Microsoft Released Tuesday Security Patch July 2019

Microsoft Security Patch Day
Microsoft Security Patch Day

Microsoft Released July 2019 Tuesday Security Patch

Microsoft have Patched 77 security Vulnerabilities including 62 are important , 14 rated as critical and 1 rates as Moderate in Severity.

Microsoft Patches following software’s.

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Azure DevOps
  • Open Source Software
  • .NET Framework
  • Azure
  • SQL Server
  • Visual Studio
  • Microsoft Exchange Server

The following information regarding the security updates:

  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
    For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is only present in only the IE Cumulative package.

Following CVE’s numbers have patched

  • CVE-2019-1068 | Microsoft SQL Server Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions. An attacker who successfully exploited this vulnerability could execute code in the context of the SQL Server Database Engine service account.

To exploit the vulnerability, an authenticated attacker would need to submit a specially crafted query to an affected SQL server.

  • CVE-2019-1073 | Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.

A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.

An attacker who successfully exploited this vulnerability could read or write information in Office documents.

The security update addresses the vulnerability by correcting the way that Microsoft Office Javascript verifies trusted web pages.
The security update addresses the vulnerability by modifying how the Microsoft SQL Server Database Engine handles the processing of functions.

  • CVE-2019-1006 | WCF/WIF SAML Token Authentication Bypass Vulnerability

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. The vulnerability exists in WCF, WIF 3.5 and above in .NET Framework, WIF 1.0 component in Windows, WIF Nuget package, and WIF implementation in SharePoint.

An unauthenticated attacker can exploit this by signing a SAML token with any arbitrary symmetric key.

This security update addresses the issue by ensuring all versions of WCF and WIF validate the key used to sign SAML tokens correctly.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system.

An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.

In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website.

Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.

How to update Windows?

  • Open the Control Panel.
  • If you are using Small icons view, click on the Windows Update option.
  • If you are using the Category view, click on the System and Security option, then click on the Windows Update option.
  • Windows Update will check for any available updates for your computer.
  • Turn to automatic updates for future

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Leave a Reply
Previous Article
VPN No Log Policy

What is VPN Logging and How to Avoid It

Next Article
Threat Intelligence

Get The Most Out of Threat Intelligence With 4 Key Tips

Related Posts