overview - nsfocus · overview microsoft released the january 2019 security patch on tuesday that...

© NSFOCUS 2018 https://www.nsfocusglobal.com

Microsoft's January 2019 Patch Fixes 51 Security Vulnerabilities Threat Alert

Overview

Microsoft released the January 2019 security patch on Tuesday that fixes 51 vulnerabilities ranging from simple spoofing attacks to remote

code execution in various products, including .NET Framework, Adobe Flash Player, Android App, ASP.NET, Internet Explorer, Microsoft

Edge, Microsoft Exchange Server, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine,

Microsoft Windows, Microsoft XML, Servicing Stack Updates, Visual Studio, Windows COM, Windows DHCP Client, Windows Hyper-V,

Windows Kernel, and Windows Subsystem for Linux.

Details can be found in the following table.

Product CVE ID CVE Title Severity Level

.NET Framework CVE-2019-0545

.NET Framework

Information Disclosure

Vulnerability

Important


Adobe Flash Player ADV190001 January 2019 Adobe Flash Update Unknown

Android App CVE-2019-0622 Skype for Android Privilege

Escalation Vulnerability Moderate

ASP.NET CVE-2019-0548 ASP.NET Core Denial-of-Service

Vulnerability Important

ASP.NET CVE-2019-0564 ASP.NET Core Denial-of-Service


Internet Explorer CVE-2019-0541 MSHTML Engine Remote Code

Execution Vulnerability Important

Microsoft Edge CVE-2019-0565 Microsoft Edge Memory

Corruption Vulnerability Critical

Microsoft Edge CVE-2019-0566 Microsoft Edge Privilege

Escalation Vulnerability Important

Microsoft Exchange Server CVE-2019-0586 Microsoft Exchange Memory

Corruption Vulnerability Important


Microsoft Exchange Server CVE-2019-0588

Microsoft Exchange


Vulnerability

Important

Microsoft JET Database Engine CVE-2019-0538 Jet Database Engine Remote Code























Microsoft Office CVE-2019-0585 Microsoft Word Remote Code


Microsoft Office CVE-2019-0559

Microsoft Outlook


Vulnerability

Important



Microsoft Office


Vulnerability

Important


Microsoft Word


Vulnerability

Important

Microsoft Office SharePoint CVE-2019-0556 Microsoft Office SharePoint XSS






Microsoft Office SharePoint CVE-2019-0562 Microsoft SharePoint Privilege


Microsoft Scripting Engine CVE-2019-0539 Chakra Scripting Engine Memory







Microsoft Windows CVE-2019-0543 Microsoft Windows Privilege


Microsoft Windows CVE-2019-0570 Windows Runtime Privilege


Microsoft Windows CVE-2019-0571 Windows Data Sharing Service

Privilege Escalation Vulnerability Important








Microsoft XML CVE-2019-0555 Microsoft XmlDocument Privilege


Servicing Stack Updates ADV990001 Latest Servicing Stack Updates Critical

Visual Studio CVE-2019-0537

Microsoft Visual Studio


Vulnerability

Important

Visual Studio CVE-2019-0546 Visual Studio Remote Code

Execution Vulnerability Moderate

Windows COM CVE-2019-0552 Windows COM Privilege


Windows DHCP Client CVE-2019-0547 Windows DHCP Client Remote

Code Execution Vulnerability Critical


Windows Hyper-V CVE-2019-0550 Windows Hyper-V Remote Code

Execution Vulnerability Critical

Windows Hyper-V CVE-2019-0551 Windows Hyper-V Remote Code

Execution Vulnerability Critical

Windows Kernel CVE-2019-0536

Windows Kernel


Vulnerability

Important


Windows Kernel


Vulnerability

Important


Windows Kernel


Vulnerability

Important


Windows Kernel


Vulnerability

Important


Windows Subsystem for Linux CVE-2019-0553

Windows Subsystem for Linux


Vulnerability

Important

Recommended Mitigation Measure

Microsoft has released the January 2019 security patch to fix these issues. Please install the patch as soon as possible.

Appendix

ADV190001 - January 2019 Adobe Flash Update

CVE ID Vulnerability Description Maximum

Severity Rating

Vulnerability

Impact

ADV190001

MITRE

NVD

CVE Title: January 2019 Adobe Flash Update

Description: Unknown Unknown

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=ADV190001

https://web.nvd.nist.gov/view/vuln/detail?vulnId=ADV190001



Severity Rating

Vulnerability

Impact

This update does not address any security vulnerabilities. For more information, please

see APSB19-01.

Note: Please disregard mentions of security or vulnerability in this advisory. These are

hardcoded titles that we were unable to change for this non-security Adobe Flash update.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00

Information published.

Affected Software

The following tables list the affected software details for the vulnerability.

https://helpx.adobe.com/security/products/flash-player/apsb19-01.html


ADV190001

Product KB Article Severity Impact Supersedence CVSS Score

Set

Restart

Required

Adobe Flash Player on Windows Server 2012

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Adobe Flash Player on Windows 8.1 for 32-bit systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Adobe Flash Player on Windows 8.1 for x64-based

systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Adobe Flash Player on Windows Server 2012 R2

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Adobe Flash Player on Windows RT 8.1

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4480979











ADV190001

Adobe Flash Player on Windows 10 for 32-bit Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Adobe Flash Player on Windows 10 for x64-based

Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Adobe Flash Player on Windows 10 Version 1607 for 32-

bit Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Adobe Flash Player on Windows 10 Version 1607 for

x64-based Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


bit Systems

4480979

Update

4471331 Base: N/A

Temporal: Yes














ADV190001

N/A

Vector: N/A


x64-based Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


bit Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


x64-based Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


bit Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


x64-based Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes












ADV190001


ARM64-based Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


bit Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


x64-based Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


ARM64-based Systems

4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


4480979

Update

4471331

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


ARM64-based Systems

4480979

Update

4471331 Base: N/A

Temporal: Yes














ADV190001

N/A

Vector: N/A

ADV990001 - Latest Servicing Stack Updates

CVE ID Vulnerability Description

Maximum

Severity

Rating

Vulnerability

Impact

ADV990001

MITRE

NVD

CVE Title: Latest Servicing Stack Updates

Description:

This is a list of the latest servicing stack updates for each operating sytem. This list will be

updated whenever a new servicing stack update is released. It is important to install the latest

servicing stack update.

FAQ:

1. Why are all of the Servicing Stack Updates (SSU) critical updates?

The SSUs are classified as Critical updates. This does not indicate that there is a critical

vulnerability being addressed in the update.

2. When was the most recent SSU released for each version of Microsoft Windows?

Critical Defense

in Depth

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=ADV990001

https://web.nvd.nist.gov/view/vuln/detail?vulnId=ADV990001



Maximum

Severity

Rating

Vulnerability

Impact

Please refer to the following table for the most recent SSU release. We will update the entries

any time a new SSU is released:

Product SSU Package Date Released

Windows Server 2008 955430 May 2009

Windows 7/Server 2008 R2 3177467 October 2018

Windows Server 2012 3173426 July 2016

Windows 8.1/Server 2012 R2 3173424 July 2016

Windows 10 4093430 April 2018

Windows 10 Version 1607/Server 2016 4465659 November 2018

Windows 10 Version 1703 4486458 January 2019

Windows 10 1709/Windows Server, version 1709 4477136 December 2018

Windows 10 1803/Windows Server, version 1803 4477137 December 2018

Windows 10 1809/Server 2019 4470788 December 2018

Mitigations:

None

Workarounds:

None



Maximum

Severity

Rating

Vulnerability

Impact

Revision:

2.0 12/05/2018 08:00:00

A Servicing Stack Update has been released for Windows 10 Version 1809 and Windows

Server 2019. See the FAQ section for more information.

1.0 11/13/2018 08:00:00


1.1 11/14/2018 08:00:00

Corrected the link to the Windows Server 2008 Servicing Stack Update. This is an

informational change only.

2.0 12/05/2018 08:00:00

A Servicing Stack Update has been released for Windows 10 Version 1809 and Windows

Server 2019. See the FAQ section for more information.

4.0 01/08/2019 08:00:00

A Servicing Stack Update has been released for Windows 10 Version 1703. See the FAQ

section for more information.

1.2 12/03/2018 08:00:00

FAQs have been added to further explain Security Stack Updates. The FAQs include a table

that indicates the most recent SSU release for each Windows version. This is an informational

change only.



Maximum

Severity

Rating

Vulnerability

Impact

3.1 12/11/2018 08:00:00

Updated supersedence information. This is an informational change only.

3.0 12/11/2018 08:00:00

A Servicing Stack Update has been released for Windows 10 Version 1709, Windows Server,

version 1709 (Server Core Installation), Windows 10 Version 1803, and Windows Server,

version 1803 (Server Core Installation). See the FAQ section for more information.

3.2 12/12/2018 08:00:00

Fixed a typo in the FAQ.

Affected Software


ADV990001


Set

Restart

Required


ADV990001

Windows 7 for 32-bit Systems Service Pack 1

3177467 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows 7 for x64-based Systems Service Pack

1

3177467 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2008 R2 for x64-based Systems

Service Pack 1 (Server Core installation)

3177467 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2008 R2 for Itanium-Based

Systems Service Pack 1

3177467 Service

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2008 R2 for x64-based Systems

Service Pack 1

3177467 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2008 for 32-bit Systems Service

Pack 2 (Server Core installation)

955430 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal: Yes














ADV990001

N/A

Vector: N/A

Windows Server 2012

3173426 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2012 (Server Core installation)

3173426 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows 8.1 for 32-bit systems

3173424 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows 8.1 for x64-based systems

3173424 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2012 R2

3173424 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes












ADV990001

Windows Server 2012 R2 (Server Core

installation)

3173424 Servicing

Stack Update

Critical Defense

in Depth

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows 10 for 32-bit Systems

4093430 Servicing

Stack Update

Critical Defense

in Depth 4021701

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows 10 for x64-based Systems

4093430 Servicing

Stack Update

Critical Defense

in Depth 4021701

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2016

4465659 Servicing

Stack Update

Critical Defense

in Depth 4132216

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows 10 Version 1607 for 32-bit Systems

4465659 Servicing

Stack Update

Critical Defense

in Depth 4132216

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows 10 Version 1607 for x64-based

Systems

4465659 Servicing

Stack Update

Critical Defense

in Depth 4132216

Base: N/A

Temporal: Yes














ADV990001

N/A

Vector: N/A


4465659 Servicing

Stack Update

Critical Defense

in Depth 4132216

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


4486458 Servicing

Stack Update

Critical Defense

in Depth 4465660

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


Systems

4486458 Servicing

Stack Update

Critical Defense

in Depth 4465660

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


4477136 Servicing

Stack Update

Critical Defense

in Depth 4465661

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


Systems

4477136 Servicing

Stack Update

Critical Defense

in Depth 4465661

Base: N/A

Temporal:

N/A

Vector: N/A

Yes












ADV990001

Windows Server, version 1709 (Server Core

Installation)

4477136 Servicing

Stack Update

Critical Defense

in Depth 4465661

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


4477137 Servicing

Stack Update

Critical Defense

in Depth 4465663

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


Systems

4477137 Servicing

Stack Update

Critical Defense

in Depth 4465663

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server, version 1803 (Server Core

Installation)

4477137 Servicing

Stack Update

Critical Defense

in Depth 4465663

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows 10 Version 1803 for ARM64-based

Systems

4477137 Servicing

Stack Update

Critical Defense

in Depth 4465663

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


4470788 Servicing

Stack Update

Critical Defense

in Depth 4465664

Base: N/A

Temporal: Yes














ADV990001

N/A

Vector: N/A


Systems

4470788 Servicing

Stack Update

Critical Defense

in Depth 4465664

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


Systems

4470788 Servicing

Stack Update

Critical Defense

in Depth 4465664

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2019

4470788 Servicing

Stack Update

Critical Defense

in Depth 4465664

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


4470788 Servicing

Stack Update

Critical Defense

in Depth 4465664

Base: N/A

Temporal:

N/A

Vector: N/A

Yes


Systems

4477136 Servicing

Stack Update

Critical Defense

in Depth 4465661

Base: N/A

Temporal:

N/A

Vector: N/A

Yes












ADV990001

Windows Server 2008 for Itanium-Based


955430 Servicing

Stack Update

Critical Defense

in Depth 4465661

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2008 for 32-bit Systems Service

Pack 2

955430 Servicing

Stack Update

Critical Defense

in Depth 4465661

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2008 for x64-based Systems

Service Pack 2

955430 Servicing

Stack Update

Critical Defense

in Depth 4465661

Base: N/A

Temporal:

N/A

Vector: N/A

Yes

Windows Server 2008 for x64-based Systems

Service Pack 2 (Server Core installation)

955430 Servicing

Stack Update

Critical Defense

in Depth 4465661

Base: N/A

Temporal:

N/A

Vector: N/A

Yes










CVE-2019-0536 - Windows Kernel Information Disclosure Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0536

MITRE

NVD

CVE Title: Windows Kernel Information Disclosure Vulnerability

Description:

An information disclosure vulnerability exists when the Windows kernel improperly handles

objects in memory. An attacker who successfully exploited this vulnerability could obtain

information to further compromise the user's system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a

specially crafted application. The vulnerability would not allow an attacker to execute code or to

elevate user rights directly, but it could be used to obtain information that could be used to try to

further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in

memory.

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this

vulnerability is uninitialized memory.

Important Information Disc

losure

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0536

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0536



Severity Rating

Vulnerability

Impact

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0536

Product KB

Article Severity Impact Supersedence CVSS Score Set

Restart

Required

Windows 7

for 32-bit

4480960

Security Important

Information

Disclosure 4471318

Base: 4.7

Temporal: 4.2 Yes




CVE-2019-0536

Systems

Service

Pack 1

Only

4480970

Monthly

Rollup

Vector:

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/R

C:C

Windows 7

for x64-

based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup

Important Information

Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service

Pack 1

(Server

Core

installation)

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes


















CVE-2019-0536

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service

Pack 2

(Server

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes




















CVE-2019-0536

Core

installation)

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup


Disclosure 4471330

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

(Server

Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup


Disclosure 4471330

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

8.1 for 32-

bit systems

4480964

Security

Only

4480963

Monthly

Rollup


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes




















CVE-2019-0536

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:

Yes


















CVE-2019-0536

Core

installation)

Security

Only


C:C

Windows

10 for 32-

bit Systems

4480962

Security

Update


Disclosure 4483228

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 for x64-

based

Systems

4480962

Security

Update


Disclosure 4483228

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update


Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1607 for 32-

bit Systems

4480961

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes
















CVE-2019-0536

Windows

10 Version

1607 for

x64-based

Systems

4480961

Security

Update


Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2016

(Server

Core

installation)

4480961

Security

Update


Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1703 for 32-

bit Systems

4480973

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1703 for

x64-based

Systems

4480973

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

4480978

Security Important

Information

Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:

Yes
















CVE-2019-0536

1709 for 32-

bit Systems

Update


C:C

Windows

10 Version

1709 for

x64-based

Systems

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server,

version

1709

(Server

Core

Installation)

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for 32-

bit Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:

Yes















CVE-2019-0536

x64-based

Systems


C:C

Windows

Server,

version

1803

(Server

Core

Installation)

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for

ARM64-

based

Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1809 for 32-

bit Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1809 for

4480116

Security Important

Information

Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:

Yes













CVE-2019-0536

x64-based

Systems

Update


C:C

Windows

10 Version

1809 for

ARM64-

based

Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2019

(Server

Core

installation)

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1709 for

ARM64-

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes















CVE-2019-0536

based

Systems

Windows

Server 2008

for Itanium-

Based

Systems

Service

Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service

Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service

Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes




















CVE-2019-0536

Windows

Server 2008

for x64-

based

Systems

Service

Pack 2

(Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

CVE-2019-0537 - Microsoft Visual Studio Information Disclosure

Vulnerability


Maximum

Severity

Rating

Vulnerability

Impact

CVE-

2019-

0537

CVE Title: Microsoft Visual Studio Information Disclosure Vulnerability

Description: Important

Information Disc

losure









Maximum

Severity

Rating

Vulnerability

Impact

MITRE

NVD

An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary

file contents if the victim opens a malicious .vscontent file. An attacker who took advantage of

this information disclosure could view arbitrary file contents from the computer where the victim

launched Visual Studio.

To take advantage of the vulnerability, an attacker would need to trick a user into opening a

malicious .vscontent file using a vulnerable version of Visual Studio. An attacker would have

no way to force a developer to produce this information disclosure.

The security update addresses the vulnerability by correcting how Visual Studio loads .vscontent

files.

FAQ:



vulnerability is unauthorized file system access - reading from file system.

Mitigations:

None

Workarounds:





Maximum

Severity

Rating

Vulnerability

Impact

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0537


Set

Restart

Required

Microsoft Visual Studio 2010

Service Pack 1

4476698 Security

Update

Important Information Disclos

ure

Base: N/A

Temporal: N/A

Vector: N/A

Maybe


Update 5

4476755 Security

Update

Important Information Disclos

ure

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

https://aka.ms/vs/10/release/4476698





CVE-2019-0538 - Jet Database Engine Remote Code Execution

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0538

MITRE

NVD

CVE Title: Jet Database Engine Remote Code Execution Vulnerability

Description:

A remote code execution vulnerability exists when the Windows Jet Database Engine

improperly handles objects in memory. An attacker who successfully exploited this

vulnerability could execute arbitrary code on a victim system.

An attacker could exploit this vulnerability by enticing a victim to open a specially crafted

file.

The update addresses the vulnerability by correcting the way the Windows Jet Database

Engine handles objects in memory.

FAQ:

None

Mitigations:

None

Workarounds:

Important Remote Code

Execution





Severity Rating

Vulnerability

Impact

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0538

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/R

C:C

Yes








CVE-2019-0538

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

Core

installation)

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for

Itanium-

Based

Systems

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0538

Service Pack

1

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0538

Rollup

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0538

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

Core

installation)

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:

Yes

















CVE-2019-0538


C:C

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0538

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for 32-

bit Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0538

x64-based

Systems

Update


C:C

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0538

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0538

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

















CVE-2019-0538

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0539 - Chakra Scripting Engine Memory Corruption

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0539

MITRE

NVD

CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability

Description:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles

objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way

that an attacker could execute arbitrary code in the context of the current user. An attacker who

successfully exploited the vulnerability could gain the same user rights as the current user. If the

current user is logged on with administrative user rights, an attacker who successfully exploited

the vulnerability could take control of an affected system. An attacker could then install

programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is

designed to exploit the vulnerability through Microsoft Edge and then convince a user to view

the website. The attacker could also take advantage of compromised websites and websites that

accept or host user-provided content or advertisements. These websites could contain specially

crafted content that could exploit the vulnerability.

Critical Remote Code

Execution





Severity Rating

Vulnerability

Impact

The security update addresses the vulnerability by modifying how the Chakra scripting engine

handles objects in memory.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0539

Product KB


Restart

Required

Microsoft

Edge on

Windows 10

for 32-bit

Systems

4480962

Security

Update

Critical

Remote

Code

Execution

4483228

Base: 4.2

Temporal: 3.8

Vector:

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/R

C:C

Yes

Microsoft

Edge on

Windows 10

for x64-

based

Systems

4480962

Security

Update

Critical

Remote

Code

Execution

4483228

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

Server 2016

4480961

Security

Update

Moderate

Remote

Code

Execution

4471321

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

4480961

Security

Update

Critical

Remote

Code

Execution

4483229

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes














CVE-2019-0539

1607 for 32-

bit Systems

Microsoft

Edge on

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Critical

Remote

Code

Execution

4471321

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Critical

Remote

Code

Execution

4483229

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Critical

Remote

Code

Execution

4483229

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes











CVE-2019-0539

Microsoft

Edge on

Windows 10

Version

1709 for 32-

bit Systems

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:

Yes














CVE-2019-0539

1803 for

x64-based

Systems


C:C

Microsoft

Edge on

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1809 for

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes











CVE-2019-0539

x64-based

Systems

Microsoft

Edge on

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

Server 2019

4480116

Security

Update

Moderate

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes











CVE-2019-0539

ChakraCore

Release

Notes

Security

Update

Critical

Remote

Code

Execution

4483232

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

CVE-2019-0541 - MSHTML Engine Remote Code Execution

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0541

MITRE

NVD

CVE Title: MSHTML Engine Remote Code Execution Vulnerability

Description:

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly

validates input.

An attacker could execute arbitrary code in the context of the current user. If the current user is

logged on with administrative user rights, an attacker who successfully exploited the

vulnerability could take control of an affected system. An attacker could then install programs;

view, change, or delete data; or create new accounts with full user rights.


Execution

https://github.com/Microsoft/ChakraCore/releases/tag/v1.11.5








Severity Rating

Vulnerability

Impact

In a HTML editing attack scenario, an attacker could trick a user into editing a specially crafted

file that is designed to exploit the vulnerability.

The security update addresses the vulnerability by modifying how MSHTML engine validates

input.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0541

Product KB Article Severity Impact Supersedence CVSS Score Set Restart

Required

Microsoft

Excel

Viewer

2007

Service

Pack 3

2596760

Security

Update

Important

Remote

Code

Execution

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

Internet

Explorer

9 on

Windows

Server

2008 for

32-bit

Systems

Service

Pack 2

4480965 IE

Cumulative

4480968

Monthly

Rollup

Low

Remote

Code

Execution

4471325

Base: 6.4

Temporal: 5.8

Vector:

CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/R

C:C

Yes

Internet

Explorer

9 on

Windows

Server

4480965 IE

Cumulative

4480968

Monthly

Low

Remote

Code

Execution

4471325

Base: 6.4

Temporal: 5.8

Vector:


C:C

Yes

https://www.microsoft.com/downloads/details.aspx?familyid=38c00fb3-bf6b-4ab8-84c2-7c09c644d4f9













CVE-2019-0541

2008 for

x64-based

Systems

Service

Pack 2

Rollup

Internet

Explorer

11 on

Windows

7 for 32-

bit

Systems

Service

Pack 1

4480970

Monthly

Rollup

4480965 IE

Cumulative

Important

Remote

Code

Execution

4483187

Base: 7.5

Temporal: 6.7

Vector:

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/R

C:C

Yes

Internet

Explorer

11 on

Windows

7 for x64-

based

Systems

Service

Pack 1

4480965 IE

Cumulative

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes













CVE-2019-0541

Internet

Explorer

11 on

Windows

Server

2008 R2

for x64-

based

Systems

Service

Pack 1

4480965 IE

Cumulative

4480970

Monthly

Rollup

Low

Remote

Code

Execution

4471318

Base: 6.4

Temporal: 5.8

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

8.1 for

32-bit

systems

4480963

Monthly

Rollup

4480965 IE

Cumulative

Important

Remote

Code

Execution

4483187

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

8.1 for

4480963

Monthly

Rollup

4480965 IE

Important

Remote

Code

Execution

4483187

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes
















CVE-2019-0541

x64-based

systems

Cumulative

Internet

Explorer

11 on

Windows

Server

2012 R2

4480963

Monthly

Rollup

4480965 IE

Cumulative

Low

Remote

Code

Execution

4483187

Base: 6.4

Temporal: 5.8

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10 for 32-

bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

4480962

Security Important

Remote

Code

Execution

4483228

Base: 7.5

Temporal: 6.7

Vector:

Yes













CVE-2019-0541

Windows

10 for

x64-based

Systems

Update


C:C

Internet

Explorer

11 on

Windows

Server

2016

4480961

Security

Update

Low

Remote

Code

Execution

4471321

Base: 6.4

Temporal: 5.8

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10

Version

1607 for

32-bit

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.5

Temporal: 6.7

Vector:

Yes












CVE-2019-0541

10

Version

1607 for

x64-based

Systems


C:C

Internet

Explorer

11 on

Windows

10

Version

1703 for

32-bit

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes








CVE-2019-0541

Internet

Explorer

11 on

Windows

10

Version

1709 for

32-bit

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes











CVE-2019-0541

Version

1803 for

32-bit

Systems

Internet

Explorer

11 on

Windows

10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes








CVE-2019-0541

Internet

Explorer

11 on

Windows

10

Version

1809 for

32-bit

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes











CVE-2019-0541

Version

1809 for

ARM64-

based

Systems

Internet

Explorer

11 on

Windows

Server

2019

4480116

Security

Update

Low

Remote

Code

Execution

4483235

Base: 6.4

Temporal: 5.8

Vector:


C:C

Yes

Internet

Explorer

11 on

Windows

10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.5

Temporal: 6.7

Vector:


C:C

Yes








CVE-2019-0541

Microsoft

Office

2010

Service

Pack 2

(32-bit

editions)

2553332

Security

Update

Important

Remote

Code

Execution

4483232

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

Microsoft

Office

2010

Service

Pack 2

(64-bit

editions)

2553332

Security

Update

Important

Remote

Code

Execution

4483232

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

Internet

Explorer

10 on

Windows

Server

2012

4480975

Monthly

Rollup

4480965 IE

Cumulative

Low

Remote

Code

Execution

4483187

Base: 6.4

Temporal: 5.8

Vector:


C:C

Yes

Microsoft

Office

2013

3172522

Security Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=40637cf1-885c-4297-a267-d9b1224f30fc



https://www.microsoft.com/downloads/details.aspx?familyid=0e66fa23-10c1-486b-9380-3542eebf9987








https://www.microsoft.com/downloads/details.aspx?familyid=8275a96a-e226-4e0d-8ac9-1a1b58c966ef



CVE-2019-0541

Service

Pack 1

(32-bit

editions)

Update

Microsoft

Office

2013

Service

Pack 1

(64-bit

editions)

3172522

Security

Update

Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

Microsoft

Office

2013 RT

Service

Pack 1

3172522

Security

Update

Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

Microsoft

Office

2016 (32-

bit

edition)

4022162

Security

Update

Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

Maybe


https://www.microsoft.com/downloads/details.aspx?familyid=565310c4-e9df-450c-89b5-5be70127c4db



https://www.microsoft.com/downloads/details.aspx?familyid=923547e5-d535-4d4e-b295-f18355f9c868




CVE-2019-0541

Microsoft

Office

2016 (64-

bit

edition)

4022162

Security

Update

Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

Microsoft

Office

2019 for

32-bit

editions

Click to

Run

Security

Update

Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

No

Microsoft

Office

2019 for

64-bit

editions

Click to

Run

Security

Update

Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

No

Office

365

ProPlus

for 32-bit

Systems

Click to

Run

Security

Update

Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

No

Office

365

ProPlus

Click to

Run

Security

Important

Remote

Code

Execution

4483187

Base: N/A

Temporal: N/A

Vector: N/A

No

https://www.microsoft.com/downloads/details.aspx?familyid=b6eb3d57-4e5e-4ccd-951b-e945f2b971e5




CVE-2019-0541

for 64-bit

Systems

Update

Microsoft

Office

Word

Viewer

4462112

Security

Update

Important

Remote

Code

Execution

4092433

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

CVE-2019-0543 - Microsoft Windows Elevation of Privilege Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0543

MITRE

NVD

CVE Title: Microsoft Windows Elevation of Privilege Vulnerability

Description:

An elevation of privilege vulnerability exists when Windows improperly handles

authentication requests. An attacker who successfully exploited this vulnerability could run

processes in an elevated context.

