Microsoft’s May security release includes updates for 80 vulnerabilities for a number of Microsoft products, including a security update for unsupported operating systems such as Windows XP and Server 2003 not included in the mainstream customer support notification. Of the security vulnerabilities fixed in this release, six are rated Critical, 73 are rated Important or Low, and one separately posted as a mitigating update addressing an imminent “wormable” threat. The release also includes updates for different Microsoft products such as Internet Explorer, Edge, Office, Office Services and Web Apps, Azure DevOps Server, SQL Server, ChakraCore, NuGet, .NET Framework, .NET Core, Team Foundation Server, Visual Studio, Online Services, and Skype for Android. Adobe also released security updates with this month’s Patch Tuesday post.
Microsoft released a security guidance notification for users of outdated Windows operating systems addressing CVE-2019-0708, considering that a number of enterprises continue to use legacy systems for daily operations. While Microsoft noted that it has not been seen in the wild, the vulnerability can be used for RCE attacks via the remote desktop services component of Windows 7, Windows 2003, Windows Server 2008 R2, Windows Server 2008, and Windows XP. An attacker may send customized requests to a targeted system, and the exploit requires no pre-authentication and no user interaction to acquire full user rights, create new accounts, install, change, and delete data. Microsoft notes that this is a mitigating move as future and existing malware can use this flaw to propagate from one system to another, much like the 2017 WannaCry outbreak.
Among the critical security flaws noted were CVE-2019-0953, ADV190013, CVE-2019-7837, and CVE-2019-0708. CVE-2019-0953 is a remote code execution (RCE) vulnerability found in Microsoft Word that can enable escalated privileges to access the system when exploited. ADV190013 addresses four vulnerabilities — CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2018-11091 — that can be exploited through a new subclass of speculative execution side channel flaws known as Microarchitectural Data Sampling (MDS). Attackers may access privileged information across resource environments such as cloud services configurations, and may affect other systems such as Android, Chrome, iOS, Linux and MacOS. CVE-2019-7837 is a critical Adobe Flash Player vulnerability that can be exploited for attacks via arbitrary code execution.
The Trend Micro Deep Security and Vulnerability Protection solutions protect systems and users from threats targeting the vulnerabilities included in this month’s Patch Tuesday release via the following Deep Packet Inspection (DPI) rules:
|1009722||Microsoft Windows Error Reporting Elevation Of Privilege Vulnerability||CVE-2019-0863|
|1009723||Microsoft Windows GDI Information Disclosure Vulnerability||CVE-2019-0882|
|1009724||Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability||CVE-2019-0884|
|1009725||Microsoft Windows OLE Remote Code Execution Vulnerability||CVE-2019-0885|
|1009726||Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability||CVE-2019-0911|
|1009727||Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability||CVE-2019-0918|
|1009729||Microsoft Edge Memory Corruption Vulnerability||CVE-2019-0926|
|1009730||Microsoft Internet Explorer Information Disclosure Vulnerability||CVE-2019-0930|
|1009731||Microsoft Edge Elevation Of Privilege Vulnerability||CVE-2019-0938|
|1009733||Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability||CVE-2019-0940|
|1009740||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 1||CVE-2019-7140, CVE-2019-7141, CVE-2019-7142, CVE-2019-7143, CVE-2019-7144, CVE-2019-7145, CVE-2019-7758, CVE-2019-7759, CVE-2019-7760|
|1009735||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 2||CVE-2019-7761, CVE-2019-7762, CVE-2019-7763, CVE-2019-7764, CVE-2019-7765, CVE-2019-7766, CVE-2019-7767, CVE-2019-7768, CVE-2019-7769|
|1009738||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 3||CVE-2019-7770, CVE-2019-7771, CVE-2019-7772, CVE-2019-7773, CVE-2019-7774, CVE-2019-7775, CVE-2019-7776, CVE-2019-7777, CVE-2019-7778|
|1009736||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 4||CVE-2019-7779, CVE-2019-7780, CVE-2019-7781, CVE-2019-7782, CVE-2019-7783, CVE-2019-7784, CVE-2019-7785, CVE-2019-7786, CVE-2019-7787|
|1009742||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 5||CVE-2019-7788, CVE-2019-7789, CVE-2019-7790, CVE-2019-7791, CVE-2019-7792, CVE-2019-7793, CVE-2019-7794, CVE-2019-7795, CVE-2019-7796|
|1009739||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 6||CVE-2019-7797, CVE-2019-7798, CVE-2019-7799, CVE-2019-7800, CVE-2019-7801, CVE-2019-7802, CVE-2019-7803, CVE-2019-7804, CVE-2019-7805|
|1009737||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 7||CVE-2019-7806, CVE-2019-7807, CVE-2019-7808, CVE-2019-7809, CVE-2019-7810, CVE-2019-7811, CVE-2019-7812, CVE-2019-7814|
|1009741||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 8||CVE-2019-7817, CVE-2019-7818, CVE-2019-7819, CVE-2019-7820, CVE-2019-7821, CVE-2019-7822, CVE-2019-7823, CVE-2019-7825, CVE-2019-7826|
|1009734||Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB19-18) – 9||CVE-2019-7827, CVE-2019-7828, CVE-2019-7829, CVE-2019-7830, CVE-2019-7831, CVE-2019-7832, CVE-2019-7833, CVE-2019-7834, CVE-2019-7835, CVE-2019-7836, CVE-2019-7841|
The post May’s Patch Tuesday Include Fixes for ‘Wormable’ Flaw in Windows XP, Zero-Day Vulnerability appeared first on .