MSFT July 2019 Patch Tuesday
July 2019 Security Updates
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| .NET Denial of Service Vulnerability | |||||||
| CVE-2019-1083 | No | No | Less Likely | Less Likely | Important | ||
| .NET Framework Remote Code Execution Vulnerability | |||||||
| CVE-2019-1113 | No | No | More Likely | More Likely | Critical | ||
| ADFS Security Feature Bypass Vulnerability | |||||||
| CVE-2019-0975 | No | No | Less Likely | Less Likely | Important | 4.3 | 3.9 |
| CVE-2019-1126 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
| ASP.NET Core Spoofing Vulnerability | |||||||
| CVE-2019-1075 | No | No | Less Likely | Less Likely | Moderate | ||
| Azure Automation Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0962 | Yes | No | Less Likely | Less Likely | Important | ||
| Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability | |||||||
| CVE-2019-1072 | No | No | Less Likely | Less Likely | Critical | ||
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
| CVE-2019-1062 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-1092 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-1103 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-1106 | No | No | - | - | Critical | 4.2 | 3.8 |
| CVE-2019-1107 | No | No | - | - | Critical | 4.2 | 3.8 |
| DirectWrite Information Disclosure Vulnerability | |||||||
| CVE-2019-1093 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| CVE-2019-1097 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| DirectWrite Remote Code Execution Vulnerability | |||||||
| CVE-2019-1117 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1118 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1119 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1120 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1121 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1122 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1123 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1124 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1127 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1128 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| DirectX Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0999 | No | No | - | - | Important | 7.8 | 7.0 |
| Docker Elevation of Privilege Vulnerability | |||||||
| CVE-2018-15664 | Yes | No | Less Likely | Less Likely | Important | ||
| GDI+ Remote Code Execution Vulnerability | |||||||
| CVE-2019-1102 | No | No | Less Likely | Less Likely | Critical | 8.4 | 7.6 |
| Internet Explorer Memory Corruption Vulnerability | |||||||
| CVE-2019-1063 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
| Latest Servicing Stack Updates | |||||||
| ADV990001 | No | No | - | - | Critical | ||
| Microsoft Browser Memory Corruption Vulnerability | |||||||
| CVE-2019-1104 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
| Microsoft Excel Information Disclosure Vulnerability | |||||||
| CVE-2019-1112 | No | No | More Likely | More Likely | Important | ||
| Microsoft Excel Remote Code Execution Vulnerability | |||||||
| CVE-2019-1110 | No | No | Less Likely | Less Likely | Important | ||
| CVE-2019-1111 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Exchange Information Disclosure Vulnerability | |||||||
| CVE-2019-1084 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1136 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Exchange Server Spoofing Vulnerability | |||||||
| CVE-2019-1137 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Office SharePoint XSS Vulnerability | |||||||
| CVE-2019-1134 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Office Spoofing Vulnerability | |||||||
| CVE-2019-1109 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft SQL Server Remote Code Execution Vulnerability | |||||||
| CVE-2019-1068 | Yes | No | Less Likely | Less Likely | Important | ||
| Microsoft Windows Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1074 | No | No | More Likely | More Likely | Important | 5.3 | 5.3 |
| CVE-2019-1082 | No | No | - | - | Important | 7.7 | 7.7 |
| Microsoft splwow64 Elevation of Privilege Vulnerability | |||||||
| CVE-2019-0880 | No | Yes | Detected | More Likely | Important | 7.0 | 6.3 |
| Microsoft unistore.dll Information Disclosure Vulnerability | |||||||
| CVE-2019-1091 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Outlook on the web Cross-Site Scripting Vulnerability | |||||||
| ADV190021 | No | No | - | - | Important | ||
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||||
| CVE-2019-1108 | No | No | More Likely | More Likely | Important | 6.5 | 5.9 |
| Remote Desktop Services Remote Code Execution Vulnerability | |||||||
| CVE-2019-0887 | Yes | No | More Likely | More Likely | Important | 8.0 | 7.2 |
| Scripting Engine Memory Corruption Vulnerability | |||||||
| CVE-2019-1056 | No | No | - | - | Critical | 6.4 | 5.8 |
| CVE-2019-1059 | No | No | Less Likely | Less Likely | Critical | 6.4 | 5.8 |
| CVE-2019-1001 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
| CVE-2019-1004 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
| SymCrypt Denial of Service Vulnerability | |||||||
| CVE-2019-0865 | Yes | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
| Team Foundation Server Cross-site Scripting Vulnerability | |||||||
| CVE-2019-1076 | No | No | Less Likely | Less Likely | Important | ||
| Visual Studio Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1077 | No | No | Less Likely | Less Likely | Important | ||
| Visual Studio Information Disclosure Vulnerability | |||||||
| CVE-2019-1079 | No | No | Less Likely | Less Likely | Important | ||
| WCF/WIF SAML Token Authentication Bypass Vulnerability | |||||||
| CVE-2019-1006 | No | No | Less Likely | Less Likely | Important | ||
| Win32k Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1132 | No | Yes | - | - | Important | 7.8 | 7.2 |
| Win32k Information Disclosure Vulnerability | |||||||
| CVE-2019-1096 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Windows Audio Service Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1086 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1087 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| CVE-2019-1088 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows DHCP Server Remote Code Execution Vulnerability | |||||||
| CVE-2019-0785 | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.8 |
| Windows DNS Server Denial of Service Vulnerability | |||||||
| CVE-2019-0811 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
| Windows Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1129 | Yes | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| CVE-2019-1130 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Error Reporting Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1037 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
| Windows GDI Information Disclosure Vulnerability | |||||||
| CVE-2019-1094 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| CVE-2019-1095 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| CVE-2019-1098 | No | No | - | - | Important | 5.5 | 5.0 |
| CVE-2019-1099 | No | No | - | - | Important | 5.5 | 5.0 |
| CVE-2019-1100 | No | No | - | - | Important | 5.5 | 5.0 |
| CVE-2019-1101 | No | No | - | - | Important | 5.5 | 5.0 |
| CVE-2019-1116 | No | No | - | - | Important | 5.5 | 5.0 |
| Windows Hyper-V Denial of Service Vulnerability | |||||||
| CVE-2019-0966 | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
| Windows Kernel Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1067 | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows Kernel Information Disclosure Vulnerability | |||||||
| CVE-2019-1071 | No | No | More Likely | More Likely | Important | 5.5 | 5.0 |
| CVE-2019-1073 | No | No | More Likely | More Likely | Important | 5.5 | 5.0 |
| Windows RPCSS Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1089 | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows WLAN Service Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1085 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows dnsrlvr.dll Elevation of Privilege Vulnerability | |||||||
| CVE-2019-1090 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
--
John Bambenek
bambenek \at\ gmail /dot/ com
ThreatSTOP
×
![modal content]()
Diary Archives
Comments
Anonymous
Jul 9th 2019
5 years ago