An attacker could exploit this vulnerability by running a specially crafted application on the

victim system.

The update addresses the vulnerability by correcting the way Windows handles

authentication requests.

Important Elevation of

Privilege

https://www.microsoft.com/downloads/details.aspx?familyid=69bd0e31-cc23-4cda-87ab-5970bbaf2d9b







Severity Rating

Vulnerability

Impact

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0543


Required


CVE-2019-0543

Windows 7 for 32-bit


4480960

Security

Only

4480970

Monthly

Rollup

Important Elevation

of Privilege 4471318

Base: 7.8

Temporal: 7.8

Vector:

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:

H

Yes

Windows 7 for x64-

based Systems Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2008

R2 for x64-based


(Server Core

installation)

4480960

Security

Only

4480970

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes




















CVE-2019-0543

Windows Server 2008

R2 for Itanium-Based


4480960

Security

Only

4480970

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2008

R2 for x64-based


4480960

Security

Only

4480970

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2008

for 32-bit Systems

Service Pack 2 (Server

Core installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2012 4480972

Security Important

Elevation


Base: 7.8

Temporal: 7.8 Yes






















CVE-2019-0543

Only

4480975

Monthly

Rollup

Vector:


H

Windows Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 8.1 for x64-

based systems

4480963

Monthly

Rollup

4480964

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:

Yes






















CVE-2019-0543

Security

Only


H

Windows Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows RT 8.1

4480963

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2012

R2 (Server Core

installation)

4480963

Monthly

Rollup

4480964

Security

Only

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes



















CVE-2019-0543


Systems

4480962

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 for x64-

based Systems

4480962

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2016

4480961

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for 32-bit Systems

4480961

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for x64-based

Systems

4480961

Security Important

Elevation


Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0543

Update


H

Windows Server 2016

(Server Core

installation)

4480961

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version


4480973

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1703 for x64-based

Systems

4480973

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version


4480978

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0543

Windows 10 Version

1709 for x64-based

Systems

4480978

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,

version 1709 (Server

Core Installation)

4480978

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version


4480966

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for x64-based

Systems

4480966

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480966

Security Important

Elevation


Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0543

Update


H

Windows 10 Version

1803 for ARM64-based

Systems

4480966

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version


4480116

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for x64-based

Systems

4480116

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version


Systems

4480116

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0543

Windows Server 2019

4480116

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2019

(Server Core

installation)

4480116

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version


Systems

4480978

Security

Update

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2008

for Itanium-Based


4480957

Security

Only

4480968

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

















CVE-2019-0543

Windows Server 2008

for 32-bit Systems

Service Pack 2

4480957

Security

Only

4480968

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2008

for x64-based Systems

Service Pack 2

4480957

Security

Only

4480968

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server 2008

for x64-based Systems

Service Pack 2 (Server

Core installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important Elevation


Base: 7.8

Temporal: 7.8

Vector:


H

Yes




















CVE-2019-0545 - .NET Framework Information Disclosure Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-0545

MITRE

NVD

CVE Title: .NET Framework Information Disclosure Vulnerability

Description:

An information disclosure vulnerability exists in .NET Framework and .NET

Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations.

An attacker who successfully exploited the vulnerability could retrieve content, that is

normally restricted, from a web application.

The security update addresses the vulnerability by enforcing CORS configuration to

prevent its bypass.

FAQ:



vulnerability is search criteria.

Mitigations:

None

Important Information Disclo

sure





Severity Rating

Vulnerability

Impact

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0545

Product KB Article Severity Impact Supersedence CVSS

Score Set

Restart

Required

Microsoft .NET Framework 4.5.2 on Windows 7 for

32-bit Systems Service Pack 1

4480059

Monthly

Rollup

4480076

Security

Important Information Di

sclosure

4471987,

3142033, 2972107

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe







CVE-2019-0545

Only


x64-based Systems Service Pack 1

4480059

Monthly

Rollup

4480076

Security

Only


sclosure

4471987,

3142033, 2972107

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 4.5.2 on Windows Server

2008 R2 for x64-based Systems Service Pack 1 (Server

Core installation)

4480059

Monthly

Rollup

4480076

Security

Only


sclosure

4471987,

3142033, 2972107

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2008 R2 for x64-based Systems Service Pack 1

4480059

Monthly

Rollup

4480076

Security

Only


sclosure

4471987,

3142033, 2972107

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe





















CVE-2019-0545


2012

4480075

Security

Only

4480058

Monthly

Rollup


sclosure

4461988,

3142032, 2978042

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2012 (Server Core installation)

4480075

Security

Only

4480058

Monthly

Rollup


sclosure

4461988,

3142032, 2978042

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 4.5.2 on Windows 8.1 for

32-bit systems

4480074

Security

Only

4480057

Monthly

Rollup


sclosure

4461989,

3142030, 2978041

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 4.5.2 on Windows 8.1 for

x64-based systems

4480074

Security Important

Information Di

sclosure

4461989,

3142030, 2978041

Base: N/A

Temporal: Maybe






















CVE-2019-0545

Only

4480057

Monthly

Rollup

N/A

Vector:

N/A


2012 R2

4480074

Security

Only

4480057

Monthly

Rollup


sclosure

4461989,

3142030, 2978041

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 4.5.2 on Windows RT 8.1

4480057

Monthly

Rollup


sclosure

4461989,

3142030, 2978041

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2012 R2 (Server Core installation)

4480074

Security

Only

4480057

Monthly


sclosure

4461989,

3142030, 2978041

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe




















CVE-2019-0545

Rollup


2008 for 32-bit Systems Service Pack 2

4480076

Security

Only

4480059

Monthly

Rollup


sclosure

4461990,

3142033, 2972107

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2008 for x64-based Systems Service Pack 2

4480076

Security

Only

4480059

Monthly

Rollup


sclosure

4461990,

3142033, 2972107

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 4.6 on Windows Server

2008 for 32-bit Systems Service Pack 2

4480072

Security

Only

4480055

Monthly

Rollup


sclosure 4471990, 3142037

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe





















CVE-2019-0545


2008 for x64-based Systems Service Pack 2

4480072

Security

Only

4480055

Monthly

Rollup


sclosure 4471990, 3142037

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 4.7.2 on Windows 10

Version 1803 for 32-bit Systems

4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes


Version 1803 for x64-based Systems

4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes

Microsoft .NET Framework 4.7.2 on Windows Server,

version 1803 (Server Core Installation)

4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes

















CVE-2019-0545


Version 1803 for ARM64-based Systems

4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480056

Monthly

Rollup


sclosure 4470502

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe



4480056

Monthly

Rollup


sclosure 4470502

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2019

4480056

Monthly

Rollup


sclosure 4470502

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe



4480056

Monthly Important

Information Di

sclosure 4470502

Base: N/A

Temporal:

N/A

Maybe
















CVE-2019-0545

Rollup

Vector:

N/A

Microsoft .NET Framework 4.6/4.6.1/4.6.2 on

Windows 10 for 32-bit Systems

4480962

Security

Update


sclosure 4483228

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes


Windows 10 for x64-based Systems

4480962

Security

Update


sclosure 4483228

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes

Microsoft .NET Framework

4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for 32-bit


4480055

Monthly

Rollup

4480072

Security

Only


sclosure 4471987, 3142037

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for x64-

based Systems Service Pack 1

4480055

Monthly

Rollup

4480072


sclosure 4471987, 3142037

Base: N/A

Temporal:

N/A

Maybe



















CVE-2019-0545

Security

Only

Vector:

N/A


4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server


Core installation)

4480055

Monthly

Rollup

4480072

Security

Only


sclosure 4471987, 3142037

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe




4480055

Monthly

Rollup

4480072

Security

Only


sclosure 4471987, 3142037

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe



2012

4480070

Security

Only

4480051

Monthly


sclosure 4471988

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe





















CVE-2019-0545

Rollup




4480070

Security

Only

4480051

Monthly

Rollup


sclosure 4471988

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for 32-

bit systems

4480071

Security

Only

4480054

Monthly

Rollup


sclosure 4471989

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for x64-

based systems

4480071

Security

Only

4480054

Monthly

Rollup


sclosure 4471989

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe





















CVE-2019-0545



2012 R2

4480071

Security

Only

4480054

Monthly

Rollup


sclosure 4471989

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1

4480054

Monthly

Rollup


sclosure 4471989

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe




4480071

Security

Only

4480054

Monthly

Rollup


sclosure 4471989

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on

Windows Server 2016

4480961

Security

Update


sclosure 4471321

Base: N/A

Temporal:

N/A

Yes




















CVE-2019-0545

Vector:

N/A



4480961

Security

Update


sclosure 4483229

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes


Windows 10 Version 1607 for x64-based Systems

4480961

Security

Update


sclosure 4471321

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480961

Security

Update


sclosure 4471321

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480973

Security

Update


sclosure 4483229

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes














CVE-2019-0545


Windows 10 Version 1703 for x64-based Systems

4480973

Security

Update


sclosure 4483229

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes

Microsoft .NET Framework 4.7.1/4.7.2 on Windows

10 Version 1709 for 32-bit Systems

4480978

Security

Update


sclosure 4483232

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes


10 Version 1709 for x64-based Systems

4480978

Security

Update


sclosure 4483232

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes


Server, version 1709 (Server Core Installation)

4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes


10 Version 1709 for ARM64-based Systems

4480978

Security Important

Information Di

sclosure 4483232

Base: N/A

Temporal:

N/A

Yes
















CVE-2019-0545

Update

Vector:

N/A

.NET Core 2.1

Release

Notes

Security

Update


sclosure 4483232

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

.NET Core 2.2

Release

Notes

Security

Update


sclosure 4483232

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2012

4480083

Security

Only

4480061

Monthly

Rollup


sclosure 4471988, 3142025

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe



4480083

Security

Only

4480061


sclosure 4471988, 3142025

Base: N/A

Temporal:

N/A

Maybe


https://dotnet.microsoft.com/download/dotnet-core/2.1



















CVE-2019-0545

Monthly

Rollup

Vector:

N/A

Microsoft .NET Framework 3.5 on Windows 8.1 for

32-bit systems

4480086

Security

Only

4480064

Monthly

Rollup


sclosure 4467226; 4471983

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 3.5 on Windows 8.1 for

x64-based systems

4480086

Security

Only

4480064

Monthly

Rollup


sclosure 4467226; 4471983

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2012 R2

4480086

Security

Only

4480064

Monthly


sclosure 4467226; 4471983

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe





















CVE-2019-0545

Rollup



4480086

Security

Only

4480064

Monthly

Rollup


sclosure 4467226; 4471983

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe

Microsoft .NET Framework 3.5 on Windows 10 for

32-bit Systems

4480962

Security

Update


sclosure 4483228

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes

Microsoft .NET Framework 3.5 on Windows 10 for

x64-based Systems

4480962

Security

Update


sclosure 4483228

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes


2016

4480961

Security

Update


sclosure 4471321

Base: N/A

Temporal:

N/A

Yes


















CVE-2019-0545

Vector:

N/A

Microsoft .NET Framework 3.5 on Windows 10


4480961

Security

Update


sclosure 4483229

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480961

Security

Update


sclosure 4471321

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480961

Security

Update


sclosure 4471321

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480973

Security

Update


sclosure 4483229

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes














CVE-2019-0545



4480973

Security

Update


sclosure 4483229

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480978

Security

Update


sclosure 4483232

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480978

Security

Update


sclosure 4483232

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes

Microsoft .NET Framework 3.5 on Windows Server,


4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480966

Security Important

Information Di

sclosure 4483234

Base: N/A

Temporal:

N/A

Yes
















CVE-2019-0545

Update

Vector:

