Monday, June 17, 2024

Microsoft Released Security Updates that Fixed 51 Vulnerabilities that Affected its Products

Microsoft Released first security updates in 2019 under Patch Tuesday and fixed 51 vulnerabilities that affected its products.

In this updates, Microsoft patches some of most critical vulnerabilities for Edge, Skype for Android, Windows Hyper-V, Microsoft Office etc.

 Skype for Android elevation of privilege vulnerability (CVE-2019-0622) that could have allowed hackers to bypass authentication methods and access personal data on an Android device.

A remote code execution vulnerability exists in Microsoft Edge improperly accesses objects in memory that allows to corrupt memory in such a way that enables an attacker to execute arbitrary code

2019 first Patch Tuesday fixed several vulnerabilities for the following Microsoft products.

  • Adobe Flash Player
  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • ChakraCore
  • .NET Framework
  • ASP.NET
  • Microsoft Exchange Server
  • Microsoft Visual Studio

Microsoft issued patchs for 7 critical vulnerabilities that allow attacks to write an arbitary code in following vulnerable products.

  •  Chakra Scripting Engine Memory Corruption Vulnerability –
  • CVE-2019-0568
  • Microsoft Edge Memory Corruption Vulnerability –
  • CVE-2019-0565 
  • Chakra Scripting Engine Memory Corruption Vulnerability –
  • CVE-2019-0567
  • Windows DHCP Client Remote Code Execution Vulnerability
  • CVE-2019-0547
  • Chakra Scripting Engine Memory Corruption Vulnerability –
  • CVE-2019-0539
  • Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-0551 
  • Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-0550

Microsoft Security Updates

Microsoft JET Database Engine


Microsoft JET Database Engine
CVE-2019-0576Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0538Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0575Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0577Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0582Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0583Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0584Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0581Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0578Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0579Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0580Jet Database Engine Remote Code Execution Vulnerability

Microsoft Office

Microsoft OfficeCVE-2019-0560Microsoft Office Information Disclosure Vulnerability
Microsoft OfficeCVE-2019-0561Microsoft Word Information Disclosure Vulnerability
Microsoft OfficeCVE-2019-0585Microsoft Word Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0559Microsoft Outlook Information Disclosure Vulnerability

Microsoft Scripting Engine

Microsoft Scripting EngineCVE-2019-0568Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0567Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0539Chakra Scripting Engine Memory Corruption Vulnerability

Microsoft Windows

Microsoft WindowsCVE-2019-0574Windows Data Sharing Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0573Windows Data Sharing Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0571Windows Data Sharing Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0572Windows Data Sharing Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0543Microsoft Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0570Windows Runtime Elevation of Privilege Vulnerability

Microsoft Office SharePoint

Microsoft Office SharePointCVE-2019-0562Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePointCVE-2019-0556Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2019-0558Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2019-0557Microsoft Office SharePoint XSS Vulnerability

Microsoft Edge

Microsoft EdgeCVE-2019-0565Microsoft Edge Memory Corruption Vulnerability
Microsoft EdgeCVE-2019-0566Microsoft Edge Elevation of Privilege Vulnerability

Windows Kernel

Windows KernelCVE-2019-0569Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2019-0536Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2019-0554Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2019-0549Windows Kernel Information Disclosure Vulnerability

Other Products

Microsoft XMLCVE-2019-0555Microsoft XmlDocument Elevation of Privilege Vulnerability
Servicing Stack UpdatesADV990001Latest Servicing Stack Updates
Visual StudioCVE-2019-0537Microsoft Visual Studio Information Disclosure Vulnerability
Visual StudioCVE-2019-0546Visual Studio Remote Code Execution Vulnerability
Windows COMCVE-2019-0552Windows COM Elevation of Privilege Vulnerability
Windows DHCP ClientCVE-2019-0547Windows DHCP Client Remote Code Execution Vulnerability
Windows Hyper-VCVE-2019-0550Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-VCVE-2019-0551Windows Hyper-V Remote Code Execution Vulnerability
Windows Subsystem for LinuxCVE-2019-0553Windows Subsystem for Linux Information Disclosure Vulnerability
.NET FrameworkCVE-2019-0545.NET Framework Information Disclosure Vulnerability
Adobe Flash PlayerCVE-2019-0622January 2019 Adobe Flash Update
Android AppCVE-2019-0622Skype for Android Elevation of Privilege Vulnerability
ASP.NETCVE-2019-0548ASP.NET Core Denial of Service Vulnerability
ASP.NETCVE-2019-0564ASP.NET Core Denial of Service Vulnerability
Internet ExplorerCVE-2019-0541MSHTML Engine Remote Code Execution Vulnerability

Also Read : Adobe Released Security Patches for Digital Editions and Connect

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Website

Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles