ID CVE-2019-0658 Type cve Reporter cve@mitre.org Modified 2020-08-24T17:37:00
Description
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648.
{"symantec": [{"lastseen": "2019-02-13T00:23:15", "bulletinFamily": "software", "cvelist": ["CVE-2019-0658"], "description": "### Description\n\nMicrosoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * Microsoft ChakraCore \n * Microsoft Edge \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-02-12T00:00:00", "published": "2019-02-12T00:00:00", "id": "SMNTC-106882", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/106882", "type": "symantec", "title": "Microsoft Edge CVE-2019-0658 Information Disclosure Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}}], "mscve": [{"lastseen": "2020-08-07T11:48:27", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-0658"], "description": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user\u2019s system.\n\nIn a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site.\n\nThe security update addresses the vulnerability by changing how the scripting engine handles objects in memory.\n", "edition": 2, "modified": "2019-02-12T08:00:00", "id": "MS:CVE-2019-0658", "href": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658", "published": "2019-02-12T08:00:00", "title": "Scripting Engine Information Disclosure Vulnerability", "type": "mscve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "kaspersky": [{"lastseen": "2020-09-02T11:47:40", "bulletinFamily": "info", "cvelist": ["CVE-2019-0645", "CVE-2019-0640", "CVE-2019-0590", "CVE-2019-0642", "CVE-2019-0651", "CVE-2019-0606", "CVE-2019-0605", "CVE-2019-0654", "CVE-2019-0644", "CVE-2019-0634", "CVE-2019-0648", "CVE-2019-0643", "CVE-2019-0652", "CVE-2019-0610", "CVE-2019-0607", "CVE-2019-0655", "CVE-2019-0641", "CVE-2019-0650", "CVE-2019-0676", "CVE-2019-0658", "CVE-2019-0649", "CVE-2019-0591", "CVE-2019-0593"], "description": "### *Detect date*:\n02/12/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information, gain privileges, bypass security restrictions.\n\n### *Affected products*:\nMicrosoft Edge \nChakraCore \nInternet Explorer 10 \nInternet Explorer 11 \nInternet Explorer 9\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-0644](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644>) \n[CVE-2019-0654](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0654>) \n[CVE-2019-0640](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640>) \n[CVE-2019-0610](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610>) \n[CVE-2019-0605](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605>) \n[CVE-2019-0607](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607>) \n[CVE-2019-0655](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655>) \n[CVE-2019-0643](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0643>) \n[CVE-2019-0651](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651>) \n[CVE-2019-0648](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0648>) \n[CVE-2019-0650](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0650>) \n[CVE-2019-0649](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649>) \n[CVE-2019-0634](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634>) \n[CVE-2019-0641](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0641>) \n[CVE-2019-0652](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652>) \n[CVE-2019-0590](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590>) \n[CVE-2019-0606](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606>) \n[CVE-2019-0591](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591>) \n[CVE-2019-0658](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658>) \n[CVE-2019-0645](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0645>) \n[CVE-2019-0593](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593>) \n[CVE-2019-0642](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642>) \n[CVE-2019-0676](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2019-0607](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0607>)0.0Unknown \n[CVE-2019-0644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0644>)0.0Unknown \n[CVE-2019-0593](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0593>)0.0Unknown \n[CVE-2019-0642](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0642>)0.0Unknown \n[CVE-2019-0590](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0590>)0.0Unknown \n[CVE-2019-0651](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0651>)0.0Unknown \n[CVE-2019-0652](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0652>)0.0Unknown \n[CVE-2019-0655](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0655>)0.0Unknown \n[CVE-2019-0640](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0640>)0.0Unknown \n[CVE-2019-0605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0605>)0.0Unknown \n[CVE-2019-0658](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0658>)0.0Unknown \n[CVE-2019-0610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0610>)0.0Unknown \n[CVE-2019-0649](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0649>)0.0Unknown \n[CVE-2019-0591](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0591>)0.0Unknown \n[CVE-2019-0654](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0654>)4.3Warning \n[CVE-2019-0643](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0643>)4.3Warning \n[CVE-2019-0648](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0648>)4.3Warning \n[CVE-2019-0650](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0650>)4.2Warning \n[CVE-2019-0634](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0634>)4.2Warning \n[CVE-2019-0641](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0641>)4.3Warning \n[CVE-2019-0606](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0606>)7.5Critical \n[CVE-2019-0645](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0645>)4.2Warning \n[CVE-2019-0676](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0676>)4.3Warning\n\n### *KB list*:\n[4487020](<http://support.microsoft.com/kb/4487020>) \n[4487017](<http://support.microsoft.com/kb/4487017>) \n[4486996](<http://support.microsoft.com/kb/4486996>) \n[4487026](<http://support.microsoft.com/kb/4487026>) \n[4487025](<http://support.microsoft.com/kb/4487025>) \n[4487044](<http://support.microsoft.com/kb/4487044>) \n[4487018](<http://support.microsoft.com/kb/4487018>) \n[4487000](<http://support.microsoft.com/kb/4487000>) \n[4486563](<http://support.microsoft.com/kb/4486563>) \n[4486474](<http://support.microsoft.com/kb/4486474>)\n\n### *Microsoft official advisories*:", "edition": 7, "modified": "2020-05-22T00:00:00", "published": "2019-02-12T00:00:00", "id": "KLA11422", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11422", "title": "\r KLA11422Multiple vulnerabilities in Microsoft Browsers ", "type": "kaspersky", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-06-05T16:27:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-0618", "CVE-2019-0645", "CVE-2019-0628", "CVE-2019-0600", "CVE-2019-0640", "CVE-2019-0590", "CVE-2019-0595", "CVE-2019-0656", "CVE-2019-0660", "CVE-2019-0642", "CVE-2019-0597", "CVE-2019-0651", "CVE-2019-0657", "CVE-2019-0602", "CVE-2019-0606", "CVE-2019-0605", "CVE-2019-0654", "CVE-2019-0659", "CVE-2019-0644", "CVE-2019-0627", "CVE-2019-0616", "CVE-2019-0613", "CVE-2019-0634", "CVE-2019-0626", "CVE-2019-0619", "CVE-2019-0662", "CVE-2019-0598", "CVE-2019-0652", "CVE-2019-0631", "CVE-2019-0610", "CVE-2019-0596", "CVE-2019-0599", "CVE-2019-0625", "CVE-2019-0655", "CVE-2019-0632", "CVE-2019-0641", "CVE-2019-0621", "CVE-2019-0601", "CVE-2019-0630", "CVE-2019-0636", "CVE-2019-0676", "CVE-2019-0555", "CVE-2019-0615", "CVE-2019-0658", "CVE-2019-0633", "CVE-2019-0649", "CVE-2019-0623", "CVE-2019-0635", "CVE-2019-0591", "CVE-2019-0593"], "description": "This host is missing a critical security\n update according to Microsoft KB4487020", "modified": "2020-06-04T00:00:00", "published": "2019-02-13T00:00:00", "id": "OPENVAS:1361412562310814912", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814912", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4487020)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814912\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-0555\", \"CVE-2019-0590\", \"CVE-2019-0591\", \"CVE-2019-0593\",\n \"CVE-2019-0595\", \"CVE-2019-0596\", \"CVE-2019-0597\", \"CVE-2019-0598\",\n \"CVE-2019-0599\", \"CVE-2019-0600\", \"CVE-2019-0601\", \"CVE-2019-0602\",\n \"CVE-2019-0605\", \"CVE-2019-0606\", \"CVE-2019-0610\", \"CVE-2019-0613\",\n \"CVE-2019-0615\", \"CVE-2019-0616\", \"CVE-2019-0618\", \"CVE-2019-0619\",\n \"CVE-2019-0621\", \"CVE-2019-0623\", \"CVE-2019-0625\", \"CVE-2019-0626\",\n \"CVE-2019-0627\", \"CVE-2019-0628\", \"CVE-2019-0630\", \"CVE-2019-0631\",\n \"CVE-2019-0632\", \"CVE-2019-0633\", \"CVE-2019-0634\", \"CVE-2019-0635\",\n \"CVE-2019-0636\", \"CVE-2019-0640\", \"CVE-2019-0641\", \"CVE-2019-0642\",\n \"CVE-2019-0644\", \"CVE-2019-0645\", \"CVE-2019-0649\", \"CVE-2019-0651\",\n \"CVE-2019-0652\", \"CVE-2019-0654\", \"CVE-2019-0655\", \"CVE-2019-0656\",\n \"CVE-2019-0657\", \"CVE-2019-0658\", \"CVE-2019-0659\", \"CVE-2019-0660\",\n \"CVE-2019-0662\", \"CVE-2019-0676\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-13 14:59:01 +0530 (Wed, 13 Feb 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4487020)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4487020\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"For more information about the vulnerabilities\n refer Reference links.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to obtain information to further compromise the user's system, gain elevated\n privileges and execute arbitrary code on a victim system.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1703 x32/x64 Systems.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4487020\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.15063.0\", test_version2:\"11.0.15063.1630\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.15063.0 - 11.0.15063.1630\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-05T16:27:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-0618", "CVE-2019-0637", "CVE-2019-0645", "CVE-2019-0628", "CVE-2019-0600", "CVE-2019-0640", "CVE-2019-0590", "CVE-2019-0595", "CVE-2019-0656", "CVE-2019-0660", "CVE-2019-0642", "CVE-2019-0597", "CVE-2019-0651", "CVE-2019-0657", "CVE-2019-0602", "CVE-2019-0606", "CVE-2019-0605", "CVE-2019-0654", "CVE-2019-0659", "CVE-2019-0644", "CVE-2019-0627", "CVE-2019-0616", "CVE-2019-0613", "CVE-2019-0634", "CVE-2019-0626", "CVE-2019-0619", "CVE-2019-0662", "CVE-2019-0598", "CVE-2019-0652", "CVE-2019-0631", "CVE-2019-0610", "CVE-2019-0596", "CVE-2019-0607", "CVE-2019-0599", "CVE-2019-0625", "CVE-2019-0655", "CVE-2019-0632", "CVE-2019-0641", "CVE-2019-0621", "CVE-2019-0601", "CVE-2019-0630", "CVE-2019-0636", "CVE-2019-0676", "CVE-2019-0555", "CVE-2019-0615", "CVE-2019-0658", "CVE-2019-0633", "CVE-2019-0649", "CVE-2019-0623", "CVE-2019-0635", "CVE-2019-0591", "CVE-2019-0593"], "description": "This host is missing a critical security\n update according to Microsoft KB4486996", "modified": "2020-06-04T00:00:00", "published": "2019-02-13T00:00:00", "id": "OPENVAS:1361412562310814910", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814910", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4486996)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814910\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-0555\", \"CVE-2019-0590\", \"CVE-2019-0591\", \"CVE-2019-0593\",\n \"CVE-2019-0595\", \"CVE-2019-0596\", \"CVE-2019-0597\", \"CVE-2019-0598\",\n \"CVE-2019-0599\", \"CVE-2019-0600\", \"CVE-2019-0601\", \"CVE-2019-0602\",\n \"CVE-2019-0605\", \"CVE-2019-0606\", \"CVE-2019-0607\", \"CVE-2019-0610\",\n \"CVE-2019-0613\", \"CVE-2019-0615\", \"CVE-2019-0616\", \"CVE-2019-0618\",\n \"CVE-2019-0619\", \"CVE-2019-0621\", \"CVE-2019-0623\", \"CVE-2019-0625\",\n \"CVE-2019-0626\", \"CVE-2019-0627\", \"CVE-2019-0628\", \"CVE-2019-0630\",\n \"CVE-2019-0631\", \"CVE-2019-0632\", \"CVE-2019-0633\", \"CVE-2019-0634\",\n \"CVE-2019-0635\", \"CVE-2019-0636\", \"CVE-2019-0637\", \"CVE-2019-0640\",\n \"CVE-2019-0641\", \"CVE-2019-0642\", \"CVE-2019-0644\", \"CVE-2019-0645\",\n \"CVE-2019-0649\", \"CVE-2019-0651\", \"CVE-2019-0652\", \"CVE-2019-0654\",\n \"CVE-2019-0655\", \"CVE-2019-0656\", \"CVE-2019-0657\", \"CVE-2019-0658\",\n \"CVE-2019-0659\", \"CVE-2019-0660\", \"CVE-2019-0662\", \"CVE-2019-0676\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-13 13:39:27 +0530 (Wed, 13 Feb 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4486996)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4486996\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"For more information about the vulnerabilities\n refer Reference links.