N/A



4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes

Microsoft .NET Framework 3.5 on Windows Server,


4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480966

Security

Update


sclosure 4483234

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes



4480056

Monthly

Rollup


sclosure 4470502

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe















CVE-2019-0545



4480056

Monthly

Rollup


sclosure 4470502

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2019

4480056

Monthly

Rollup


sclosure 4470502

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe



4480056

Monthly

Rollup


sclosure 4470502

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe



4480978

Security

Update


sclosure 4483232

Base: N/A

Temporal:

N/A

Vector:

N/A

Yes

Microsoft .NET Framework 3.0 Service Pack 2 on

Windows Server 2008 for Itanium-Based Systems

Service Pack 2

4480084

Security

Only


sclosure 4471990

Base: N/A

Temporal:

N/A

Maybe

















CVE-2019-0545

4480062

Monthly

Rollup

Vector:

N/A


Windows Server 2008 for 32-bit Systems Service Pack

2

4480084

Security

Only

4480062

Monthly

Rollup


sclosure 4471990

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


Windows Server 2008 for x64-based Systems Service

Pack 2

4480084

Security

Only

4480062

Monthly

Rollup


sclosure 4471990

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


Windows Server 2008 for Itanium-Based Systems

Service Pack 2

4480084

Security

Only

4480062

Monthly


sclosure 4471990

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe






















CVE-2019-0545

Rollup


Windows Server 2008 for 32-bit Systems Service Pack

2

4480084

Security

Only

4480062

Monthly

Rollup


sclosure 4471990

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


Windows Server 2008 for x64-based Systems Service

Pack 2

4480084

Security

Only

4480062

Monthly

Rollup


sclosure 4471990

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


32-bit Systems Service Pack 1

4480085

Security

Only

4480063

Monthly

Rollup


sclosure 4471987, 3142024

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe





















CVE-2019-0545


x64-based Systems Service Pack 1

4480085

Security

Only

4480063

Monthly

Rollup


sclosure 4471987, 3142024

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe



Core installation)

4480085

Security

Only

4480063

Monthly

Rollup


sclosure 4471987, 3142024

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe


2008 R2 for Itanium-Based Systems Service Pack 1

4480085

Security

Only

4480063

Monthly

Rollup


sclosure 4471987, 3142024

Base: N/A

Temporal:

N/A

Vector:

N/A

Maybe



4480085

Security Important

Information Di

sclosure 4471987, 3142024

Base: N/A

Temporal: Maybe






















CVE-2019-0545

Only

4480063

Monthly

Rollup

N/A

Vector:

N/A

CVE-2019-0546 - Visual Studio Remote Code Execution Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0546

MITRE

NVD

CVE Title: Visual Studio Remote Code Execution Vulnerability

Description:

A remote code execution vulnerability exists in Visual Studio when the C++ compiler

improperly handles specific combinations of C++ constructs. An attacker who successfully

exploited the vulnerability could run arbitrary code in the context of the current user. If the

current user is logged on with administrative user rights, an attacker could take control of the

affected system. An attacker could then install programs; view, change, or delete data; or create

new accounts with full user rights. Users whose accounts are configured to have fewer user

rights on the system could be less impacted than users who operate with administrative user

rights.

Moderate Remote Code

Execution









Severity Rating

Vulnerability

Impact

Exploitation of the vulnerability requires that a user open a specially crafted file which was

compiled with an affected version of Visual Studio. In an email attack scenario, an attacker

could exploit the vulnerability by sending a specially crafted project, or resource file, to the user

and convince the user to open the file.

The security update addresses the vulnerability by correcting how the Visual Studio C++

compiler handles certain C++ constructs.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00



Affected Software


CVE-2019-0546


Set

Restart

Required


version 15.9

Release Notes Security

Update

Moderate Remote Code

Execution

Base: N/A

Temporal: N/A

Vector: N/A

Maybe

CVE-2019-0547 - Windows DHCP Client Remote Code Execution

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0547

CVE Title: Windows DHCP Client Remote Code Execution Vulnerability

Description: Critical

Remote Code

Execution

http://aka.ms/vs/15/release/latest

http://aka.ms/vs/15/release/latest



Severity Rating

Vulnerability

Impact

MITRE

NVD

A memory corruption vulnerability exists in the Windows DHCP client when an attacker

sends specially crafted DHCP responses to a client. An attacker who successfully exploited

the vulnerability could run arbitrary code on the client machine.

To exploit the vulnerability, an attacker could send a specially crafted DHCP responses to a

client.

The security update addresses the vulnerability by correcting how Windows DHCP clients

handle certain DHCP responses.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00





Affected Software


CVE-2019-0547

Product KB


Restart

Required

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 9.8

Temporal: 8.8

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC

:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 9.8

Temporal: 8.8

Vector:


:C

Yes

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 9.8

Temporal: 8.8

Vector:


:C

Yes











CVE-2019-0547

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 9.8

Temporal: 8.8

Vector:


:C

Yes

CVE-2019-0548 - ASP.NET Core Denial of Service Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0548

MITRE

NVD

CVE Title: ASP.NET Core Denial of Service Vulnerability

Description:

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests.

An attacker who successfully exploited this vulnerability could cause a denial of service against

an ASP.NET Core web application. The vulnerability can be exploited remotely, without

authentication.

A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted

requests to the .NET Core application.

Important Denial of

Service








Severity Rating

Vulnerability

Impact

The update addresses the vulnerability by correcting how the ASP.NET Core web application

handles web requests.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0548

Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required


CVE-2019-0548

ASP.NET Core 2.1 Release Notes Security Update

Important Denial of Service

Base: N/A

Temporal: N/A

Vector: N/A

Maybe



Base: N/A

Temporal: N/A

Vector: N/A

Maybe



Severity Rating

Vulnerability

Impact

CVE-

2019-

0549

MITRE

NVD


Description:









losure







Severity Rating

Vulnerability

Impact


memory.

FAQ:



vulnerability is Kernel memory read - unintentional read access to memory contents in kernel

space from a user mode process.

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00



Affected Software


CVE-2019-0549

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

4480960

Security Important

Information

Disclosure 4471318

Base: 4.7

Temporal: 4.2 Yes
















CVE-2019-0549

R2 for x64-

based

Systems

Service

Pack 1

(Server

Core

installation)

Only

4480970

Monthly

Rollup

Vector:


C:C

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes


















CVE-2019-0549

Windows

Server 2008

for 32-bit

Systems

Service

Pack 2

(Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup


Disclosure 4471330

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

(Server

Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup


Disclosure 4471330

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes




















CVE-2019-0549

Windows

8.1 for 32-

bit systems

4480964

Security

Only

4480963

Monthly

Rollup


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly Important

Information

Disclosure 4471320

Base: 4.7

Temporal: 4.2 Yes




















CVE-2019-0549

Rollup

Vector:


C:C

Windows

Server 2012

R2 (Server

Core

installation)

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 for 32-

bit Systems

4480962

Security

Update


Disclosure 4483228

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 for x64-

based

Systems

4480962

Security

Update


Disclosure 4483228

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security Important

Information

Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:

Yes
















CVE-2019-0549

Update


C:C

Windows

10 Version

1607 for 32-

bit Systems

4480961

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1607 for

x64-based

Systems

4480961

Security

Update


Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2016

(Server

Core

installation)

4480961

Security

Update


Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1703 for 32-

bit Systems

4480973

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes















CVE-2019-0549

Windows

10 Version

1703 for

x64-based

Systems

4480973

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1709 for 32-

bit Systems

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1709 for

x64-based

Systems

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server,

version

1709

(Server

Core

Installation)

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes














CVE-2019-0549

Windows

10 Version

1803 for 32-

bit Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for

x64-based

Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server,

version

1803

(Server

Core

Installation)

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for

ARM64-

based

Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes














CVE-2019-0549

Windows

10 Version

1809 for 32-

bit Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1809 for

x64-based

Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1809 for

ARM64-

based

Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security Important

Information

Disclosure 4483235

Base: 4.7

Temporal: 4.2 Yes
















CVE-2019-0549

(Server

Core

installation)

Update

Vector:


C:C

Windows

10 Version

1709 for

ARM64-

based

Systems

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for Itanium-

Based

Systems

Service

Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service

Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes


















CVE-2019-0549

Windows

Server 2008

for x64-

based

Systems

Service

Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service

Pack 2

(Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes














CVE-2019-0550 - Windows Hyper-V Remote Code Execution

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0550

MITRE

NVD

CVE Title: Windows Hyper-V Remote Code Execution Vulnerability

Description:

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to

properly validate input from an authenticated user on a guest operating system. To exploit the

vulnerability, an attacker could run a specially crafted application on a guest operating system

that could cause the Hyper-V host operating system to execute arbitrary code.

An attacker who successfully exploited the vulnerability could execute arbitrary code on the

host operating system.

The security update addresses the vulnerability by correcting how Hyper-V validates guest

operating system user input.

FAQ:

None

Mitigations:

None


Execution





Severity Rating

Vulnerability

Impact

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0550

Product KB


Restart

Required

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 7.6

Temporal: 6.8

Vector:

CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC

:C

Yes





CVE-2019-0550

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes














CVE-2019-0550

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows

Server 2019

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes














CVE-2019-0551 - Windows Hyper-V Remote Code Execution

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0551

MITRE

NVD

CVE Title: Windows Hyper-V Remote Code Execution Vulnerability

Description:

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to

properly validate input from an authenticated user on a guest operating system. To exploit the

vulnerability, an attacker could run a specially crafted application on a guest operating system

that could cause the Hyper-V host operating system to execute arbitrary code.

An attacker who successfully exploited the vulnerability could execute arbitrary code on the

host operating system.

The security update addresses the vulnerability by correcting how Hyper-V validates guest

operating system user input.

FAQ:

None

Mitigations:

None


Execution





Severity Rating

Vulnerability

Impact

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0551

Product KB


Restart

Required

Windows

Server 2016

4480961

Security

Update

Critical

Remote

Code

Execution

4471321

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes





CVE-2019-0551

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Critical

Remote

Code

Execution

4483229

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Critical

Remote

Code

Execution

4471321

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Critical

Remote

Code

Execution

4471321

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Critical

Remote

Code

Execution

4483229

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1703 for

4480973

Security Critical

Remote

Code

Execution

4483229

Base: 7.6

Temporal: 6.8

Vector:

Yes
















CVE-2019-0551

x64-based

Systems

Update


:C

Windows 10

Version

1709 for 32-

bit Systems

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes















CVE-2019-0551

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes














CVE-2019-0551

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows

Server 2019

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes














CVE-2019-0551

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 7.6

Temporal: 6.8

Vector:


:C

Yes

CVE-2019-0552 - Windows COM Elevation of Privilege Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0552

MITRE

NVD

CVE Title: Windows COM Elevation of Privilege Vulnerability

Description:

An elevation of privilege exists in Windows COM Desktop Broker. An attacker who

successfully exploited the vulnerability could run arbitrary code with elevated privileges.

To exploit the vulnerability, an attacker could run a specially crafted application that could

exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run.

However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a

remote code execution vulnerability and another elevation of privilege) that could take advantage

of the elevated privileges when running.


Privilege








Severity Rating

Vulnerability

Impact

The update addresses the vulnerability by correcting how Windows COM Desktop Broker

processes interface requests.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0552

Product KB


Restart

Required

Windows 8.1

for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/R

C:C

Yes

Windows 8.1

for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes




















CVE-2019-0552

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

Core

installation)

4480963

Monthly

Rollup

4480964

Security

Only

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Elevation

of

Privilege

4483228

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Elevation

of

Privilege

4483228

Base: 7

Temporal: 6.3

Vector:


C:C

Yes














CVE-2019-0552

Windows

Server 2016

4480961

Security

Update

Important

Elevation

of

Privilege

4471321

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Elevation

of

Privilege

4483229

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Elevation

of

Privilege

4471321

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Elevation

of

Privilege

4471321

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

4480973

Security Important

Elevation

of

Privilege

4483229

Base: 7

Temporal: 6.3

Vector:

Yes
















CVE-2019-0552

1703 for 32-

bit Systems

Update


C:C

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Elevation

of

Privilege

4483229

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1709 for 32-

bit Systems

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 7

Temporal: 6.3

Vector:


C:C

Yes















CVE-2019-0552

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 7

Temporal: 6.3

Vector:


C:C

Yes














CVE-2019-0552

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes














CVE-2019-0552

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

CVE-2019-0553 - Windows Subsystem for Linux Information Disclosure

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0553

CVE Title: Windows Subsystem for Linux Information Disclosure Vulnerability


Information Discl

osure









Severity Rating

Vulnerability

Impact

MITRE

NVD

An information disclosure vulnerability exists when Windows Subsystem for Linux


vulnerability could obtain information to further compromise the user's system.

A attacker could exploit this vulnerability by running a specially crafted application.

