Microsoft 13 sierpnia 2019 roku wydał nowy pakiet aktualizacji bezpieczeństwa w ramach comiesięcznego Patch Tuesday. Wydano łącznie 93 poprawki bezpieczeństwa, w tym 29 poprawek oznaczonych jako krytyczne.

Aktualizacje naprawiają luki m.in. w:

  • .NET Framework
  • Azure
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Scripting Engine
  • Microsoft Windows
  • Visual Studio
  • Windows Kernel
  • Windows Media

Poniżej przedstawiamy szczegółowe zestawienie aktualizacji:

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1131 No No Critical 4.2 3.8
CVE-2019-1139 No No Critical 4.2 3.8
CVE-2019-1140 No No Critical 4.2 3.8
CVE-2019-1141 No No Critical 4.2 3.8
CVE-2019-1195 No No Critical 4.2 3.8
CVE-2019-1196 No No Critical 4.2 3.8
CVE-2019-1197 No No Critical 4.2 3.8
DirectX Elevation of Privilege Vulnerability
CVE-2019-1176 No No Less Likely Less Likely Important 7.0 6.3
Dynamics On-Premise Elevation of Privilege Vulnerability
CVE-2019-1229 No No Less Likely Less Likely Important
Encryption Key Negotiation of Bluetooth Vulnerability
CVE-2019-9506 No No Less Likely Less Likely Important 9.3 8.1
Git for Visual Studio Elevation of Privilege Vulnerability
CVE-2019-1211 No No Less Likely Less Likely Important
HTTP/2 Server Denial of Service Vulnerability
CVE-2019-9511 No No Less Likely Less Likely Important 7.5 6.7
CVE-2019-9512 No No Less Likely Less Likely Important 7.5 6.7
CVE-2019-9513 No No Less Likely Less Likely Important 7.5 6.7
CVE-2019-9514 No No Less Likely Less Likely Important 7.5 6.7
CVE-2019-9518 No No Less Likely Less Likely Important 7.5 6.7
Hyper-V Remote Code Execution Vulnerability
CVE-2019-0720 No No Less Likely Less Likely Critical 8.0 7.2
Jet Database Engine Remote Code Execution Vulnerability
CVE-2019-1146 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1147 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1155 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1156 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1157 No No Less Likely Less Likely Important 7.8 7.0
LNK Remote Code Execution Vulnerability
CVE-2019-1188 No No Less Likely Less Likely Critical 7.5 6.7
MS XML Remote Code Execution Vulnerability
CVE-2019-1057 No No Less Likely Less Likely Important 6.4 5.8
Microsoft Browser Memory Corruption Vulnerability
CVE-2019-1193 No No Less Likely Less Likely Important 6.4 5.8
Microsoft Browsers Security Feature Bypass Vulnerability
CVE-2019-1192 No No More Likely More Likely Important 2.4 2.2
Microsoft Defender Elevation of Privilege Vulnerability
CVE-2019-1161 No No Less Likely Less Likely Important
Microsoft Edge Information Disclosure Vulnerability
CVE-2019-1030 No No Important 4.3 3.9
Microsoft Graphics Component Information Disclosure Vulnerability
CVE-2019-1078 No No More Likely More Likely Important 5.5 5.0
CVE-2019-1148 No No Less Likely Less Likely Important 5.5 5.0
CVE-2019-1153 No No Less Likely Less Likely Important 5.5 5.0
Microsoft Graphics Remote Code Execution Vulnerability
CVE-2019-1144 No No Less Likely Less Likely Critical 8.8 7.9
CVE-2019-1145 No No Less Likely Less Likely Critical 8.8 7.9
CVE-2019-1149 No No Less Likely Less Likely Critical 8.8 7.9
CVE-2019-1150 No No Less Likely Less Likely Critical 8.8 7.9
CVE-2019-1151 No No Less Likely Less Likely Critical 8.8 7.9
CVE-2019-1152 No No Less Likely Less Likely Critical 8.8 7.9
Microsoft Guidance for Enabling LDAP Channel Binding and LDAP Signing
ADV190023 Yes No
Microsoft Live Accounts Elevation of Privilege Vulnerability
ADV190014 No No Important
Microsoft Office SharePoint XSS Vulnerability
CVE-2019-1203 No No Less Likely Less Likely Important
Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2019-1204 No No More Likely More Likely Important
Microsoft Outlook Memory Corruption Vulnerability
CVE-2019-1199 No No More Likely More Likely Critical
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2019-1200 No No Less Likely Less Likely Critical
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2019-1202 No No Less Likely Less Likely Important
Microsoft Windows Elevation of Privilege Vulnerability
CVE-2019-1198 No No Less Likely Less Likely Important 6.5 5.9
Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability
CVE-2019-1168 No No Less Likely Less Likely Important 7.8 7.0
Microsoft Word Remote Code Execution Vulnerability
CVE-2019-1201 No No More Likely More Likely Critical
CVE-2019-1205 No No Less Likely Less Likely Critical
Outlook iOS Spoofing Vulnerability
CVE-2019-1218 No No Important
Remote Desktop Protocol Server Information Disclosure Vulnerability
CVE-2019-1224 No No More Likely More Likely Important 7.5 6.7
CVE-2019-1225 No No More Likely More Likely Important 7.5 6.7
Remote Desktop ServicesRemote Code Execution Vulnerability
CVE-2019-1181 No No More Likely More Likely Critical 9.8 8.8
CVE-2019-1182 No No More Likely More Likely Critical 9.8 8.8
CVE-2019-1222 No No More Likely More Likely Critical 9.8 8.8
CVE-2019-1226 No No More Likely More Likely Critical 9.8 8.8
Scripting Engine Memory Corruption Vulnerability
CVE-2019-1133 No No Less Likely Less Likely Critical 6.4 5.8
CVE-2019-1194 No No Less Likely Less Likely Critical 6.4 5.8
SymCrypt Information Disclosure Vulnerability
CVE-2019-1171 No No Less Likely Less Likely Important 5.6 5.1
Win32k Elevation of Privilege Vulnerability
CVE-2019-1169 No No Important 7.8 7.0
Windows ALPC Elevation of Privilege Vulnerability
CVE-2019-1162 No No Less Likely Less Likely Important 7.8 7.2
Windows DHCP Client Remote Code Execution Vulnerability
CVE-2019-0736 No No Less Likely Less Likely Critical 9.8 8.8
Windows DHCP Server Denial of Service Vulnerability
CVE-2019-1206 No No Less Likely Less Likely Important 7.5 6.7
CVE-2019-1212 No No Less Likely Less Likely Important 9.8 8.8
Windows DHCP Server Remote Code Execution Vulnerability
CVE-2019-1213 No No Critical 9.8 8.8
Windows Denial of Service Vulnerability
CVE-2019-0716 No No Less Likely Less Likely Important 5.8 5.2
Windows Elevation of Privilege Vulnerability
CVE-2019-1173 No No More Likely More Likely Important 7.0 6.3
CVE-2019-1174 No No More Likely More Likely Important 7.0 6.3
CVE-2019-1175 No No More Likely More Likely Important 7.0 6.3
CVE-2019-1178 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1179 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1180 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1177 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1184 No No More Likely More Likely Important 6.7 6.0
CVE-2019-1186 No No Less Likely Less Likely Important 7.0 6.3
Windows File Signature Security Feature Bypass Vulnerability
CVE-2019-1163 No No Less Likely Less Likely Important 5.5 5.0
Windows Graphics Component Information Disclosure Vulnerability
CVE-2019-1143 No No Less Likely Less Likely Important 5.5 5.0
CVE-2019-1154 No No Important 5.5 5.0
CVE-2019-1158 No No Less Likely Less Likely Important 5.5 5.0
Windows Hyper-V Denial of Service Vulnerability
CVE-2019-0714 No No Less Likely Less Likely Important 5.8 5.2
CVE-2019-0715 No No Less Likely Less Likely Important 5.8 5.2
CVE-2019-0717 No No Less Likely Less Likely Important 5.8 5.2
CVE-2019-0718 No No Less Likely Less Likely Important 5.8 5.2
CVE-2019-0723 No No Less Likely Less Likely Important 5.8 5.2
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2019-0965 No No Less Likely Less Likely Critical 7.6 6.8
Windows Image Elevation of Privilege Vulnerability
CVE-2019-1190 No No Less Likely Less Likely Important 7.8 7.0
Windows Information Disclosure Vulnerability
CVE-2019-1172 No No Less Likely Less Likely Important 4.3 3.9
Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-1159 No No More Likely More Likely Important 7.8 7.0
CVE-2019-1164 No No More Likely More Likely Important 7.8 7.0
Windows Kernel Information Disclosure Vulnerability
CVE-2019-1227 No No Less Likely Less Likely Important 5.5 5.0
CVE-2019-1228 No No Important 5.5 5.0
Windows NTFS Elevation of Privilege Vulnerability
CVE-2019-1170 No No More Likely More Likely Important 7.9 7.1
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
CVE-2019-1223 No No More Likely More Likely Important 7.5 6.7
Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2019-1185 No No Important
Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2019-1183 No No Less Likely Less Likely Critical 7.5 6.7
XmlLite Runtime Denial of Service Vulnerability
CVE-2019-1187 No No Less Likely Less Likely Important 5.5 5.0