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to obtain information to further compromise the user's system, gain elevated\n privileges on an affected system and execute arbitrary code in the context of\n the current user.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1709 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4486996\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.966\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.966\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-05T16:27:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-0618", "CVE-2019-0637", "CVE-2019-0645", "CVE-2019-0628", "CVE-2019-0600", "CVE-2019-0640", "CVE-2019-0590", "CVE-2019-0595", "CVE-2019-0656", "CVE-2019-0660", "CVE-2019-0642", "CVE-2019-0597", "CVE-2019-0651", "CVE-2019-0602", "CVE-2019-0606", "CVE-2019-0605", "CVE-2019-0654", "CVE-2019-0659", "CVE-2019-0644", "CVE-2019-0627", "CVE-2019-0616", "CVE-2019-0634", "CVE-2019-0626", "CVE-2019-0619", "CVE-2019-0648", "CVE-2019-0662", "CVE-2019-0598", "CVE-2019-0643", "CVE-2019-0652", "CVE-2019-0631", "CVE-2019-0610", "CVE-2019-0596", "CVE-2019-0607", "CVE-2019-0599", "CVE-2019-0625", "CVE-2019-0655", "CVE-2019-0632", "CVE-2019-0641", "CVE-2019-0621", "CVE-2019-0650", "CVE-2019-0601", "CVE-2019-0630", "CVE-2019-0636", "CVE-2019-0676", "CVE-2019-0555", "CVE-2019-0615", "CVE-2019-0658", "CVE-2019-0633", "CVE-2019-0649", "CVE-2019-0635", "CVE-2019-0591", "CVE-2019-0593"], "description": "This host is missing a critical security\n update according to Microsoft KB4487044", "modified": "2020-06-04T00:00:00", "published": "2019-02-13T00:00:00", "id": "OPENVAS:1361412562310814911", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814911", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4487044)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814911\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-0555\", \"CVE-2019-0590\", \"CVE-2019-0591\", \"CVE-2019-0593\",\n \"CVE-2019-0595\", \"CVE-2019-0596\", \"CVE-2019-0597\", \"CVE-2019-0598\",\n \"CVE-2019-0599\", \"CVE-2019-0600\", \"CVE-2019-0601\", \"CVE-2019-0602\",\n \"CVE-2019-0605\", \"CVE-2019-0606\", \"CVE-2019-0607\", \"CVE-2019-0610\",\n \"CVE-2019-0615\", \"CVE-2019-0616\", \"CVE-2019-0618\", \"CVE-2019-0619\",\n \"CVE-2019-0621\", \"CVE-2019-0625\", \"CVE-2019-0626\", \"CVE-2019-0627\",\n \"CVE-2019-0628\", \"CVE-2019-0630\", \"CVE-2019-0631\", \"CVE-2019-0632\",\n \"CVE-2019-0633\", \"CVE-2019-0634\", \"CVE-2019-0635\", \"CVE-2019-0636\",\n \"CVE-2019-0637\", \"CVE-2019-0640\", \"CVE-2019-0641\", \"CVE-2019-0642\",\n \"CVE-2019-0643\", \"CVE-2019-0644\", \"CVE-2019-0645\", \"CVE-2019-0648\",\n \"CVE-2019-0649\", \"CVE-2019-0650\", \"CVE-2019-0651\", \"CVE-2019-0652\",\n \"CVE-2019-0654\", \"CVE-2019-0655\", \"CVE-2019-0656\", \"CVE-2019-0658\",\n \"CVE-2019-0659\", \"CVE-2019-0660\", \"CVE-2019-0662\", \"CVE-2019-0676\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-13 13:57:04 +0530 (Wed, 13 Feb 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4487044)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4487044\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"For more information about the vulnerabilities\n refer Reference links\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to obtain information to further compromise the user's system, gain the same\n user rights as the current user and execute arbitrary code in the context of the\n current user.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1809 for 32-bit/x64 Systems.