The update addresses the vulnerability by correcting how Windows Subsystem for Linux


FAQ:





Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00





Severity Rating

Vulnerability

Impact


Affected Software


CVE-2019-0553

Product KB


Restart

Required

Windows

10 Version

1703 for 32-

bit Systems

4480973

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1703 for

x64-based

Systems

4480973

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes








CVE-2019-0553

Windows

10 Version

1709 for 32-

bit Systems

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1709 for

x64-based

Systems

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server,

version

1709

(Server

Core

Installation)

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for 32-

bit Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes














CVE-2019-0553

Windows

10 Version

1803 for

x64-based

Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server,

version

1803

(Server

Core

Installation)

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for

ARM64-

based

Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1809 for 32-

bit Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes














CVE-2019-0553

Windows

10 Version

1809 for

x64-based

Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1809 for

ARM64-

based

Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2019

(Server

Core

installation)

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

4480978

Security Important

Information

Disclosure 4483232

Base: 4.7

Temporal: 4.2 Yes
















CVE-2019-0553

1709 for

ARM64-

based

Systems

Update

Vector:


C:C



Severity Rating

Vulnerability

Impact

CVE-

2019-

0554

MITRE

NVD


Description:









memory.


losure






Severity Rating

Vulnerability

Impact

FAQ:



vulnerability is memory layout - the vulnerability allows an attacker to collect information that

facilitates predicting addressing of the memory.

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0554

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes




















CVE-2019-0554

(Server

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service

Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service

4480957

Security

Only

4480968

Monthly


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes



















CVE-2019-0554

Pack 2

(Server

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup


Disclosure 4471330

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

(Server

Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup


Disclosure 4471330

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

8.1 for 32-

bit systems

4480964

Security

Only

4480963

Monthly


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes




















CVE-2019-0554

Rollup

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup


Disclosure 4471320

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2012

4480963

Monthly Important

Information

Disclosure 4471320

Base: 4.7

Temporal: 4.2 Yes




















CVE-2019-0554

R2 (Server

Core

installation)

Rollup

4480964

Security

Only

Vector:


C:C

Windows

10 for 32-

bit Systems

4480962

Security

Update


Disclosure 4483228

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 for x64-

based

Systems

4480962

Security

Update


Disclosure 4483228

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update


Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

4480961

Security Important

Information

Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:

Yes

















CVE-2019-0554

1607 for 32-

bit Systems

Update


C:C

Windows

10 Version

1607 for

x64-based

Systems

4480961

Security

Update


Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2016

(Server

Core

installation)

4480961

Security

Update


Disclosure 4471321

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1703 for 32-

bit Systems

4480973

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1703 for

x64-based

Systems

4480973

Security

Update


Disclosure 4483229

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes















CVE-2019-0554

Windows

10 Version

1709 for 32-

bit Systems

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1709 for

x64-based

Systems

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server,

version

1709

(Server

Core

Installation)

4480978

Security

Update


Disclosure 4483232

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for 32-

bit Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes














CVE-2019-0554

Windows

10 Version

1803 for

x64-based

Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server,

version

1803

(Server

Core

Installation)

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1803 for

ARM64-

based

Systems

4480966

Security

Update


Disclosure 4483234

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1809 for 32-

bit Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes














CVE-2019-0554

Windows

10 Version

1809 for

x64-based

Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

1809 for

ARM64-

based

Systems

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2019

(Server

Core

installation)

4480116

Security

Update


Disclosure 4483235

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

10 Version

4480978

Security Important

Information

Disclosure 4483232

Base: 4.7

Temporal: 4.2 Yes
















CVE-2019-0554

1709 for

ARM64-

based

Systems

Update

Vector:


C:C

Windows

Server 2008

for Itanium-

Based

Systems

Service

Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service

Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

4480957

Security

Only

4480968

Monthly


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes




















CVE-2019-0554

Service

Pack 2

Rollup

Windows

Server 2008

for x64-

based

Systems

Service

Pack 2

(Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 4.7

Temporal: 4.2

Vector:


C:C

Yes

CVE-2019-0555 - Microsoft XmlDocument Elevation of Privilege

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

CVE Title: Microsoft XmlDocument Elevation of Privilege Vulnerability


Elevation of

Privilege










Severity Rating

Vulnerability

Impact

0555

MITRE

NVD

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could

allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who

successfully exploited this vulnerability could gain elevated privileges and break out of the Edge

AppContainer sandbox.

The vulnerability by itself does not allow arbitrary code to run. However, this vulnerability could

be used in conjunction with one or more vulnerabilities (for example a remote code execution

vulnerability and another elevation of privilege vulnerability) to take advantage of the elevated

privileges when running.

The security update addresses the vulnerability by modifying how the Microsoft XmlDocument

class enforces sandboxing.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00





Affected Software


CVE-2019-0555

Product KB


Restart

Required

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Elevation

of

Privilege

4471330

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Elevation

of

Privilege

4471330

Base: 7

Temporal: 6.3

Vector:


C:C

Yes














CVE-2019-0555

Windows 8.1

for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 8.1

for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes




















CVE-2019-0555

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

Core

installation)

4480963

Monthly

Rollup

4480964

Security

Only

Important

Elevation

of

Privilege

4471320

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Elevation

of

Privilege

4483228

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Elevation

of

Privilege

4483228

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

















CVE-2019-0555

Windows

Server 2016

4480961

Security

Update

Important

Elevation

of

Privilege

4471321

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Elevation

of

Privilege

4483229

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Elevation

of

Privilege

4471321

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Elevation

of

Privilege

4471321

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

4480973

Security Important

Elevation

of

Privilege

4483229

Base: 7

Temporal: 6.3

Vector:

Yes
















CVE-2019-0555

1703 for 32-

bit Systems

Update


C:C

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Elevation

of

Privilege

4483229

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1709 for 32-

bit Systems

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 7

Temporal: 6.3

Vector:


C:C

Yes















CVE-2019-0555

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 7

Temporal: 6.3

Vector:


C:C

Yes














CVE-2019-0555

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes














CVE-2019-0555

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 7

Temporal: 6.3

Vector:


C:C

Yes

CVE-2019-0556 - Microsoft Office SharePoint XSS Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0556

MITRE

NVD

CVE Title: Microsoft Office SharePoint XSS Vulnerability

Description:

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not

properly sanitize a specially crafted web request to an affected SharePoint server. An

Important Spoofing











Severity Rating

Vulnerability

Impact

authenticated attacker could exploit the vulnerability by sending a specially crafted request to an

affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting

attacks on affected systems and run script in the security context of the current user. The attacks

could allow the attacker to read content that the attacker is not authorized to read, use the

victim's identity to take actions on the SharePoint site on behalf of the user, such as change

permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server

properly sanitizes web requests.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00



Affected Software


CVE-2019-0556


Set

Restart

Required

Microsoft SharePoint Enterprise Server 2013

Service Pack 1

4461596 Security

Update

Important Spoofing 4461558

Base: N/A

Temporal: N/A

Vector: N/A

Maybe



Severity Rating

Vulnerability

Impact

CVE-

2019-

0557

MITRE

NVD


Description:





Important Spoofing

https://www.microsoft.com/downloads/details.aspx?familyid=4404a196-0f8e-46d2-8bec-fd478197550f

https://www.microsoft.com/downloads/details.aspx?familyid=4404a196-0f8e-46d2-8bec-fd478197550f





Severity Rating

Vulnerability

Impact








FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00



Affected Software


CVE-2019-0557


Set

Restart

Required

Microsoft SharePoint Enterprise Server

2016

4461598 Security

Update


Base: N/A

Temporal: N/A

Vector: N/A

Maybe



Severity Rating

Vulnerability

Impact

CVE-

2019-

0558

MITRE

NVD


Description:





Important Spoofing

https://www.microsoft.com/downloads/details.aspx?familyid=a0f60297-f69c-4e43-8503-c48cb47de172






Severity Rating

Vulnerability

Impact








FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00



Affected Software


CVE-2019-0558


Set

Restart

Required

Microsoft Business Productivity Servers 2010

Service Pack 2

4461624 Security

Update


Base: N/A

Temporal: N/A

Vector: N/A

Maybe


4461598 Security

Update


Base: N/A

Temporal: N/A

Vector: N/A

Maybe


Service Pack 1

4461591 Security

Update


Base: N/A

Temporal: N/A

Vector: N/A

Maybe

Microsoft SharePoint Server 2019

4461634 Security

Update


Base: N/A

Temporal: N/A

Vector: N/A

Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=9938cc4c-e77a-4f4a-a00c-68ac97d99f28

https://www.microsoft.com/downloads/details.aspx?familyid=9938cc4c-e77a-4f4a-a00c-68ac97d99f28



https://www.microsoft.com/downloads/details.aspx?familyid=1e309f6c-525c-4503-8066-3af880440f45


https://www.microsoft.com/downloads/details.aspx?familyid=370bdbc8-e6d9-4f80-9684-fa284e32acd6



CVE-2019-0559 - Microsoft Outlook Information Disclosure Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0559

MITRE

NVD

CVE Title: Microsoft Outlook Information Disclosure Vulnerability

Description:

An information disclosure vulnerability exists when Microsoft Outlook improperly handles

certain types of messages. An attacker who successfully exploited this vulnerability could

gather information about the victim.

An attacker could exploit this vulnerability by sending a specially crafted email to the victim.

The update addresses the vulnerability by correcting the way Microsoft Outlook handles

these types of messages.

FAQ:


A victim could automatically download external content, which could disclose information to

an attacker.

Mitigations:

None

Important Information Discl

osure





Severity Rating

Vulnerability

Impact

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0559


Set

Restart

Required

Microsoft Outlook 2013 RT Service

Pack 1

4461595 Security

Update


sure 4461556

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


CVE-2019-0559

Microsoft Outlook 2010 Service Pack

2 (32-bit editions)

4461623 Security

Update


sure 4461576

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


2 (64-bit editions)

4461623 Security

Update


sure 4461576

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Outlook 2016 (32-bit

edition)

4461601 Security

Update


sure 4461544

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Outlook 2016 (64-bit

edition)

4461601 Security

Update


sure 4461544

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


1 (32-bit editions)

4461595 Security

Update


sure 4461556

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


1 (64-bit editions)

4461595 Security

Update


sure 4461556

Base: N/A

Temporal: Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=c2b4ca90-8c20-485a-bcee-59a4dac3ba5d

https://www.microsoft.com/downloads/details.aspx?familyid=c2b4ca90-8c20-485a-bcee-59a4dac3ba5d

https://www.microsoft.com/downloads/details.aspx?familyid=cf0bb670-764f-43d9-82fc-1061860486ec

https://www.microsoft.com/downloads/details.aspx?familyid=cf0bb670-764f-43d9-82fc-1061860486ec

https://www.microsoft.com/downloads/details.aspx?familyid=600e9c0b-179a-4e5a-af46-5ecdfee7a593

https://www.microsoft.com/downloads/details.aspx?familyid=600e9c0b-179a-4e5a-af46-5ecdfee7a593

https://www.microsoft.com/downloads/details.aspx?familyid=a34c5286-3019-4ae8-877c-5f91dc8eff09

https://www.microsoft.com/downloads/details.aspx?familyid=a34c5286-3019-4ae8-877c-5f91dc8eff09

https://www.microsoft.com/downloads/details.aspx?familyid=e24fb7df-8bca-4a58-8977-4e55f130e2c5

https://www.microsoft.com/downloads/details.aspx?familyid=e24fb7df-8bca-4a58-8977-4e55f130e2c5

https://www.microsoft.com/downloads/details.aspx?familyid=bfcd1ed7-f484-4b74-b122-3beef393f689

https://www.microsoft.com/downloads/details.aspx?familyid=bfcd1ed7-f484-4b74-b122-3beef393f689


CVE-2019-0559

N/A

Vector: N/A

Microsoft Office 2019 for 32-bit

editions

Click to Run Security

Update


sure 4461556

Base: N/A

Temporal:

N/A

Vector: N/A

No


editions


Update


sure 4461556

Base: N/A

Temporal:

N/A

Vector: N/A

No

Office 365 ProPlus for 32-bit Systems


Update


sure 4461556

Base: N/A

Temporal:

N/A

Vector: N/A

No



Update


sure 4461556

Base: N/A

Temporal:

N/A

Vector: N/A

No


CVE-2019-0560 - Microsoft Office Information Disclosure Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0560

MITRE

NVD

CVE Title: Microsoft Office Information Disclosure Vulnerability

Description:

An information disclosure vulnerability exists when Microsoft Office improperly discloses the

contents of its memory. An attacker who exploited the vulnerability could use the information

to compromise the user's computer or data.

To exploit the vulnerability, an attacker could craft a special document file and then convince

the user to open it. An attacker must know the memory address location where the object was

created.

The update addresses the vulnerability by changing the way certain functions handle objects

in memory.

