It’s that time of the month where Microsoft runs a broom through its services to clean them of bugs. April’s Patch Tuesday yesterday solved 74 vulnerability across Microsoft solutions, including two Windows zero-day flaws that have already been exploited.

Microsoft explains the two vulnerabilities exposed the same vulnerability. Both zero-days allowed attackers to elevate privileges on Win32k, a major part of the running operation of the Windows OS.

The company lists the flaws as CVE-2019-0803 and CVE-2019-0859. Microsoft names the vulnerabilities as the same, even though they were both found independently by Kaspersky Lab and Alibaba Cloud Intelligence.

Advertisement

Win32k was found to be failing to handle memory properly. An attacker exploiting this flaw could run arbitrary code in the kernel and gain system rights. Once with privileges, a bad actor could make changes to data, delete content, create new accounts, or install other malicious programs.

It is worth noting to gain access the attacker would need physical access to log onto the system. Microsoft says the problem has been solved and Win32k now handles memory securely. However, the company says both vulnerabilities have had active exploits.

Elsewhere, Microsoft detailed other non-zero-day bugs affecting its services. Three issues were found in Office Access Connectivity (CVE-2019-0824, CVE-2019-0825, CVE-2019-0827). Each of these vulnerabilities would allow hackers to execute malicious code. These are interesting problems because the attacker could exploit them remotely.

Full Patch Tuesday Log

TagCVE IDCVE Title
Servicing Stack UpdatesADV990001Latest Servicing Stack Updates
Adobe Flash PlayerADV190011April 2019 Adobe Flash Security Update
.NET CoreCVE-2019-0815ASP.NET Core Denial of Service Vulnerability
CSRSSCVE-2019-0735Windows CSRSS Elevation of Privilege Vulnerability
Microsoft BrowsersCVE-2019-0764Microsoft Browsers Tampering Vulnerability
Microsoft EdgeCVE-2019-0833Microsoft Edge Information Disclosure Vulnerability
Microsoft Exchange ServerCVE-2019-0817Microsoft Exchange Spoofing Vulnerability
Microsoft Exchange ServerCVE-2019-0858Microsoft Exchange Spoofing Vulnerability
Microsoft Graphics ComponentCVE-2019-0803Win32k Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2019-0802Windows GDI Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2019-0849Windows GDI Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2019-0853GDI+ Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0851Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0879Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0877Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0847Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-0846Jet Database Engine Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0826Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0801Office Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0823Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0828Microsoft Excel Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0822Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0827Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0824Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-0825Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office SharePointCVE-2019-0831Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2019-0830Microsoft Office SharePoint XSS Vulnerability
Microsoft Scripting EngineCVE-2019-0752Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0861Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0862Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0860Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0835Microsoft Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting EngineCVE-2019-0753Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0806Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0739Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0810Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0812Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-0829Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft WindowsCVE-2019-0840Windows Kernel Information Disclosure Vulnerability
Microsoft WindowsCVE-2019-0838Windows Information Disclosure Vulnerability
Microsoft WindowsCVE-2019-0796Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0839Windows Information Disclosure Vulnerability
Microsoft WindowsCVE-2019-0836Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0837DirectX Information Disclosure Vulnerability
Microsoft WindowsCVE-2019-0794OLE Automation Remote Code Execution Vulnerability
Microsoft WindowsCVE-2019-0814Win32k Information Disclosure Vulnerability
Microsoft WindowsCVE-2019-0805Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0848Win32k Information Disclosure Vulnerability
Microsoft WindowsCVE-2019-0730Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0688Windows TCP/IP Information Disclosure Vulnerability
Microsoft WindowsCVE-2019-0845Windows IOleCvt Interface Remote Code Execution Vulnerability
Microsoft WindowsCVE-2019-0685Win32k Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0842Windows VBScript Engine Remote Code Execution Vulnerability
Microsoft WindowsCVE-2019-0841Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0731Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-0732Windows Security Feature Bypass Vulnerability
Microsoft XMLCVE-2019-0793MS XML Remote Code Execution Vulnerability
Microsoft XMLCVE-2019-0791MS XML Remote Code Execution Vulnerability
Microsoft XMLCVE-2019-0790MS XML Remote Code Execution Vulnerability
Microsoft XMLCVE-2019-0792MS XML Remote Code Execution Vulnerability
Microsoft XMLCVE-2019-0795MS XML Remote Code Execution Vulnerability
Open Source SoftwareCVE-2019-0876Open Enclave SDK Information Disclosure Vulnerability
Team Foundation ServerCVE-2019-0870Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation ServerCVE-2019-0869Team Foundation Server HTML Injection Vulnerability
Team Foundation ServerCVE-2019-0868Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation ServerCVE-2019-0874Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation ServerCVE-2019-0871Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation ServerCVE-2019-0875Azure DevOps Server Elevation of Privilege Vulnerability
Team Foundation ServerCVE-2019-0867Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation ServerCVE-2019-0857Team Foundation Server Spoofing Vulnerability
Team Foundation ServerCVE-2019-0866Team Foundation Server Cross-site Scripting Vulnerability
Windows Admin CenterCVE-2019-0813Windows Admin Center Elevation of Privilege Vulnerability
Windows KernelCVE-2019-0856Windows Remote Code Execution Vulnerability
Windows KernelCVE-2019-0859Win32k Elevation of Privilege Vulnerability
Windows KernelCVE-2019-0844Windows Kernel Information Disclosure Vulnerability
Windows SMB ServerCVE-2019-0786SMB Server Elevation of Privilege Vulnerability
Advertisement