Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0077 Microsoft Windows Security Update 13 March 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft Windows Operating System: Windows 10 Windows 7 Windows 8.1 Windows Server 2008 Windows Server 2012 Windows Server 2016 Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Administrator Compromise -- Existing Account Denial of Service -- Existing Account Access Confidential Data -- Remote with User Interaction Reduced Security -- Console/Physical Resolution: Patch/Upgrade CVE Names: CVE-2019-0821 CVE-2019-0808 CVE-2019-0797 CVE-2019-0784 CVE-2019-0782 CVE-2019-0776 CVE-2019-0775 CVE-2019-0774 CVE-2019-0772 CVE-2019-0767 CVE-2019-0766 CVE-2019-0765 CVE-2019-0759 CVE-2019-0756 CVE-2019-0755 CVE-2019-0754 CVE-2019-0726 CVE-2019-0704 CVE-2019-0703 CVE-2019-0702 CVE-2019-0701 CVE-2019-0698 CVE-2019-0697 CVE-2019-0696 CVE-2019-0695 CVE-2019-0694 CVE-2019-0693 CVE-2019-0692 CVE-2019-0690 CVE-2019-0689 CVE-2019-0683 CVE-2019-0682 CVE-2019-0664 CVE-2019-0663 CVE-2019-0662 CVE-2019-0661 CVE-2019-0660 CVE-2019-0659 CVE-2019-0656 CVE-2019-0637 CVE-2019-0636 CVE-2019-0635 CVE-2019-0633 CVE-2019-0632 CVE-2019-0631 CVE-2019-0630 CVE-2019-0628 CVE-2019-0627 CVE-2019-0626 CVE-2019-0625 CVE-2019-0623 CVE-2019-0621 CVE-2019-0619 CVE-2019-0618 CVE-2019-0617 CVE-2019-0616 CVE-2019-0615 CVE-2019-0614 CVE-2019-0603 CVE-2019-0602 CVE-2019-0601 CVE-2019-0600 CVE-2019-0599 CVE-2019-0598 CVE-2019-0597 CVE-2019-0596 CVE-2019-0595 Member content until: Friday, April 12 2019 Reference: ASB-2019.0054 ASB-2019.0051 ASB-2019.0049 OVERVIEW Microsoft has released its monthly security patch update for the month of March 2019. This update resolves 70 vulnerabilities across the following products: [1] Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity ADV190005 Defense in Depth None ADV190006 None None ADV190009 Defense in Depth None CVE-2019-0595 Remote Code Execution Important CVE-2019-0596 Remote Code Execution Important CVE-2019-0597 Remote Code Execution Important CVE-2019-0598 Remote Code Execution Important CVE-2019-0599 Remote Code Execution Important CVE-2019-0600 Information Disclosure Important CVE-2019-0601 Information Disclosure Important CVE-2019-0602 Information Disclosure Important CVE-2019-0603 Remote Code Execution Critical CVE-2019-0614 Information Disclosure Important CVE-2019-0615 Information Disclosure Important CVE-2019-0616 Information Disclosure Important CVE-2019-0617 Remote Code Execution Important CVE-2019-0618 Remote Code Execution Critical CVE-2019-0619 Information Disclosure Important CVE-2019-0621 Information Disclosure Important CVE-2019-0623 Elevation of Privilege Important CVE-2019-0625 Remote Code Execution Important CVE-2019-0626 Remote Code Execution Critical CVE-2019-0627 Security Feature Bypass Important CVE-2019-0628 Information Disclosure Important CVE-2019-0630 Remote Code Execution Important CVE-2019-0631 Security Feature Bypass Important CVE-2019-0632 Security Feature Bypass Important CVE-2019-0633 Remote Code Execution Important CVE-2019-0635 Information Disclosure Important CVE-2019-0636 Information Disclosure Important