FAQ:



vulnerability is uninitialized memory.


osure





Severity Rating

Vulnerability

Impact

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0560


Set

Restart

Required

Microsoft Office 2010 Service Pack 2

(32-bit editions)

4461614 Security

Update


sure 4092483

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=b29b8d28-84ac-406b-abc8-3327442db615

https://www.microsoft.com/downloads/details.aspx?familyid=b29b8d28-84ac-406b-abc8-3327442db615


CVE-2019-0560


(64-bit editions)

4461614 Security

Update


sure 4092483

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


(32-bit editions)

4461537 Security

Update


sure 4461445

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


(64-bit editions)

4461537 Security

Update


sure 4461445

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office 2013 RT Service

Pack 1

4461537 Security

Update


sure 4461445

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office 2016 (32-bit edition)

4461535 Security

Update


sure 4461437

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office 2016 (64-bit edition)

4461535 Security

Update


sure 4461437

Base: N/A

Temporal: Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=f82f195b-1ec3-4582-b255-ec31285b3573

https://www.microsoft.com/downloads/details.aspx?familyid=f82f195b-1ec3-4582-b255-ec31285b3573

https://www.microsoft.com/downloads/details.aspx?familyid=6f910d98-4bd9-4557-90d7-bdf56b59a465

https://www.microsoft.com/downloads/details.aspx?familyid=6f910d98-4bd9-4557-90d7-bdf56b59a465

https://www.microsoft.com/downloads/details.aspx?familyid=5a2232ff-eb3b-4515-8367-c274f4f572c3

https://www.microsoft.com/downloads/details.aspx?familyid=5a2232ff-eb3b-4515-8367-c274f4f572c3

https://www.microsoft.com/downloads/details.aspx?familyid=700506c5-7b20-44b8-9a5d-e29f037b7117

https://www.microsoft.com/downloads/details.aspx?familyid=700506c5-7b20-44b8-9a5d-e29f037b7117

https://www.microsoft.com/downloads/details.aspx?familyid=6f7165ba-a2bc-407f-9dfc-f39db6ab10af

https://www.microsoft.com/downloads/details.aspx?familyid=6f7165ba-a2bc-407f-9dfc-f39db6ab10af


CVE-2019-0560

N/A

Vector: N/A


editions


Update


sure 4461437

Base: N/A

Temporal:

N/A

Vector: N/A

No


editions


Update


sure 4461437

Base: N/A

Temporal:

N/A

Vector: N/A

No



Update


sure 4461437

Base: N/A

Temporal:

N/A

Vector: N/A

No



Update


sure 4461437

Base: N/A

Temporal:

N/A

Vector: N/A

No


CVE-2019-0561 - Microsoft Word Information Disclosure Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0561

MITRE

NVD

CVE Title: Microsoft Word Information Disclosure Vulnerability

Description:

An information disclosure vulnerability exists when Microsoft Word macro buttons are used

improperly. An attacker who successfully exploited this vulnerability could read arbitrary

files from a targeted system.

To exploit the vulnerability, an attacker could craft a special document file and convince the

user to open it. An attacker must know the file location whose data they wish to exfiltrate.

The update addresses the vulnerability by changing the way certain Word functions handle

security warnings

FAQ:



vulnerability is unauthorized file system access - reading from file system.

Mitigations:


osure





Severity Rating

Vulnerability

Impact

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0561


Set

Restart

Required

Microsoft Word 2010 Service Pack 2 (32-bit

editions)

4461625 Security

Update


osure 4461526

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=b94b86f5-046e-4463-8b28-63367034372b



CVE-2019-0561


editions)

4461625 Security

Update


osure 4461526

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office 2010 Service Pack 2 (32-

bit editions)

4461617 Security

Update


osure 4461524

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office 2010 Service Pack 2 (64-

bit editions)

4461617 Security

Update


osure 4461524

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


editions)

4461594 Security

Update


osure 4461485

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


editions)

4461594 Security

Update


osure 4461485

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Word 2013 RT Service Pack 1

4461594 Security

Update


osure 4461485

Base: N/A

Temporal: Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=241cedf7-3dd3-451f-846b-64d37fdd0df5


https://www.microsoft.com/downloads/details.aspx?familyid=13ae8f40-cec7-488b-ae8d-f838901d161d


https://www.microsoft.com/downloads/details.aspx?familyid=5f19c54b-07aa-4eec-905e-64668537174e


https://www.microsoft.com/downloads/details.aspx?familyid=508a0d37-11a2-4c9e-8a04-b92414596eee


https://www.microsoft.com/downloads/details.aspx?familyid=e5879074-a0a8-40f2-b9b2-835a4c454f07



CVE-2019-0561

N/A

Vector: N/A

Microsoft Office Web Apps Server 2010

Service Pack 2

4461620 Security

Update


osure 2965312

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office 2016 for Mac

Release Notes

Security Update


osure 2965312

Base: N/A

Temporal:

N/A

Vector: N/A

No

Microsoft Word 2016 (32-bit edition)

4461543 Security

Update


osure 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


4461543 Security

Update


osure 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office 2019 for 32-bit editions

Click to Run

Security Update


osure 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

No

https://www.microsoft.com/downloads/details.aspx?familyid=cd09326c-6f38-472d-91ba-00dd5a99a7ba


https://go.microsoft.com/fwlink/p/?linkid=831049


https://www.microsoft.com/downloads/details.aspx?familyid=0b8081a7-7b11-412c-a24b-abeff769e4e0





CVE-2019-0561


Click to Run

Security Update


osure 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

No


Release Notes

Security Update


osure 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

No


Click to Run

Security Update


osure 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

No


Click to Run

Security Update


osure 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

No

Word Automation Services on Microsoft

SharePoint Server 2010 Service Pack 2

4461612 Security

Update


osure 4461520

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe



https://www.microsoft.com/downloads/details.aspx?familyid=3b5cb1a1-1e82-4584-a22e-60d5d5834495



CVE-2019-0562 - Microsoft SharePoint Elevation of Privilege

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0562

MITRE

NVD

CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability

Description:

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not





attacks on affected systems and run script in the security context of the current user. These

attacks could allow the attacker to read content that the attacker is not authorized to read, use the





FAQ:


Privilege





Severity Rating

Vulnerability

Impact

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0562


Set

Restart

Required


2016

4461598 Security

Update


Privilege 4461541

Base: N/A

Temporal: Maybe




CVE-2019-0562

N/A

Vector: N/A


2013 Service Pack 1

4461591 Security

Update


Privilege 4461549

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


4461634 Security

Update


Privilege 4461548

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

CVE-2019-0564 - ASP.NET Core Denial of Service Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0564

MITRE

NVD

CVE Title: ASP.NET Core Denial of Service Vulnerability

Description:

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests.

An attacker who successfully exploited this vulnerability could cause a denial of service against

an ASP.NET Core web application. The vulnerability can be exploited remotely, without

authentication.

Important Denial of

Service









Severity Rating

Vulnerability

Impact

A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted

requests to the .NET Core application.

The update addresses the vulnerability by correcting how the ASP.NET Core web application

handles web requests.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0564

Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required



Base: N/A

Temporal: N/A

Vector: N/A

Maybe

CVE-2019-0565 - Microsoft Edge Memory Corruption Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0565

MITRE

NVD

CVE Title: Microsoft Edge Memory Corruption Vulnerability

Description:

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects

in memory. The vulnerability could corrupt memory in such a way that enables an attacker to

execute arbitrary code in the context of the current user. An attacker who successfully exploited

the vulnerability could gain the same user rights as the current user. If the current user is logged

on with administrative user rights, an attacker could take control of an affected system. An

attacker could then install programs; view, change, or delete data; or create new accounts with

full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability

through Microsoft Edge, and then convince a user to view the website. The attacker could also

take advantage of compromised websites and websites that accept or host user-provided content


Execution






Severity Rating

Vulnerability

Impact

or advertisements by adding specially crafted content that could exploit the vulnerability. In all

cases, however, an attacker would have no way to force users to view the attacker-controlled

content. Instead, an attacker would have to convince users to take action, typically by way of

enticement in an email or Instant Messenger message, or by getting them to open an attachment

sent through email.

The security update addresses the vulnerability by modifying how Microsoft Edge handles

objects in memory.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00



Affected Software


CVE-2019-0565

Product KB


Restart

Required

Microsoft

Edge on

Windows

10 Version

1803 for

32-bit

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1803 for

x64-based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes








CVE-2019-0565

Microsoft

Edge on

Windows

10 Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1809 for

32-bit

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1809 for

x64-based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes











CVE-2019-0565

Microsoft

Edge on

Windows

10 Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

Server 2019

4480116

Security

Update

Moderate

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

CVE-2019-0566 - Microsoft Edge Elevation of Privilege Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0566

CVE Title: Microsoft Edge Elevation of Privilege Vulnerability


Elevation of

Privilege









Severity Rating

Vulnerability

Impact

MITRE

NVD

An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object.

An attacker who successfully exploited the vulnerability could use the Browser Broker COM

object to elevate privileges on an affected system.

This vulnerability by itself does not allow arbitrary code execution; however, it could allow

arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as

a remote code execution vulnerability or another elevation of privilege vulnerability) that is

capable of leveraging the elevated privileges when code execution is attempted.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00





Affected Software


CVE-2019-0566

Product KB


Restart

Required

Microsoft

Edge on

Windows

10 for 32-

bit Systems

4480962

Security

Update

Important

Elevation

of

Privilege

4483228

Base: 4.3

Temporal: 3.9

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/R

C:C

Yes

Microsoft

Edge on

Windows

10 for x64-

based

Systems

4480962

Security

Update

Important

Elevation

of

Privilege

4483228

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

Server 2016

4480961

Security

Update

Low

Elevation

of

Privilege

4471321

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes











CVE-2019-0566

Microsoft

Edge on

Windows

10 Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Elevation

of

Privilege

4483229

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Elevation

of

Privilege

4471321

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Elevation

of

Privilege

4483229

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

4480973

Security

Update

Important

Elevation

of

Privilege

4483229

Base: 4.3

Temporal: 3.9

Vector:

Yes














CVE-2019-0566

1703 for

x64-based

Systems


C:C

Microsoft

Edge on

Windows

10 Version

1709 for 32-

bit Systems

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Elevation

of

Privilege

4483232

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes











CVE-2019-0566

Microsoft

Edge on

Windows

10 Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Elevation

of

Privilege

4483234

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes











CVE-2019-0566

Microsoft

Edge on

Windows

10 Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

10 Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Elevation

of

Privilege

4483235

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

Server 2019

4480116

Security

Update

Low

Elevation

of

Privilege

4483235

Base: 4.3

Temporal: 3.9

Vector:


C:C

Yes

Microsoft

Edge on

Windows

4480978

Security Important

Elevation

of

Privilege

4483232

Base: 4.3

Temporal: 3.9

Vector:

Yes













CVE-2019-0566

10 Version

1709 for

ARM64-

based

Systems

Update


C:C


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0567

MITRE

NVD


Description:









Execution






Severity Rating

Vulnerability

Impact








FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00



Affected Software


CVE-2019-0567

Product KB


Restart

Required

Microsoft

Edge on

Windows 10

for 32-bit

Systems

4480962

Security

Update

Critical

Remote

Code

Execution

4483228

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

for x64-

based

Systems

4480962

Security

Update

Critical

Remote

Code

Execution

4483228

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

Server 2016

4480961

Security

Update

Moderate

Remote

Code

Execution

4471321

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes











CVE-2019-0567

Microsoft

Edge on

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Critical

Remote

Code

Execution

4483229

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Critical

Remote

Code

Execution

4471321

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Critical

Remote

Code

Execution

4483229

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

4480973

Security

Update

Critical

Remote

Code

Execution

4483229

Base: 4.2

Temporal: 3.8

Vector:

Yes














CVE-2019-0567

1703 for

x64-based

Systems


C:C

Microsoft

Edge on

Windows 10

Version

1709 for 32-

bit Systems

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Critical

Remote

Code

Execution

4483232

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes











CVE-2019-0567

Microsoft

Edge on

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes











CVE-2019-0567

Microsoft

Edge on

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

Server 2019

4480116

Security

Update

Moderate

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

4480978

Security Critical

Remote

Code

Execution

4483232

Base: 4.2

Temporal: 3.8

Vector:

Yes













CVE-2019-0567

Version

1709 for

ARM64-

based

Systems

Update


C:C

ChakraCore

Release

Notes

Security

Update

Critical

Remote

Code

Execution

4483232

Base: N/A

Temporal: N/A

Vector: N/A

Maybe


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0568


Description:




Execution








Severity Rating

Vulnerability

Impact

MITRE

NVD













FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00





Severity Rating

Vulnerability

Impact


Affected Software


CVE-2019-0568

Product KB


Restart

Required

Microsoft

Edge on

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:

Yes








CVE-2019-0568

1803 for

x64-based

Systems


C:C

Microsoft

Edge on

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Critical

Remote

Code

Execution

4483234

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows 10

Version

1809 for

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes











CVE-2019-0568

x64-based

Systems

Microsoft

Edge on

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

Microsoft

Edge on

Windows

Server 2019

4480116

Security

Update

Moderate

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Yes

ChakraCore

Release

Notes

Security

Update

Critical

Remote

Code

Execution

4483235

Base: 4.2

Temporal: 3.8

Vector:


C:C

Maybe














Severity Rating

Vulnerability

Impact

CVE-

2019-

0569

MITRE

NVD


Description:




An authenticated attacker could exploit this vulnerability by running a specially crafted

application.

The update addresses the vulnerability by correcting how the Windows kernel handles objects

in memory.

