Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka ‘Windows Kernel Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-1041.
2. An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka ‘Windows Common Log File System Driver Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0984.
3. An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka ‘Windows User Profile Service Elevation of Privilege Vulnerability’.
4. An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka ‘Windows Installer Elevation of Privilege Vulnerability’.
5. A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka ‘Windows NTLM Tampering Vulnerability’.
6. A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0974.
7. An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity, aka ‘Windows Event Viewer Information Disclosure Vulnerability’.
8. A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka ‘Microsoft Windows Security Feature Bypass Vulnerability’.
9. An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1009, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.
10. An elevation of privilege exists in Windows Audio Service, aka ‘Windows Audio Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1028.
11. An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka ‘Windows Kernel Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-1065.
12. An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts, aka ‘Windows Shell Elevation of Privilege Vulnerability’.
13. A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0909, CVE-2019-0974.
14. A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka ‘Windows Hyper-V Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0620, CVE-2019-0709.
15. An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka ‘Windows Kernel Information Disclosure Vulnerability’.
16. An elevation of privilege exists in Windows Audio Service, aka ‘Windows Audio Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.
17. A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka ‘Comctl32 Remote Code Execution Vulnerability’.
18. A denial of service vulnerability exists when Windows improperly handles objects in memory, aka ‘Windows Denial of Service Vulnerability’.
19. A security feature bypass vulnerability exists when Windows Secure Kernel Mode fails to properly handle objects in memory.To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system, aka ‘Windows Secure Kernel Mode Security Feature Bypass Vulnerability’.
20. A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909.
21. A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka ‘Windows Hyper-V Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0620, CVE-2019-0722.
22. A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka ‘Windows Hyper-V Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0709, CVE-2019-0722.
23. An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory, aka ‘Windows Network File System Elevation of Privilege Vulnerability’.
24. A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0904, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974.
25. An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka ‘Task Scheduler Elevation of Privilege Vulnerability’.
26. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0960, CVE-2019-1017.
27. A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests, aka ‘Microsoft IIS Server Denial of Service Vulnerability’.
28. An elevation of privilege exists in Windows Audio Service, aka ‘Windows Audio Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1027, CVE-2019-1028.
29. An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka ‘Windows Common Log File System Driver Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0959.
30. A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974.
31. An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka ‘Windows ALPC Elevation of Privilege Vulnerability’.
32. An elevation of privilege exists in Windows Audio Service, aka ‘Windows Audio Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027.
33. An elevation of privilege exists in Windows Audio Service, aka ‘Windows Audio Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-1007, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.
34. An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka ‘Windows Elevation of Privilege Vulnerability’.
35. An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.
36. A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory, aka ‘ActiveX Data Objects (ADO) Remote Code Execution Vulnerability’.
37. A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974.
38. A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka ‘Windows Hyper-V Denial of Service Vulnerability’. This CVE ID is unique from CVE-2019-0710, CVE-2019-0713.
39. An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049.
40. An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.
41. An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka ‘DirectX Elevation of Privilege Vulnerability’.
42. A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974.
43. An elevation of privilege exists in Windows Audio Service, aka ‘Windows Audio Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.
44. A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka ‘Windows Hyper-V Denial of Service Vulnerability’. This CVE ID is unique from CVE-2019-0710, CVE-2019-0711.
45. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0960, CVE-2019-1014.
46. An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka ‘Windows Storage Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0983.
47. A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka ‘Windows Hyper-V Denial of Service Vulnerability’. This CVE ID is unique from CVE-2019-0711, CVE-2019-0713.
48. An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka ‘Windows Storage Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0998.
49. This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka ‘Local Security Authority Subsystem Service Denial of Service Vulnerability’.

Первичный источник обнаружения

• CVE-2019-1065
  CVE-2019-0959
  CVE-2019-0986
  CVE-2019-0973
  CVE-2019-1040
  CVE-2019-0909
  CVE-2019-0948
  CVE-2019-1019
  CVE-2019-1010
  CVE-2019-1027
  CVE-2019-1041
  CVE-2019-1053
  CVE-2019-0908
  CVE-2019-0722
  CVE-2019-1039
  CVE-2019-1007
  CVE-2019-1043
  CVE-2019-1025
  CVE-2019-1044
  CVE-2019-0974
  CVE-2019-0709
  CVE-2019-0620
  CVE-2019-1045
  CVE-2019-0905
  CVE-2019-1069
  CVE-2019-1014
  CVE-2019-0941
  CVE-2019-1026
  CVE-2019-0984
  CVE-2019-0906
  CVE-2019-0943
  CVE-2019-1028
  CVE-2019-1021
  CVE-2019-1064
  CVE-2019-1046
  CVE-2019-0888
  CVE-2019-0907
  CVE-2019-0711
  CVE-2019-1050
  CVE-2019-1012
  CVE-2019-1018
  CVE-2019-0904
  CVE-2019-1022
  CVE-2019-0713
  CVE-2019-1017
  CVE-2019-0998
  CVE-2019-0710
  CVE-2019-0983
  CVE-2019-0972
  ADV190016
  ADV190017
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-8
• Windows-RT
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019

Список CVE

• CVE-2019-1065
  critical
• CVE-2019-0959
  critical
• CVE-2019-0986
  high
• CVE-2019-0973
  critical
• CVE-2019-1040
  high
• CVE-2019-0909
  critical
• CVE-2019-0948
  high
• CVE-2019-1019
  critical
• CVE-2019-1010
  high
• CVE-2019-1027
  critical
• CVE-2019-1041
  critical
• CVE-2019-1053
  critical
• CVE-2019-0908
  critical
• CVE-2019-0722
  critical
• CVE-2019-1039
  high
• CVE-2019-1007
  critical
• CVE-2019-1043
  high
• CVE-2019-1025
  critical
• CVE-2019-1044
  critical
• CVE-2019-0974
  critical
• CVE-2019-0709
  critical
• CVE-2019-0620
  critical
• CVE-2019-1045
  critical
• CVE-2019-0905
  critical
• CVE-2019-1069
  critical
• CVE-2019-1014
  critical
• CVE-2019-0941
  critical
• CVE-2019-1026
  critical
• CVE-2019-0984
  critical
• CVE-2019-0906
  critical
• CVE-2019-0943
  critical
• CVE-2019-1028
  critical
• CVE-2019-1021
  critical
• CVE-2019-1064
  critical
• CVE-2019-1046
  high
• CVE-2019-0888
  critical
• CVE-2019-0907
  critical
• CVE-2019-0711
  high
• CVE-2019-1050
  high
• CVE-2019-1012
  high
• CVE-2019-1018
  critical
• CVE-2019-0904
  critical
• CVE-2019-1022
  critical
• CVE-2019-0713
  high
• CVE-2019-1017
  critical
• CVE-2019-0998
  critical
• CVE-2019-0710
  high
• CVE-2019-0983
  critical
• CVE-2019-0972
  high

Список KB

• 4503293
• 4503327
• 4503286
• 4503284
• 4503276
• 4503267
• 4503291
• 4503290
• 4503279
• 4507453

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com