Posts

Microsoft Security Bulletin Coverage for November 2019

SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of November 2019. A list of issues reported, along with SonicWall coverage information are as follows:

CVE-2018-12207 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0712 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-0719 Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0721 Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-11135 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1234 Azure Stack Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2019-1309 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-1310 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-1324 Windows TCP/IP Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1370 Open Enclave SDK Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1373 Microsoft Exchange Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1374 Windows Error Reporting Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1379 Windows Data Sharing Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1380 Microsoft splwow64 Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1381 Microsoft Windows Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1382 Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1383 Windows Data Sharing Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1384 Microsoft Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-1385 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1388 Windows Certificate Dialog Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1389 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1390 VBScript Remote Code Execution Vulnerability
IPS 14574:VBScript Remote Code Execution Vulnerability (NOV 19) 1
CVE-2019-1391 Windows Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-1392 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1393 Win32k Elevation of Privilege Vulnerability
ASPY 5844:Malformed-File exe.MP.113
CVE-2019-1394 Win32k Elevation of Privilege Vulnerability
ASPY 5844:Malformed-File exe.MP.113
CVE-2019-1395 Win32k Elevation of Privilege Vulnerability
ASPY 5844:Malformed-File exe.MP.113
CVE-2019-1396 Win32k Elevation of Privilege Vulnerability
ASPY 5844:Malformed-File exe.MP.113
CVE-2019-1397 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1398 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1399 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-1402 Microsoft Office Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1405 Windows UPnP Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1406 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1407 Windows Graphics Component Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1408 Win32k Elevation of Privilege Vulnerability
ASPY 5844:Malformed-File exe.MP.113
CVE-2019-1409 Windows Remote Procedure Call Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1411 DirectWrite Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1412 OpenType Font Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1413 Microsoft Edge Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-1415 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1416 Windows Subsystem for Linux Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1417 Windows Data Sharing Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1418 Windows Modules Installer Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1419 OpenType Font Parsing Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1420 Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1422 Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1423 Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1424 NetLogon Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-1425 Visual Studio Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1426 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-1427 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-1428 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-1429 Scripting Engine Memory Corruption Vulnerability
ASPY 5843:Malformed-File html.MP.82
CVE-2019-1430 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1432 DirectWrite Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1433 Windows Graphics Component Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1434 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-1435 Windows Graphics Component Elevation of Privilege Vulnerability
ASPY 5839:Malformed-File exe.MP.109
CVE-2019-1436 Win32k Information Disclosure Vulnerability
ASPY 5840:Malformed-File exe.MP.110
CVE-2019-1437 Windows Graphics Component Elevation of Privilege Vulnerability
ASPY 5841:Malformed-File exe.MP.111
CVE-2019-1438 Windows Graphics Component Elevation of Privilege Vulnerability
ASPY 5842:Malformed-File exe.MP.112
CVE-2019-1439 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1440 Win32k Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1441 Win32k Graphics Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1442 Microsoft Office Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-1443 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1445 Microsoft Office Online Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2019-1446 Microsoft Excel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-1447 Microsoft Office Online Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2019-1448 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1449 Microsoft Office ClickToRun Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-1456 OpenType Font Parsing Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-1457 Microsoft Office Excel Security Feature Bypass
There are no known exploits in the wild.