FAQ:






osure





Severity Rating

Vulnerability

Impact

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0569

Product KB


Restart

Required


Systems Service Pack

1

4480960

Security

Only

4480970


Disclosure 4471318

Base: 5.5

Temporal: 5.5

Vector:

Yes






CVE-2019-0569

Monthly

Rollup

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:

N

Windows 7 for x64-

based Systems

Service Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2008 R2 for x64-

based Systems

Service Pack 1

(Server Core

installation)

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2008 R2 for Itanium-

Based Systems

Service Pack 1

4480960

Security

Only

4480970

Monthly


Disclosure 4471318

Base: 5.5

Temporal: 5.5

Vector:


N

Yes





















CVE-2019-0569

Rollup

Windows Server

2008 R2 for x64-

based Systems

Service Pack 1

4480960

Security

Only

4480970

Monthly

Rollup


Disclosure 4471318

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2008 for 32-bit


2 (Server Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2012

4480972

Security

Only

4480975

Monthly

Rollup


Disclosure 4471330

Base: 5.5

Temporal: 5.5

Vector:


N

Yes





















CVE-2019-0569

Windows Server

2012 (Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup


Disclosure 4471330

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 8.1 for 32-

bit systems

4480964

Security

Only

4480963

Monthly

Rollup


Disclosure 4471320

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 8.1 for x64-

based systems

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2012 R2

4480963

Monthly Important

Information

Disclosure 4471320

Base: 5.5

Temporal: 5.5 Yes






















CVE-2019-0569

Rollup

4480964

Security

Only

Vector:


N

Windows RT 8.1

4480963

Monthly

Rollup


Disclosure 4471320

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2012 R2 (Server Core

installation)

4480963

Monthly

Rollup

4480964

Security

Only


Disclosure 4471320

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 for 32-

bit Systems

4480962

Security

Update


Disclosure 4483228

Base: 5.5

Temporal: 5.5

Vector:


N

Yes















CVE-2019-0569

Windows 10 for x64-

based Systems

4480962

Security

Update


Disclosure 4483228

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2016

4480961

Security

Update


Disclosure 4471321

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1607 for 32-bit

Systems

4480961

Security

Update


Disclosure 4483229

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1607 for x64-based

Systems

4480961

Security

Update


Disclosure 4471321

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2016 (Server Core

installation)

4480961

Security Important

Information

Disclosure 4471321

Base: 5.5

Temporal: 5.5

Vector:

Yes
















CVE-2019-0569

Update


N

Windows 10 Version

1703 for 32-bit

Systems

4480973

Security

Update


Disclosure 4483229

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1703 for x64-based

Systems

4480973

Security

Update


Disclosure 4483229

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1709 for 32-bit

Systems

4480978

Security

Update


Disclosure 4483232

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1709 for x64-based

Systems

4480978

Security

Update


Disclosure 4483232

Base: 5.5

Temporal: 5.5

Vector:


N

Yes















CVE-2019-0569

Windows Server,


Core Installation)

4480978

Security

Update


Disclosure 4483232

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1803 for 32-bit

Systems

4480966

Security

Update


Disclosure 4483234

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1803 for x64-based

Systems

4480966

Security

Update


Disclosure 4483234

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server,


Core Installation)

4480966

Security

Update


Disclosure 4483234

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1803 for ARM64-

based Systems

4480966

Security Important

Information

Disclosure 4483234

Base: 5.5

Temporal: 5.5

Vector:

Yes
















CVE-2019-0569

Update


N

Windows 10 Version

1809 for 32-bit

Systems

4480116

Security

Update


Disclosure 4483235

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1809 for x64-based

Systems

4480116

Security

Update


Disclosure 4483235

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1809 for ARM64-

based Systems

4480116

Security

Update


Disclosure 4483235

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2019

4480116

Security

Update


Disclosure 4483235

Base: 5.5

Temporal: 5.5

Vector:


N

Yes















CVE-2019-0569

Windows Server

2019 (Server Core

installation)

4480116

Security

Update


Disclosure 4483235

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows 10 Version

1709 for ARM64-

based Systems

4480978

Security

Update


Disclosure 4483232

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2008 for Itanium-

Based Systems

Service Pack 2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2008 for 32-bit


2

4480957

Security

Only

4480968

Monthly


Disclosure 4471325

Base: 5.5

Temporal: 5.5

Vector:


N

Yes



















CVE-2019-0569

Rollup

Windows Server

2008 for x64-based


2

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 5.5

Temporal: 5.5

Vector:


N

Yes

Windows Server

2008 for x64-based


2 (Server Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup


Disclosure 4471325

Base: 5.5

Temporal: 5.5

Vector:


N

Yes















CVE-2019-0570 - Windows Runtime Elevation of Privilege Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0570

MITRE

NVD

CVE Title: Windows Runtime Elevation of Privilege Vulnerability

Description:

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles

objects in memory. An attacker who successfully exploited this vulnerability could run

arbitrary code in an elevated context.


victim system.

The update addresses the vulnerability by correcting the way the Windows Runtime handles

objects in memory.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Privilege





Severity Rating

Vulnerability

Impact


Affected Software


CVE-2019-0570


Required

Windows Server

2012

4480972

Security

Only

4480975

Monthly

Rollup


Privilege 4471330

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2012 (Server Core

installation)

4480972

Security

Only


Privilege 4471330

Base: 7.8

Temporal: 7.8

Vector:

Yes











CVE-2019-0570

4480975

Monthly

Rollup


H

Windows 8.1 for 32-

bit systems

4480964

Security

Only

4480963

Monthly

Rollup


Privilege 4471320

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 8.1 for

x64-based systems

4480963

Monthly

Rollup

4480964

Security

Only


Privilege 4471320

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2012 R2

4480963

Monthly

Rollup

4480964

Security


Privilege 4471320

Base: 7.8

Temporal: 7.8

Vector:


H

Yes






















CVE-2019-0570

Only

Windows RT 8.1

4480963

Monthly

Rollup


Privilege 4471320

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2012 R2 (Server

Core installation)

4480963

Monthly

Rollup

4480964

Security

Only


Privilege 4471320

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 for 32-

bit Systems

4480962

Security

Update


Privilege 4483228

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 for x64-

based Systems

4480962

Security

Update


Privilege 4483228

Base: 7.8

Temporal: 7.8

Vector:

Yes















CVE-2019-0570


H

Windows Server

2016

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for 32-bit

Systems

4480961

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for x64-based

Systems

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2016 (Server Core

installation)

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes














CVE-2019-0570

Windows 10 Version

1703 for 32-bit

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1703 for x64-based

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for 32-bit

Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for x64-based

Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480978

Security Important

Elevation of

Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0570

Update


H

Windows 10 Version

1803 for 32-bit

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for x64-based

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for ARM64-

based Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0570

Windows 10 Version

1809 for 32-bit

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for x64-based

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for ARM64-

based Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2019

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2019 (Server Core

installation)

4480116

Security Important

Elevation of

Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0570

Update


H

Windows 10 Version

1709 for ARM64-

based Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

CVE-2019-0571 - Windows Data Sharing Service Elevation of Privilege

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0571

MITRE

NVD

CVE Title: Windows Data Sharing Service Elevation of Privilege Vulnerability

Description:

An elevation of privilege vulnerability exists when the Windows Data Sharing Service

improperly handles file operations. An attacker who successfully exploited this vulnerability

could run processes in an elevated context.


Privilege









Severity Rating

Vulnerability

Impact


victim system.

The update addresses the vulnerability by correcting the way the Windows Data Sharing

Service handles file operations.

FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0571


Required

Windows 10 for 32-

bit Systems

4480962

Security

Update


Privilege 4483228

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 for x64-

based Systems

4480962

Security

Update


Privilege 4483228

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2016

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for 32-bit

Systems

4480961

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes














CVE-2019-0571

Windows 10 Version

1607 for x64-based

Systems

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2016 (Server Core

installation)

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1703 for 32-bit

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1703 for x64-based

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for 32-bit

Systems

4480978

Security Important

Elevation of

Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0571

Update


H

Windows 10 Version

1709 for x64-based

Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for 32-bit

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for x64-based

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0571

Windows Server,


Core Installation)

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for ARM64-

based Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for 32-bit

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for x64-based

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for ARM64-

based Systems

4480116

Security Important

Elevation of

Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0571

Update


H

Windows Server

2019

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2019 (Server Core

installation)

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for ARM64-

based Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes













Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0572

MITRE

NVD


Description:





victim system.



FAQ:

None

Mitigations:

None

Workarounds:


Privilege





Severity Rating

Vulnerability

Impact

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0572


Required

Windows 10 for 32-

bit Systems

4480962

Security

Update


Privilege 4483228

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 for x64-

based Systems

4480962

Security Important

Elevation of

Privilege 4483228

Base: 7.8

Temporal: 7.8 Yes







CVE-2019-0572

Update

Vector:


H

Windows Server

2016

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for 32-bit

Systems

4480961

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for x64-based

Systems

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2016 (Server Core

installation)

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0572

Windows 10 Version

1703 for 32-bit

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1703 for x64-based

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for 32-bit

Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for x64-based

Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480978

Security Important

Elevation of

Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0572

Update


H

Windows 10 Version

1803 for 32-bit

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for x64-based

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for ARM64-

based Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0572

Windows 10 Version

1809 for 32-bit

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for x64-based

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for ARM64-

based Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2019

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2019 (Server Core

installation)

4480116

Security Important

Elevation of

Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0572

Update


H

Windows 10 Version

1709 for ARM64-

based Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0573

MITRE

NVD


Description:





Privilege









Severity Rating

Vulnerability

Impact


victim system.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0573


Required

Windows 10 for 32-

bit Systems

4480962

Security

Update


Privilege 4483228

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 for x64-

based Systems

4480962

Security

Update


Privilege 4483228

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2016

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for 32-bit

Systems

4480961

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes














CVE-2019-0573

Windows 10 Version

1607 for x64-based

Systems

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2016 (Server Core

installation)

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1703 for 32-bit

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1703 for x64-based

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for 32-bit

Systems

4480978

Security Important

Elevation of

Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0573

Update


H

Windows 10 Version

1709 for x64-based

Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for 32-bit

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for x64-based

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0573

Windows Server,


Core Installation)

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for ARM64-

based Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for 32-bit

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for x64-based

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for ARM64-

based Systems

4480116

Security Important

Elevation of

Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0573

Update


H

Windows Server

2019

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2019 (Server Core

installation)

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for ARM64-

based Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes













Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0574

MITRE

NVD


Description:





victim system.



FAQ:

None

Mitigations:

None

Workarounds:


Privilege





Severity Rating

Vulnerability

Impact

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0574


Required

Windows 10 for 32-

bit Systems

4480962

Security

Update


Privilege 4483228

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 for x64-

based Systems

4480962

Security Important

Elevation of

Privilege 4483228

Base: 7.8

Temporal: 7.8 Yes







CVE-2019-0574

Update

Vector:


H

Windows Server

2016

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for 32-bit

Systems

4480961

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1607 for x64-based

Systems

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2016 (Server Core

installation)

4480961

Security

Update


Privilege 4471321

Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0574

Windows 10 Version

1703 for 32-bit

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1703 for x64-based

Systems

4480973

Security

Update


Privilege 4483229

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for 32-bit

Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1709 for x64-based

Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480978

Security Important

Elevation of

Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0574

Update


H

Windows 10 Version

1803 for 32-bit

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for x64-based

Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server,


Core Installation)

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1803 for ARM64-

based Systems

4480966

Security

Update


Privilege 4483234

Base: 7.8

Temporal: 7.8

Vector:


H

Yes















CVE-2019-0574

Windows 10 Version

1809 for 32-bit

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for x64-based

Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows 10 Version

1809 for ARM64-

based Systems

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2019

4480116

Security

Update


Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:


H

Yes

Windows Server

2019 (Server Core

installation)

4480116

Security Important

Elevation of

Privilege 4483235

Base: 7.8

Temporal: 7.8

Vector:

Yes
















CVE-2019-0574

Update


H

Windows 10 Version

1709 for ARM64-

based Systems

4480978

Security

Update


Privilege 4483232

Base: 7.8

Temporal: 7.8

Vector:


H

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0575

MITRE

NVD


Description:





Execution









Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0575

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0575

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0575

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0575

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0575

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0575

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0575

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0575

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0575

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0575

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0575

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0576

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0576

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0576

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0576

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0576

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0576

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0576

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0576

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0576

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0576

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0576

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0576

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0577

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0577

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0577

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0577

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0577

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0577

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0577

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0577

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0577

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0577

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0577

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0577

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0578

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0578

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0578

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0578

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0578

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0578

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0578

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0578

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0578

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0578

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0578

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0578

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0579

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0579

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0579

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0579

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0579

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0579

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0579

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0579

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0579

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0579

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0579

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0579

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0580

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0580

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0580

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0580

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0580

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0580

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0580

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0580

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0580

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0580

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0580

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0580

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0581

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0581

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0581

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0581

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0581

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0581

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0581

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0581

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0581

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0581

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0581

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0581

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0582

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0582

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0582

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0582

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0582

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0582

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0582

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0582

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0582

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0582

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0582

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0582

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0583

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0583

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0583

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0583

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0583

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0583

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0583

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0583

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0583

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0583

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0583

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0583

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes


Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0584

MITRE

NVD


Description:





Execution











Severity Rating

Vulnerability

Impact


file.