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4487044\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17763.0\", test_version2:\"11.0.17763.315\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17763.0 - 11.0.17763.315\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-05T16:27:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-0618", "CVE-2019-0637", "CVE-2019-0645", "CVE-2019-0628", "CVE-2019-0600", "CVE-2019-0640", "CVE-2019-0590", "CVE-2019-0595", "CVE-2019-0656", "CVE-2019-0660", "CVE-2019-0642", "CVE-2019-0597", "CVE-2019-0651", "CVE-2019-0657", "CVE-2019-0602", "CVE-2019-0606", "CVE-2019-0605", "CVE-2019-0654", "CVE-2019-0659", "CVE-2019-0644", "CVE-2019-0627", "CVE-2019-0616", "CVE-2019-0613", "CVE-2019-0634", "CVE-2019-0626", "CVE-2019-0619", "CVE-2019-0662", "CVE-2019-0598", "CVE-2019-0652", "CVE-2019-0631", "CVE-2019-0610", "CVE-2019-0596", "CVE-2019-0607", "CVE-2019-0599", "CVE-2019-0625", "CVE-2019-0655", "CVE-2019-0632", "CVE-2019-0641", "CVE-2019-0621", "CVE-2019-0650", "CVE-2019-0601", "CVE-2019-0630", "CVE-2019-0636", "CVE-2019-0676", "CVE-2019-0555", "CVE-2019-0615", "CVE-2019-0658", "CVE-2019-0633", "CVE-2019-0649", "CVE-2019-0623", "CVE-2019-0635", "CVE-2019-0591", "CVE-2019-0593"], "description": "This host is missing a critical security\n update according to Microsoft KB4487017", "modified": "2020-06-04T00:00:00", "published": "2019-02-13T00:00:00", "id": "OPENVAS:1361412562310814672", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814672", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4487017)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814672\");\n script_version(\"2020-06-04T09:02:37+0000\");\n script_cve_id(\"CVE-2019-0590\", \"CVE-2019-0591\", \"CVE-2019-0593\", \"CVE-2019-0652\",\n \"CVE-2019-0654\", \"CVE-2019-0655\", \"CVE-2019-0656\", \"CVE-2019-0595\",\n \"CVE-2019-0596\", \"CVE-2019-0657\", \"CVE-2019-0658\", \"CVE-2019-0597\",\n \"CVE-2019-0598\", \"CVE-2019-0599\", \"CVE-2019-0659\", \"CVE-2019-0660\",\n \"CVE-2019-0600\", \"CVE-2019-0601\", \"CVE-2019-0602\", \"CVE-2019-0662\",\n \"CVE-2019-0605\", \"CVE-2019-0606\", \"CVE-2019-0607\", \"CVE-2019-0610\",\n \"CVE-2019-0613\", \"CVE-2019-0676\", \"CVE-2019-0615\", \"CVE-2019-0616\",\n \"CVE-2019-0618\", \"CVE-2019-0625\", \"CVE-2019-0626\", \"CVE-2019-0627\",\n \"CVE-2019-0628\", \"CVE-2019-0630\", \"CVE-2019-0631\", \"CVE-2019-0632\",\n \"CVE-2019-0633\", \"CVE-2019-0634\", \"CVE-2019-0635\", \"CVE-2019-0636\",\n \"CVE-2019-0637\", \"CVE-2019-0640\", \"CVE-2019-0641\", \"CVE-2019-0642\",\n \"CVE-2019-0644\", \"CVE-2019-0645\", \"CVE-2019-0649\", \"CVE-2019-0650\",\n \"CVE-2019-0651\", \"CVE-2019-0619\", \"CVE-2019-0621\", \"CVE-2019-0623\",\n \"CVE-2019-0555\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 09:02:37 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-13 09:26:04 +0530 (Wed, 13 Feb 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4487017)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4487017\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Microsoft Server Message Block 2 server improperly handles certain requests.\n\n - An error in Windows which could allow an attacker to bypass Device Guard.\n\n - Windows Graphics Device Interface (GDI) improperly handles objects in the\n memory.\n\n - Microsoft Edge improperly accesses objects in memory.\n\n - Windows Hyper-V on a host operating system fails to properly validate\n input from an authenticated user on a guest operating system.\n\n - Windows improperly discloses file information.\n\n - Windows Defender Firewall incorrectly applies firewall profiles to\n cellular network connections.\n\n - Scripting engine handles objects in memory in Microsoft Edge.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows kernel fails to properly handle objects in memory.\n\n - Microsoft browsers improperly handles specific redirects.\n\n - The scripting engine does not properly handle objects in memory in\n Microsoft Edge.\n\n - The storage Service improperly handles file operations.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Internet Explorer improperly handles objects in memory.\n\n - Windows Server DHCP service improperly validate specially crafted\n packets to a DHCP server.\n\n - The Win32k component fails to properly handle objects in memory.\n\n - Windows kernel improperly handles objects in memory.\n\n - The Human Interface Devices (HID) component improperly handles objects\n in memory.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - The win32k component improperly provides kernel information.