be exploited remotely to gain privileges.
  22. A remote code execution vulnerability in Comctl32 can be exploited remotely via specially crafted website to execute arbitrary code.
  23. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
  24. A denial of service vulnerability in Local Security Authority Subsystem Service can be exploited remotely via specially crafted authentication to cause denial of service.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

CVE list

  • CVE-2019-0986
    warning
  • CVE-2019-0973
    high
  • CVE-2019-1040
    warning
  • CVE-2019-0909
    critical
  • CVE-2019-0948
    warning
  • CVE-2019-1019
    high
  • CVE-2019-1010
    warning
  • CVE-2019-1053
    high
  • CVE-2019-0908
    critical
  • CVE-2019-0977
    warning
  • CVE-2019-1009
    warning
  • CVE-2019-0722
    critical
  • CVE-2019-1039
    warning
  • CVE-2019-1043
    critical
  • CVE-2019-1025
    critical
  • CVE-2019-0974
    critical
  • CVE-2019-1045
    high
  • CVE-2019-0905
    critical
  • CVE-2019-1014
    high
  • CVE-2019-0941
    warning
  • CVE-2019-0985
    high
  • CVE-2019-0960
    high
  • CVE-2019-0984
    high
  • CVE-2019-0906
    critical
  • CVE-2019-0943
    high
  • CVE-2019-1047
    warning
  • CVE-2019-1028
    warning
  • CVE-2019-1048
    warning
  • CVE-2019-1015
    warning
  • CVE-2019-1049
    warning
  • CVE-2019-1046
    warning
  • CVE-2019-0888
    critical
  • CVE-2019-0907
    critical
  • CVE-2019-1011
    warning
  • CVE-2019-1013
    warning
  • CVE-2019-1012
    warning
  • CVE-2019-0968
    warning
  • CVE-2019-0904
    critical
  • CVE-2019-0713
    high
  • CVE-2019-1017
    high
  • CVE-2019-0972
    high
  • CVE-2019-1016
    warning
  • CVE-2019-1081
    warning
  • CVE-2019-1005
    critical
  • CVE-2019-1055
    critical
  • CVE-2019-1080
    critical
  • CVE-2019-0920
    critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.