FAQ:

None

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0584

Product KB


Restart

Required

Windows 7

for 32-bit

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 7

for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1 (Server

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0584

Core

installation)

Windows

Server 2008

R2 for

Itanium-

Based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

R2 for x64-

based

Systems

Service Pack

1

4480960

Security

Only

4480970

Monthly

Rollup

Important

Remote

Code

Execution

4471318

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2 (Server

4480957

Security

Only

4480968

Monthly

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes



















CVE-2019-0584

Core

installation)

Rollup

Windows

Server 2012

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

(Server Core

installation)

4480972

Security

Only

4480975

Monthly

Rollup

Important

Remote

Code

Execution

4471330

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

8.1 for 32-bit

systems

4480964

Security

Only

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes





















CVE-2019-0584

Windows

8.1 for x64-

based

systems

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2

4480963

Monthly

Rollup

4480964

Security

Only

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

RT 8.1

4480963

Monthly

Rollup

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2012

R2 (Server

4480963

Monthly

Rollup

4480964

Important

Remote

Code

Execution

4471320

Base: 7.8

Temporal: 7

Vector:

Yes


















CVE-2019-0584

Core

installation)

Security

Only


C:C

Windows 10

for 32-bit

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

for x64-

based

Systems

4480962

Security

Update

Important

Remote

Code

Execution

4483228

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1607 for 32-

bit Systems

4480961

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes
















CVE-2019-0584

Windows 10

Version

1607 for

x64-based

Systems

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2016

(Server Core

installation)

4480961

Security

Update

Important

Remote

Code

Execution

4471321

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for 32-

bit Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1703 for

x64-based

Systems

4480973

Security

Update

Important

Remote

Code

Execution

4483229

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

4480978

Security Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:

Yes
















CVE-2019-0584

1709 for 32-

bit Systems

Update


C:C

Windows 10

Version

1709 for

x64-based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server,

version 1709

(Server Core

Installation)

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for 32-

bit Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

x64-based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes















CVE-2019-0584

Windows

Server,

version 1803

(Server Core

Installation)

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1803 for

ARM64-

based

Systems

4480966

Security

Update

Important

Remote

Code

Execution

4483234

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for 32-

bit Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1809 for

x64-based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0584

Windows 10

Version

1809 for

ARM64-

based

Systems

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2019

(Server Core

installation)

4480116

Security

Update

Important

Remote

Code

Execution

4483235

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows 10

Version

1709 for

ARM64-

based

Systems

4480978

Security

Update

Important

Remote

Code

Execution

4483232

Base: 7.8

Temporal: 7

Vector:


C:C

Yes














CVE-2019-0584

Windows

Server 2008

for Itanium-

Based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for 32-bit

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

Windows

Server 2008

for x64-

based

Systems

Service Pack

2

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes




















CVE-2019-0584

Windows

Server 2008

for x64-

based

Systems

Service Pack

2 (Server

Core

installation)

4480957

Security

Only

4480968

Monthly

Rollup

Important

Remote

Code

Execution

4471325

Base: 7.8

Temporal: 7

Vector:


C:C

Yes

CVE-2019-0585 - Microsoft Word Remote Code Execution Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0585

MITRE

NVD

CVE Title: Microsoft Word Remote Code Execution Vulnerability

Description:

A remote code execution vulnerability exists in Microsoft Word software when it fails to

properly handle objects in memory. An attacker who successfully exploited the vulnerability

could use a specially crafted file to perform actions in the security context of the current user.

For example, the file could then take actions on behalf of the logged-on user with the same

permissions as the current user.


Execution











Severity Rating

Vulnerability

Impact

To exploit the vulnerability, a user must open a specially crafted file with an affected version of

Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability

by sending the specially crafted file to the user and convincing the user to open the file. In

a web-based attack scenario, an attacker could host a website (or leverage a

compromised website that accepts or hosts user-provided content) that contains a specially

crafted file that is designed to exploit the vulnerability. However, an attacker would have

no way to force the user to visit the website. Instead, an attacker would have to convince the

user to click a link, typically by way of an enticement in an email or Instant Messenger message,

and then convince the user to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Word handles files

in memory.

FAQ:

I have Microsoft Word 2010 installed. Why am I not being offered the 4461617 update?

The 4461617 update only applies to systems running specific configurations of Microsoft Office

2010. Some configurations will not be offered the update.

Mitigations:

None

Workarounds:



Severity Rating

Vulnerability

Impact

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0585


Set

Restart

Required


editions)

4461625 Security

Update


Execution 4461526

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


editions)

4461625 Security

Update


Execution 4461526

Base: N/A

Temporal: Maybe






CVE-2019-0585

N/A

Vector: N/A

Microsoft Office 2010 Service Pack 2 (32-bit

editions)

4461617 Security

Update


Execution 4461524

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office 2010 Service Pack 2 (64-bit

editions)

4461617 Security

Update


Execution 4461524

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


editions)

4461594 Security

Update


Execution 4461485

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


editions)

4461594 Security

Update


Execution 4461485

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Word 2013 RT Service Pack 1

4461594 Security

Update


Execution 4461485

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe










CVE-2019-0585

Microsoft Office Web Apps Server 2010

Service Pack 2

4461620 Security

Update


Execution 2965312

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


Release Notes

Security Update


Execution 2965312

Base: N/A

Temporal:

N/A

Vector: N/A

No


4461543 Security

Update


Execution 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


4461543 Security

Update


Execution 4461504

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


4461598 Security

Update


Execution 4461541

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


Service Pack 1

4461589 Security

Update


Execution 4022234

Base: N/A

Temporal: Maybe







https://www.microsoft.com/downloads/details.aspx?familyid=6b6bf606-362b-45fb-b788-8427c59fc0ca

https://www.microsoft.com/downloads/details.aspx?familyid=6b6bf606-362b-45fb-b788-8427c59fc0ca



https://www.microsoft.com/downloads/details.aspx?familyid=d16bb897-066a-493a-b7c8-c15c4f8ccf02

https://www.microsoft.com/downloads/details.aspx?familyid=d16bb897-066a-493a-b7c8-c15c4f8ccf02


CVE-2019-0585

N/A

Vector: N/A


Click to Run

Security Update


Execution 4022234

Base: N/A

Temporal:

N/A

Vector: N/A

No


Click to Run

Security Update


Execution 4022234

Base: N/A

Temporal:

N/A

Vector: N/A

No


Release Notes

Security Update


Execution 4022234

Base: N/A

Temporal:

N/A

Vector: N/A

No


Click to Run

Security Update


Execution 4022234

Base: N/A

Temporal:

N/A

Vector: N/A

No


Click to Run

Security Update


Execution 4022234

Base: N/A

Temporal:

N/A

Vector: N/A

No




CVE-2019-0585


4461634 Security

Update


Execution 4461548

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office Word Viewer

4461635 Security

Update


Execution 4092434

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Office Online Server

4461633 Security

Update


Execution 4011027

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Word Automation Services on Microsoft

SharePoint Server 2010 Service Pack 2

4461612 Security

Update


Execution 4461520

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe



https://www.microsoft.com/downloads/details.aspx?familyid=fcf98221-3109-4d3d-96e9-3b1304e473ec

https://www.microsoft.com/downloads/details.aspx?familyid=fcf98221-3109-4d3d-96e9-3b1304e473ec

https://www.microsoft.com/downloads/details.aspx?familyid=3665d6c6-667d-4e3b-bed3-d6100c330931

https://www.microsoft.com/downloads/details.aspx?familyid=3665d6c6-667d-4e3b-bed3-d6100c330931




CVE-2019-0586 - Microsoft Exchange Memory Corruption Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0586

MITRE

NVD

CVE Title: Microsoft Exchange Memory Corruption Vulnerability

Description:

A remote code execution vulnerability exists in Microsoft Exchange software when the software

fails to properly handle objects in memory. An attacker who successfully exploited the

vulnerability could run arbitrary code in the context of the System user. An attacker could then

install programs; view, change, or delete data; or create new accounts.

Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable

Exchange server.

The security update addresses the vulnerability by correcting how Microsoft Exchange handles

objects in memory.

FAQ:

None

Mitigations:

None

Workarounds:

None


Execution





Severity Rating

Vulnerability

Impact

Revision:

1.0 01/08/2019 08:00:00


Affected Software


CVE-2019-0586


Set

Restart

Required

Microsoft Exchange Server 2016

Cumulative Update 10

4471389 Security

Update


Execution 4468741

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


4471389 Security

Update


Execution 4468741

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=ec2cdba1-1ea5-4c9a-81fc-453f50f739dd


https://www.microsoft.com/downloads/details.aspx?familyid=66370ba9-e5f6-4d38-9264-0e65bb1f1e76



CVE-2019-0586



4471389 Security

Update


Execution 4468741

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

CVE-2019-0588 - Microsoft Exchange Information Disclosure

Vulnerability


Severity Rating

Vulnerability

Impact

CVE-

2019-

0588

MITRE

NVD

CVE Title: Microsoft Exchange Information Disclosure Vulnerability

Description:

An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API

grants calendar contributors more view permissions than intended. To exploit this vulnerability,

an attacker would need to be granted contributor access to an Exchange Calendar by an

administrator via PowerShell. The attacker would then be able to view additional details about

the calendar that would normally be hidden.

The security update addresses the vulnerability by modifying how the Exchange PowerShell API

grants permissions to contributors.


losure

https://www.microsoft.com/downloads/details.aspx?familyid=68f7ef1c-e0a5-4628-91ee-2fd963287807






Severity Rating

Vulnerability

Impact

FAQ:



vulnerability is miscellaneous details from calendar entries such as the subject of a

meeting, which would otherwise not be disclosed.

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0588


Set

Restart

Required



4471389 Security

Update


sure 4459266

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe



4471389 Security

Update


sure 4468741

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe


4471389 Security

Update


sure 4468741

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe



4471389 Security

Update


sure 4468741

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

Microsoft Exchange Server 2010 Service

Pack 3 Update Rollup 25

4468742 Security

Update


sure 4458321

Base: N/A

Temporal:

N/A

Vector: N/A

Maybe

https://www.microsoft.com/downloads/details.aspx?familyid=ccf6c5e6-e26b-4ed8-a868-4cf45162f566

https://www.microsoft.com/downloads/details.aspx?familyid=ccf6c5e6-e26b-4ed8-a868-4cf45162f566







https://www.microsoft.com/downloads/details.aspx?familyid=5d92eec0-5607-4ec0-9222-b79129a95c16

https://www.microsoft.com/downloads/details.aspx?familyid=5d92eec0-5607-4ec0-9222-b79129a95c16


CVE-2019-0622 - Skype for Android Elevation of Privilege Vulnerability

CVE ID Vulnerability Description Maximum Severity

Rating

Vulnerability

Impact

CVE-2019-

0622

MITRE

NVD

CVE Title: Skype for Android Elevation of Privilege Vulnerability

Description:

An elevation of privilege vulnerability exists when Skype for Andriod fails to properly

handle specific authentication requests.

An attacker who successfully exploited this vulnerability could bypass Android's

lockscreen and access a victim's personal information.

To exploit the vulnerability, an attacker would need have physical access to the phone.

The security update addresses the vulnerability by correcting how Skype for Android

handles authentication requests.

FAQ:

How do I get the update for Skype for Android?

1. Tap the Google Play icon on your home screen.

2. Swipe in from the left edge of the screen.

3. Tap My apps & games.

Moderate Elevation of

Privilege




CVE ID Vulnerability Description Maximum Severity

Rating

Vulnerability

Impact

4. Tap the Update box next to the Skype app.

Does the vulnerability exist in Skype for Business or the consumer version of

Skype?

This vulnerability only affects the consumer version of Skype.

Mitigations:

None

Workarounds:

None

Revision:

1.0 01/08/2019 08:00:00


Affected Software



CVE-2019-0622

Product KB

Article Severity Impact Supersedence

CVSS Score

Set

Restart

Required

Skype 8.35 when installed on

Android Devices Moderate

Elevation of

Privilege

Base: N/A

Temporal: N/A

Vector: N/A

Statement

==========

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS

and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory.

NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring

this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission

from NSFOCUS.

About NSFOCUS

============

NSFOCUS IB is a wholly owned subsidiary of NSFOCUS, an enterprise application and network security provider, with operations in the

Americas, Europe, the Middle East, Southeast Asia and Japan. NSFOCUS IB has a proven track record of combatting the increasingly complex

cyber threat landscape through the construction and implementation of multi-layered defense systems. The company's Intelligent Hybrid Security


strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide unified,

multi-layer protection from advanced cyber threats.

For more information about NSFOCUS, please visit:

https://www.nsfocusglobal.com.

NSFOCUS, NSFOCUS IB, and NSFOCUS, INC. are trademarks or registered trademarks of NSFOCUS, Inc. All other names and trademarks

are property of their respective firms.

QR code of NSFOCUS at Sina Weibo QR code of NSFOCUS at WeChat

overview - nsfocus · overview microsoft released the january 2019 security patch on tuesday that...

Documents