July 2019 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Denial of Service Vulnerability
%%cve:2019-1083%% No No Less Likely Less Likely Important    
.NET Framework Remote Code Execution Vulnerability
%%cve:2019-1113%% No No More Likely More Likely Critical    
ADFS Security Feature Bypass Vulnerability
%%cve:2019-0975%% No No Less Likely Less Likely Important 4.3 3.9
%%cve:2019-1126%% No No Less Likely Less Likely Important 5.3 4.8
ASP.NET Core Spoofing Vulnerability
%%cve:2019-1075%% No No Less Likely Less Likely Moderate    
Azure Automation Elevation of Privilege Vulnerability
%%cve:2019-0962%% Yes No Less Likely Less Likely Important    
Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability
%%cve:2019-1072%% No No Less Likely Less Likely Critical    
Chakra Scripting Engine Memory Corruption Vulnerability
%%cve:2019-1062%% No No Critical 4.2 3.8
%%cve:2019-1092%% No No Critical 4.2 3.8
%%cve:2019-1103%% No No Critical 4.2 3.8
%%cve:2019-1106%% No No Critical 4.2 3.8
%%cve:2019-1107%% No No Critical 4.2 3.8
DirectWrite Information Disclosure Vulnerability
%%cve:2019-1093%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2019-1097%% No No Less Likely Less Likely Important 5.5 5.0
DirectWrite Remote Code Execution Vulnerability
%%cve:2019-1117%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1118%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1119%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1120%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1121%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1122%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1123%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1124%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1127%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1128%% No No Less Likely Less Likely Important 7.8 7.0
DirectX Elevation of Privilege Vulnerability
%%cve:2019-0999%% No No Important 7.8 7.0
Docker Elevation of Privilege Vulnerability
%%cve:2018-15664%% Yes No Less Likely Less Likely Important    
GDI+ Remote Code Execution Vulnerability
%%cve:2019-1102%% No No Less Likely Less Likely Critical 8.4 7.6
Internet Explorer Memory Corruption Vulnerability
%%cve:2019-1063%% No No More Likely More Likely Critical 6.4 5.8
Latest Servicing Stack Updates
ADV990001 No No Critical    
Microsoft Browser Memory Corruption Vulnerability
%%cve:2019-1104%% No No More Likely More Likely Critical 6.4 5.8
Microsoft Excel Information Disclosure Vulnerability
%%cve:2019-1112%% No No More Likely More Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2019-1110%% No No Less Likely Less Likely Important    
%%cve:2019-1111%% No No Less Likely Less Likely Important    
Microsoft Exchange Information Disclosure Vulnerability
%%cve:2019-1084%% No No Less Likely Less Likely Important    
Microsoft Exchange Server Elevation of Privilege Vulnerability
%%cve:2019-1136%% No No Less Likely Less Likely Important    
Microsoft Exchange Server Spoofing Vulnerability
%%cve:2019-1137%% No No Less Likely Less Likely Important    
Microsoft Office SharePoint XSS Vulnerability
%%cve:2019-1134%% No No Less Likely Less Likely Important    
Microsoft Office Spoofing Vulnerability
%%cve:2019-1109%% No No Less Likely Less Likely Important    
Microsoft SQL Server Remote Code Execution Vulnerability
%%cve:2019-1068%% Yes No Less Likely Less Likely Important    
Microsoft Windows Elevation of Privilege Vulnerability
%%cve:2019-1074%% No No More Likely More Likely Important 5.3 5.3
%%cve:2019-1082%% No No Important 7.7 7.7
Microsoft splwow64 Elevation of Privilege Vulnerability
