Microsoft Released first security updates in 2019 under Patch Tuesday and fixed 51 vulnerabilities that affected its products.
In this updates, Microsoft patches some of most critical vulnerabilities for Edge, Skype for Android, Windows Hyper-V, Microsoft Office etc.
Skype for Android elevation of privilege vulnerability (CVE-2019-0622) that could have allowed hackers to bypass authentication methods and access personal data on an Android device.
A remote code execution vulnerability exists in Microsoft Edge improperly accesses objects in memory that allows to corrupt memory in such a way that enables an attacker to execute arbitrary code
2019 first Patch Tuesday fixed several vulnerabilities for the following Microsoft products.
Microsoft issued patchs for 7 critical vulnerabilities that allow attacks to write an arbitary code in following vulnerable products.
Microsoft JET Database Engine
Microsoft JET Database Engine | CVE-2019-0576 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0538 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0575 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0577 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0582 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0583 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0584 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0581 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0578 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0579 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-0580 | Jet Database Engine Remote Code Execution Vulnerability |
Microsoft Office
| Microsoft Office | CVE-2019-0560 | Microsoft Office Information Disclosure Vulnerability |
| Microsoft Office | CVE-2019-0561 | Microsoft Word Information Disclosure Vulnerability |
| Microsoft Office | CVE-2019-0585 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2019-0559 | Microsoft Outlook Information Disclosure Vulnerability |
Microsoft Scripting Engine
| Microsoft Scripting Engine | CVE-2019-0568 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2019-0567 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2019-0539 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Windows
| Microsoft Windows | CVE-2019-0574 | Windows Data Sharing Service Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-0573 | Windows Data Sharing Service Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-0571 | Windows Data Sharing Service Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-0572 | Windows Data Sharing Service Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-0543 | Microsoft Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-0570 | Windows Runtime Elevation of Privilege Vulnerability |
Microsoft Office SharePoint
| Microsoft Office SharePoint | CVE-2019-0562 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office SharePoint | CVE-2019-0556 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Office SharePoint | CVE-2019-0558 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Office SharePoint | CVE-2019-0557 | Microsoft Office SharePoint XSS Vulnerability |
Microsoft Edge
| Microsoft Edge | CVE-2019-0565 | Microsoft Edge Memory Corruption Vulnerability |
| Microsoft Edge | CVE-2019-0566 | Microsoft Edge Elevation of Privilege Vulnerability |
Windows Kernel
| Windows Kernel | CVE-2019-0569 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2019-0536 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2019-0554 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2019-0549 | Windows Kernel Information Disclosure Vulnerability |
Other Products
| Microsoft XML | CVE-2019-0555 | Microsoft XmlDocument Elevation of Privilege Vulnerability |
| Servicing Stack Updates | ADV990001 | Latest Servicing Stack Updates |
| Visual Studio | CVE-2019-0537 | Microsoft Visual Studio Information Disclosure Vulnerability |
| Visual Studio | CVE-2019-0546 | Visual Studio Remote Code Execution Vulnerability |
| Windows COM | CVE-2019-0552 | Windows COM Elevation of Privilege Vulnerability |
| Windows DHCP Client | CVE-2019-0547 | Windows DHCP Client Remote Code Execution Vulnerability |
| Windows Hyper-V | CVE-2019-0550 | Windows Hyper-V Remote Code Execution Vulnerability |
| Windows Hyper-V | CVE-2019-0551 | Windows Hyper-V Remote Code Execution Vulnerability |
| Windows Subsystem for Linux | CVE-2019-0553 | Windows Subsystem for Linux Information Disclosure Vulnerability |
| .NET Framework | CVE-2019-0545 | .NET Framework Information Disclosure Vulnerability |
| Adobe Flash Player | CVE-2019-0622 | January 2019 Adobe Flash Update |
| Android App | CVE-2019-0622 | Skype for Android Elevation of Privilege Vulnerability |
| ASP.NET | CVE-2019-0548 | ASP.NET Core Denial of Service Vulnerability |
| ASP.NET | CVE-2019-0564 | ASP.NET Core Denial of Service Vulnerability |
| Internet Explorer | CVE-2019-0541 | MSHTML Engine Remote Code Execution Vulnerability |
Also Read : Adobe Released Security Patches for Digital Editions and Connect
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS)…
Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target…
ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts…
Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and…
The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and…
Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated cybercriminals to achieve its strategic goals,…