MICROSOFT'S LATEST Patch Tuesday bug fix bundle takes aim at its two actively-exploited zero-days and five publicly disclosed vulnerabilities.
In total, the July patches fix 77 vulnerabilities, of which 15 are rated as 'critical' in severity.
11 of the 15 critical flaws are for browsers and scripting engines, while the remaining four cover Azure DevOps Server/Team Foundation Server, GDI+, DHCP Server, and the .NET Framework. Microsoft also released one advisory and one servicing stack update with its July 2019 security updates.
The company has advised all Windows users to immediately install these security updates in order to protect their systems from security risks.
According to Microsoft, two actively-exploited vulnerabilities fixed in the latest updates could allow programs to run with higher privilege levels.
The first zero-day, titled 'CVE-2019-1132 - Win32k Elevation of Privilege Vulnerability' - is a privilege escalation vulnerability first spotted by Anton Cherepanov, a security researcher at ESET.
It exists in Wind32k and, if exploited, could enable an attacker to execute malicious code in kernel mode. It also allows attackers to install programs, delete/modify data, or generate new user accounts with full rights. The flaw affects Windows 7, Server 2008 and Server 2008 R2.
"To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system," warned Microsoft. "The update addresses this vulnerability by correcting how Win32k handles objects in memory."
The second zero-day, titled 'CVE-2019-0880 - Microsoft splwow64 Elevation of Privilege Vulnerability' is also a privilege escalation flaw existing in splwow64.exe.
If exploited, it could enable attackers to raise their privilege level from low to medium integrity, while also enabling them to exploit another vulnerability to run malicious code. This flaw affects Windows 8.1, Server 2012 and later operating systems.
The five publicly disclosed flaws addressed in the July 2019 Patch Tuesday update include a Windows Elevation of Privilege flaw (CVE-2019-1129), a SymCrypt Denial of Service flaw (CVE-2019-0865), a Docker Elevation of Privilege flaw (CVE-2018-15664), a Microsoft SQL Server Remote Code Execution flaw (CVE-2019-1068) and an Azure Automation Elevation of Privilege flaw (CVE-2019-0962). None of these vulnerabilities has yet been exploited in the wild.
According to Microsoft, Internet Explorer 11, Microsoft Edge and the ChakraCore Scripting Engine all have a memory corruption vulnerability (CVE-2019-1001) that could lead to remote code-execution. µ
Much a (dil)do about nothing
Neither the time nor the face
The tiny tweaks are coming thick and fast now
Gitting more secure