Microsoft Patch Tuesday – June 19
The months are rolling round fast meaning its update time again. The June Patch Tuesday security updates include a total of 88 vulnerabilities. 17 updates have been rated Critical, 65 Important, 4 vulns have been publicly disclosed, but none have been detected as already exploited in the wild.
MS products covered by these updates are Windows Operating Systems, Hyper-V, Azure, Microsoft Edge and Internet Explorer Browsers, Office, ChakraCore scripting engine, Skype for Business, and MS Exchange Server.
CVE-2019-0620, CVE-2019-0709 & CVE-2019-0722 focus on a critical remote code execution vulnerabilities in Microsoft’s virtual machine hypervisor, Hyper-V, that is available in its windows operating systems. A malicious application can be used on a virtual machine (guest OS) to trigger the exploit and cause code execution on the physical host OS that the guest is running on. This is due to a failure in the input validation of authenticated users on the guest virtual machine.
A memory handling vuln exists in ActiveX Data Objects (ADO) that can result in the execution of remote code, using the logged in user privileges. CVE-2019-0888 can be exploited by a malicious actor by convincing the user to access a crafted website.
Eight of the remaining critical vulns belong to the Chakra core scripting engines in Microsoft Edge and Internet Explorer browsers. Each relate to handling issues for objects in memory, that if exploited allow the same privileges as the current user. If the current user has admin rights, an attacker launching the exploit could gain complete control of the target system.
An Important spoofing vuln has been identified in the Azure DevOps server. CVE-2019-0996 results in cross site request forgery, via improper handling of application authorisation requests. An attacker can use a crafted page that convinces the user to click a malicious link and exploit this vuln. OAuth authorisation can then be bypassed to register applications in Azure DevOps.
Please review this month’s updates and get patching as soon as you can!
Keeping up to date with security patches for your operating systems and software, is a critical part of delivering and maintaining a strong security posture, please ensure you test and update as quickly as possible to reduce risk, prevent exploitation and to ultimately stay secure.
On a final note if you somehow missed out patching the May 2019 updates, please do get patching straight away, as it is vital everyone is protected against the CVE-2019-0708 critical RDP vuln, that could be the next WannaCry.
For a full list of this month’s updates please see the links below:
Patch Tuesday release notes: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/253dc509-9a5b-e911-a98e-000d3a33c573
Security update guide: https://portal.msrc.microsoft.com/en-us/security-guidance
Ironshare – Security Simplified