Microsoft January 2019 Patch Tuesday
This month we got patches for 49 vulnerabilities total. None of them have been used in the wild, and only one vulnerability has been made public before today.
Particularly interesting is the vulnerability in the DHCP client. This could likely be exploited via a malicious DHCP server, for example in a public WiFi network. Microsoft assigned this vulnerability a CVSS base score of 9.8.
We got a good number of vulnerabilities in the Jet Database Engine. Jet Database vulnerabilities are often exploitable via Office documents. But none of the vulnerabilities are labeled as critical. Only 8 vulnerabilities are labeled as "Critical" this month. The majority of them affects web browsers. But there are also two critical code execution vulnerabilities in HyperV.
See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET Framework Information Disclosure Vulnerability | |||||||
CVE-2019-0545 | No | No | Less Likely | Less Likely | Important | ||
ASP.NET Core Denial of Service Vulnerability | |||||||
CVE-2019-0548 | No | No | Less Likely | Less Likely | Important | ||
CVE-2019-0564 | No | No | - | - | Important | ||
Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2019-0539 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-0567 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-0568 | No | No | - | - | Critical | 4.2 | 3.8 |
January 2019 Adobe Flash Update | |||||||
ADV190001 | No | No | - | - | |||
Jet Database Engine Remote Code Execution Vulnerability | |||||||
CVE-2019-0538 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0575 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0576 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0577 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0578 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0579 | Yes | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0580 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0581 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0582 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0583 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
CVE-2019-0584 | No | No | Unlikely | Unlikely | Important | 7.8 | 7.0 |
Latest Servicing Stack Updates | |||||||
ADV990001 | No | No | - | - | Critical | ||
MSHTML Engine Remote Code Execution Vulnerability | |||||||
CVE-2019-0541 | No | No | More Likely | More Likely | Important | 6.4 | 5.8 |
Microsoft Edge Elevation of Privilege Vulnerability | |||||||
CVE-2019-0566 | No | No | - | - | Important | 4.3 | 3.9 |
Microsoft Edge Memory Corruption Vulnerability | |||||||
CVE-2019-0565 | No | No | - | - | Critical | 4.2 | 3.8 |
Microsoft Exchange Information Disclosure Vulnerability | |||||||
CVE-2019-0588 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Exchange Memory Corruption Vulnerability | |||||||
CVE-2019-0586 | No | No | More Likely | More Likely | Important | ||
Microsoft Office Information Disclosure Vulnerability | |||||||
CVE-2019-0560 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Office SharePoint XSS Vulnerability | |||||||
CVE-2019-0556 | No | No | - | - | Important | ||
CVE-2019-0557 | No | No | - | - | Important | ||
CVE-2019-0558 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Outlook Information Disclosure Vulnerability | |||||||
CVE-2019-0559 | No | No | Less Likely | Less Likely | Important | ||
Microsoft SharePoint Elevation of Privilege Vulnerability | |||||||
CVE-2019-0562 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Visual Studio Information Disclosure Vulnerability | |||||||
CVE-2019-0537 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Windows Elevation of Privilege Vulnerability | |||||||
CVE-2019-0543 | No | No | More Likely | More Likely | Important | 7.8 | 7.8 |
Microsoft Word Information Disclosure Vulnerability | |||||||
CVE-2019-0561 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Word Remote Code Execution Vulnerability | |||||||
CVE-2019-0585 | No | No | Less Likely | Less Likely | Important | ||
Microsoft XmlDocument Elevation of Privilege Vulnerability | |||||||
CVE-2019-0555 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
Skype for Android Elevation of Privilege Vulnerability | |||||||
CVE-2019-0622 | No | No | Less Likely | Less Likely | Moderate | ||
Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2019-0546 | No | No | Less Likely | Less Likely | Moderate | ||
Windows COM Elevation of Privilege Vulnerability | |||||||
CVE-2019-0552 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
Windows DHCP Client Remote Code Execution Vulnerability | |||||||
CVE-2019-0547 | No | No | - | - | Critical | 9.8 | 8.8 |
Windows Data Sharing Service Elevation of Privilege Vulnerability | |||||||
CVE-2019-0571 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.8 |
CVE-2019-0572 | No | No | More Likely | More Likely | Important | 7.8 | 7.8 |
CVE-2019-0573 | No | No | More Likely | More Likely | Important | 7.8 | 7.8 |
CVE-2019-0574 | No | No | More Likely | More Likely | Important | 7.8 | 7.8 |
Windows Hyper-V Remote Code Execution Vulnerability | |||||||
CVE-2019-0550 | No | No | Less Likely | Less Likely | Critical | 7.6 | 6.8 |
CVE-2019-0551 | No | No | Less Likely | Less Likely | Critical | 7.6 | 6.8 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2019-0536 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
CVE-2019-0549 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
CVE-2019-0554 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
CVE-2019-0569 | No | No | More Likely | More Likely | Important | 5.5 | 5.5 |
Windows Runtime Elevation of Privilege Vulnerability | |||||||
CVE-2019-0570 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.8 |
Windows Subsystem for Linux Information Disclosure Vulnerability | |||||||
CVE-2019-0553 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments
https://www.zdnet.com/article/microsofts-killer-windows-7-patch-breaks-networking-bricks-legit-not-genuine-pcs/
"Microsoft's killer Windows 7 patch: Breaks networking, flags legit PCs as 'Not genuine'"
Known issues in this update
After installing this update, some users are reporting the KMS Activation error, “Not Genuine”, 0xc004f200 on Windows 7 devices. We are aware of this incident and are presently investigating it. We will provide an update when available.
Local users who are part of the local “Administrators“ group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing the January 8th, 2019 security updates. This does not affect domain accounts in the local "Administrators" group.
Anonymous
Jan 10th 2019
5 years ago
https://www.bleepingcomputer.com/news/microsoft/windows-kb4480960-and-kb4480970-updates-causing-network-and-license-problems/ .
Anonymous
Jan 11th 2019
5 years ago
https://support.microsoft.com/en-us/help/4480960/windows-server-2008-kb4480960
https://support.microsoft.com/en-us/help/4480970/windows-7-update-kb4480970
https://support.microsoft.com/en-us/help/4487266/activation-failures-and-not-genuine-notifications-on-vl-win-7-kms-clie
https://support.microsoft.com/en-us/help/4487345/update-for-windows-7-sp1-and-windows-server-2008-r2
Anonymous
Jan 14th 2019
5 years ago