%%cve:2019-0880%% No Yes Detected More Likely Important 7.0 6.3
Microsoft unistore.dll Information Disclosure Vulnerability
%%cve:2019-1091%% No No Less Likely Less Likely Important 5.5 5.0
Outlook on the web Cross-Site Scripting Vulnerability
ADV190021 No No Important    
Remote Desktop Protocol Client Information Disclosure Vulnerability
%%cve:2019-1108%% No No More Likely More Likely Important 6.5 5.9
Remote Desktop Services Remote Code Execution Vulnerability
%%cve:2019-0887%% Yes No More Likely More Likely Important 8.0 7.2
Scripting Engine Memory Corruption Vulnerability
%%cve:2019-1056%% No No Critical 6.4 5.8
%%cve:2019-1059%% No No Less Likely Less Likely Critical 6.4 5.8
%%cve:2019-1001%% No No More Likely More Likely Critical 6.4 5.8
%%cve:2019-1004%% No No More Likely More Likely Critical 6.4 5.8
SymCrypt Denial of Service Vulnerability
%%cve:2019-0865%% Yes No Less Likely Less Likely Important 7.5 6.7
Team Foundation Server Cross-site Scripting Vulnerability
%%cve:2019-1076%% No No Less Likely Less Likely Important    
Visual Studio Elevation of Privilege Vulnerability
%%cve:2019-1077%% No No Less Likely Less Likely Important    
Visual Studio Information Disclosure Vulnerability
%%cve:2019-1079%% No No Less Likely Less Likely Important    
WCF/WIF SAML Token Authentication Bypass Vulnerability
%%cve:2019-1006%% No No Less Likely Less Likely Important    
Win32k Elevation of Privilege Vulnerability
%%cve:2019-1132%% No Yes Important 7.8 7.2
Win32k Information Disclosure Vulnerability
%%cve:2019-1096%% No No Less Likely Less Likely Important 5.5 5.0
Windows Audio Service Elevation of Privilege Vulnerability
%%cve:2019-1086%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1087%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1088%% No No Less Likely Less Likely Important 7.8 7.0
Windows DHCP Server Remote Code Execution Vulnerability
%%cve:2019-0785%% No No Less Likely Less Likely Critical 9.8 8.8
Windows DNS Server Denial of Service Vulnerability
%%cve:2019-0811%% No No Less Likely Less Likely Important 7.5 6.7
Windows Elevation of Privilege Vulnerability
%%cve:2019-1129%% Yes No More Likely More Likely Important 7.8 7.0
%%cve:2019-1130%% No No Less Likely Less Likely Important 7.8 7.0
Windows Error Reporting Elevation of Privilege Vulnerability
%%cve:2019-1037%% No No Less Likely Less Likely Important 7.0 6.3
Windows GDI Information Disclosure Vulnerability
%%cve:2019-1094%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2019-1095%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2019-1098%% No No Important 5.5 5.0
%%cve:2019-1099%% No No Important 5.5 5.0
%%cve:2019-1100%% No No Important 5.5 5.0
%%cve:2019-1101%% No No Important 5.5 5.0
%%cve:2019-1116%% No No Important 5.5 5.0
Windows Hyper-V Denial of Service Vulnerability
%%cve:2019-0966%% No No Less Likely Less Likely Important 6.8 6.1
Windows Kernel Elevation of Privilege Vulnerability
%%cve:2019-1067%% No No More Likely More Likely Important 7.8 7.0
Windows Kernel Information Disclosure Vulnerability
%%cve:2019-1071%% No No More Likely More Likely Important 5.5 5.0
%%cve:2019-1073%% No No More Likely More Likely Important 5.5 5.0
Windows RPCSS Elevation of Privilege Vulnerability
%%cve:2019-1089%% No No More Likely More Likely Important 7.8 7.0
Windows WLAN Service Elevation of Privilege Vulnerability
%%cve:2019-1085%% No No Less Likely Less Likely Important 7.8 7.0
Windows dnsrlvr.dll Elevation of Privilege Vulnerability
%%cve:2019-1090%% No No Less Likely Less Likely Important 7.8 7.0

 


John Bambenek
bambenek at gmail /dot/ com
ThreatSTOP

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.