CVE-2019-0637 Security Feature Bypass Important CVE-2019-0656 Elevation of Privilege Important CVE-2019-0659 Elevation of Privilege Important CVE-2019-0660 Information Disclosure Important CVE-2019-0661 Information Disclosure Important CVE-2019-0662 Remote Code Execution Critical CVE-2019-0663 Information Disclosure Important CVE-2019-0664 Information Disclosure Important CVE-2019-0682 Elevation of Privilege Important CVE-2019-0683 Elevation of Privilege Important CVE-2019-0689 Elevation of Privilege Important CVE-2019-0690 Denial of Service Important CVE-2019-0692 Elevation of Privilege Important CVE-2019-0693 Elevation of Privilege Important CVE-2019-0694 Elevation of Privilege Important CVE-2019-0695 Denial of Service Important CVE-2019-0696 Elevation of Privilege Important CVE-2019-0697 Remote Code Execution Critical CVE-2019-0698 Remote Code Execution Critical CVE-2019-0701 Denial of Service Important CVE-2019-0702 Information Disclosure Important CVE-2019-0703 Information Disclosure Important CVE-2019-0704 Information Disclosure Important CVE-2019-0726 Remote Code Execution Critical CVE-2019-0754 Denial of Service Important CVE-2019-0755 Information Disclosure Important CVE-2019-0756 Remote Code Execution Critical CVE-2019-0759 Information Disclosure Important CVE-2019-0765 Remote Code Execution Important CVE-2019-0766 Elevation of Privilege Important CVE-2019-0767 Information Disclosure Important CVE-2019-0772 Remote Code Execution Important CVE-2019-0774 Information Disclosure Important CVE-2019-0775 Information Disclosure Important CVE-2019-0776 Information Disclosure Important CVE-2019-0782 Information Disclosure Important CVE-2019-0784 Remote Code Execution Critical CVE-2019-0797 Elevation of Privilege Important CVE-2019-0808 Elevation of Privilege Important CVE-2019-0821 Information Disclosure Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Cataloge for the following Knowledge Base articles. [1]. KB4486996, KB4486993, KB4487020, KB4487021, KB4489868 KB4487023, KB4487025, KB4487026, KB4487028, KB4487029 KB4487000, KB4487006, KB4487017, KB4489871, KB4486564 KB4486563, KB4489884, KB4489885, KB4489886, KB4489880 KB4489881, KB4489882, KB4489883, KB4487019, KB4489878 KB4474419, KB4489876, KB4487011, KB4489872, KB4487044 KB4489891, KB4489899, KB4487018 REFERENCES [1] Security Update Guide https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXIhWAWaOgq3Tt24GAQgV8RAAp6wkoOvQw5DGzV1Hqdp6NFvezjF2vf2K XvDKBEBbBySR1cdQZJ4EQARZJEWEaqLtIQ0p2fTFOHuq7y+++IR1tQhe8aTVnT96 13pnOlyiH9qBG1kk3Y/KcP3pAbG6WFoQgCyzptb/FAR/321QwRL2xFhVkGC16S5O DZu+pzzcSaTRYmZzmrpOmq6Nph8yKFn6NTnE1kNRZZXVN6dTmOOXLqLYj8pl3O4O 6eai9xOtPRp3VMk8I/WR09egQhTgXG2JdNKTNreFX9as5SPIgA6iaTvgBxFMb4Wu mEHQIJhV4QAFSpvfTciuEab3oVXGVyEObu05d8CL6fnqmPk60D6JKq7dGFABDlnO NuSTXyxgVoZSQbfs50EteR99IEpabzMIhHTBqAFSAEIt23gKOY2CYqqjrIABzeSX BEjWEUwGSFLnJ8jOJPjOBA+2zZ+q5U4ADbWlUguW14xbKdUPXLc8Wona7B9iKhyx YPaqbiup7EgyhXXbt8NWxIKVR2lwt7DRLdN/5OMdQov4XllLNEHLtpw9OulNClW7 jTVBoaQt3sA0TAlk5hhtsBkDsO9luwRjNdC+OBdyPNTKVeBJVTRri4CEcx2IUQ7L 9Jp6uBnHu337zXMdvffErteN5gVrDR61pqeV4T5Sl3fEmkswAf/ENLEKEFw48lHo JBy2SpuaWaM= =/Dhe -----END PGP SIGNATURE-----