Posts

Microsoft Security Bulletin Coverage for February 2019

SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of February 2019. A list of issues reported, along with SonicWall coverage information are as follows:

CVE-2019-0540 Microsoft Office Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0590 Scripting Engine Memory Corruption Vulnerability
IPS 14016:Scripting Engine Memory Corruption Vulnerability (FEB 19) 4
CVE-2019-0591 Scripting Engine Memory Corruption Vulnerability
IPS 14017:Scripting Engine Memory Corruption Vulnerability (FEB 19) 5
CVE-2019-0593 Scripting Engine Memory Corruption Vulnerability
IPS 13938:HTTP Client Shellcode Exploit 111
CVE-2019-0594 Microsoft SharePoint Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0595 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0596 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0597 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0598 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0599 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0600 HID Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0601 HID Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0602 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0604 Microsoft SharePoint Remote Code Execution Vulnerability
IPS 14201:Microsoft SharePoint Remote Code Execution 4
CVE-2019-0605 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-0606 Internet Explorer Memory Corruption Vulnerability
IPS 14018:Internet Explorer Memory Corruption Vulnerability (FEB 19) 1
CVE-2019-0607 Scripting Engine Memory Corruption Vulnerability
IPS 14019:Scripting Engine Memory Corruption Vulnerability (FEB 19) 6
CVE-2019-0610 Scripting Engine Memory Corruption Vulnerability
IPS 14020:Scripting Engine Memory Corruption Vulnerability (FEB 19) 7
CVE-2019-0613 .NET Framework and Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0615 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0616 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0618 GDI+ Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0619 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0621 Windows Kernel Information Disclosure Vulnerability
ASPY5385:Malformed-File exe.MP.56
CVE-2019-0623 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0625 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0626 Windows DHCP Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0627 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0628 Win32k Information Disclosure Vulnerability
ASPY5386:Malformed-File exe.MP.57
CVE-2019-0630 Windows SMB Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0631 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0632 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0633 Windows SMB Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0634 Microsoft Edge Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-0635 Windows Hyper-V Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0636 Windows Information Disclosure Vulnerability
ASPY5387:Malformed-File exe.MP.58
CVE-2019-0637 Windows Defender Firewall Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0640 Scripting Engine Memory Corruption Vulnerability
IPS 14023:Scripting Engine Memory Corruption Vulnerability (FEB 19) 8
CVE-2019-0641 Microsoft Edge Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0642 Scripting Engine Memory Corruption Vulnerability
IPS 14024:Scripting Engine Memory Corruption Vulnerability (FEB 19) 9
CVE-2019-0643 Microsoft Edge Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0644 Scripting Engine Memory Corruption Vulnerability
IPS 14025:Scripting Engine Memory Corruption Vulnerability (FEB 19) 10
CVE-2019-0645 Microsoft Edge Memory Corruption Vulnerability
IPS 14027:Microsoft Edge Memory Corruption Vulnerability (FEB 19) 1
CVE-2019-0648 Scripting Engine Information Disclosure Vulnerability
IPS 14026:Scripting Engine Memory Corruption Vulnerability (FEB 19) 11
CVE-2019-0649 Scripting Engine Elevation of Privileged Vulnerability
There are no known exploits in the wild.
CVE-2019-0650 Microsoft Edge Memory Corruption Vulnerability
IPS 14028:Microsoft Edge Memory Corruption Vulnerability (FEB 19) 2
CVE-2019-0651 Scripting Engine Memory Corruption Vulnerability
IPS 14012:Scripting Engine Memory Corruption Vulnerability (FEB 19) 1
CVE-2019-0652 Scripting Engine Memory Corruption Vulnerability
IPS 14013:Scripting Engine Memory Corruption Vulnerability (FEB 19) 2
CVE-2019-0654 Microsoft Browser Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2019-0655 Scripting Engine Memory Corruption Vulnerability
IPS 14014:Scripting Engine Memory Corruption Vulnerability (FEB 19) 3
CVE-2019-0656 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0657 .NET Framework and Visual Studio Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2019-0658 Scripting Engine Information Disclosure Vulnerability
IPS 14015:Scripting Engine Information Disclosure Vulnerability (FEB 19) 1
CVE-2019-0659 Windows Storage Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0660 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0661 Windows Kernel Information Disclosure Vulnerability
ASPY5383:Malformed-File exe.MP.55
CVE-2019-0662 GDI+ Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0664 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0668 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0669 Microsoft Excel Information Disclosure Vulnerability
ASPY5384:Malformed-File xls.MP.65
CVE-2019-0670 Microsoft SharePoint Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2019-0671 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0672 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0673 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0674 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0675 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0676 Internet Explorer Information Disclosure Vulnerability
IPS 14021:Internet Explorer Information Disclosure Vulnerability (FEB 19) 1
CVE-2019-0686 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0724 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0728 Visual Studio Code Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0729 Azure IoT Java SDK Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0741 Azure IoT Java SDK Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0742 Team Foundation Server Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2019-0743 Team Foundation Server Cross-site Scripting Vulnerability
There are no known exploits in the wild.

Adobe Coverage

CVE-2019-7089
ASPY 5381 : Malformed-File pdf.MP.326
CVE-2019-7090
ASPY 5382 : Malformed-File swf.MP.599