Microsoft Security Bulletin Coverage for January 2019

By

SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of January 2019. A list of issues reported, along with SonicWall coverage information are as follows:

CVE-2019-0536 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0537 Microsoft Visual Studio Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0538 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0539 Chakra Scripting Engine Memory Corruption Vulnerability
IPS 13979 : Chakra Scripting Engine Memory Corruption Vulnerability (JAN 19) 3
CVE-2019-0541 Internet Explorer Remote Code Execution Vulnerability
IPS 13980 : Internet Explorer Remote Code Execution Vulnerability (JAN 19) 1
CVE-2019-0543 Microsoft Windows Elevation of Privilege Vulnerability
ASPY 5363 : Malformed-File exe.MP.49
CVE-2019-0545 .NET Framework Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0546 Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0547 Windows DHCP Client Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0548 ASP.NET Core Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-0549 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0550 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0551 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0552 Windows COM Elevation of Privilege Vulnerability
ASPY 5364 : Malformed-File exe.MP.50
CVE-2019-0553 Windows Subsystem for Linux Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0554 Windows Kernel Information Disclosure Vulnerability
ASPY 5365 : Malformed-File exe.MP.54
CVE-2019-0555 Microsoft XmlDocument Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0556 Microsoft Office SharePoint XSS Vulnerability
There are no known exploits in the wild.
CVE-2019-0557 Microsoft Office SharePoint XSS Vulnerability
There are no known exploits in the wild.
CVE-2019-0558 Microsoft Office SharePoint XSS Vulnerability
There are no known exploits in the wild.
CVE-2019-0559 Microsoft Outlook Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0560 Microsoft Office Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0561 Microsoft Word Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0562 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0564 ASP.NET Core Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-0565 Microsoft Edge Memory Corruption Vulnerability
IPS 13976 : Microsoft Edge Memory Corruption Vulnerability (JAN 19) 1
CVE-2019-0566 Microsoft Edge Elevation of Privilege Vulnerability
ASPY 5362 : Malformed-File exe.MP.48
CVE-2019-0567 Chakra Scripting Engine Memory Corruption Vulnerability
IPS 13977 : Chakra Scripting Engine Memory Corruption Vulnerability (JAN 19) 1
CVE-2019-0568 Chakra Scripting Engine Memory Corruption Vulnerability
IPS 13978 :Chakra Scripting Engine Memory Corruption Vulnerability (JAN 19) 2
CVE-2019-0569 Windows Kernel Information Disclosure Vulnerability
ASPY 5358 :Malformed-File exe.MP.47
CVE-2019-0570 Windows Runtime Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0571 Windows Data Sharing Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0572 Windows Data Sharing Service Elevation of Privilege Vulnerability
ASPY 5359 :Malformed-File exe.MP.51
CVE-2019-0573 Windows Data Sharing Service Elevation of Privilege Vulnerability
ASPY 5360 : Malformed-File exe.MP.52
CVE-2019-0574 Windows Data Sharing Service Elevation of Privilege Vulnerability
ASPY 5361 :Malformed-File exe.MP.53
CVE-2019-0575 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0576 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0577 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0578 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0579 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0580 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0581 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0582 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0583 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0584 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0585 Microsoft Word Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0586 Microsoft Exchange Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-0588 Microsoft Exchange Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0622 Skype for Android Elevation of Privilege Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.