\n\n - Microsoft Edge improperly handles whitelisting.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute code on the target server, gain elevated privileges on the victim\n system and take control of the affected system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1803 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1803 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4487017\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.589\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.589\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-09-14T18:32:02", "description": "The remote Windows host is missing security update 4487020. \nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET\n Framework and Visual Studio software when the software\n fails to check the source markup of a file. An attacker\n who successfully exploited the vulnerability could run\n arbitrary code in the context of the current user. If\n the current user is logged on with administrative user\n rights, an attacker could take control of the affected\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0613)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0606)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-0623)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-0621)\n\n - A vulnerability exists in Microsoft Chakra JIT server.\n An attacker who successfully exploited this\n vulnerability could gain elevated privileges. The\n vulnerability by itself does not allow arbitrary code to\n run. However, this vulnerability could be used in\n conjunction with one or more vulnerabilities (for\n example a remote code execution vulnerability and\n another elevation of privilege vulnerability) to take\n advantage of the elevated privileges when running. The\n security update addresses the vulnerability by modifying\n how Microsoft Chakra handles constructorCaches.\n (CVE-2019-0649)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-0628)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-0618,\n CVE-2019-0662)\n\n - An information vulnerability exists when Windows\n improperly discloses file information. Successful\n exploitation of the vulnerability could allow the\n attacker to read the contents of files on disk.\n (CVE-2019-0636)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0595, CVE-2019-0596, CVE-2019-0597,\n CVE-2019-0598, CVE-2019-0599, CVE-2019-0625)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-0656)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0634,\n CVE-2019-0645)\n\n - An information disclosure vulnerability exists when the\n Human Interface Devices (HID) component improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could obtain information to\n further compromise the victims system. (CVE-2019-0600,\n CVE-2019-0601)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0659)\n\n - An information disclosure vulnerability exists when\n Internet Explorer improperly handles objects in memory.\n An attacker who successfully exploited this\n vulnerability could test for the presence of files on\n disk. For an attack to be successful, an attacker must\n persuade a user to open a malicious website. The\n security update addresses the vulnerability by changing\n the way Internet Explorer handles objects in memory.\n (CVE-2019-0676)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Microsoft Edge. The vulnerability could corrupt memory\n in such a way that an attacker could execute arbitrary\n code in the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0590,\n CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,\n CVE-2019-0610, CVE-2019-0640, CVE-2019-0642,\n CVE-2019-0644, CVE-2019-0651, CVE-2019-0652,\n CVE-2019-0655)\n\n - A memory corruption vulnerability exists in the Windows\n Server DHCP service when an attacker sends specially\n crafted packets to a DHCP server. An attacker who\n successfully exploited the vulnerability could run\n arbitrary code on the DHCP server. (CVE-2019-0626)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-0635)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-0602, CVE-2019-0615, CVE-2019-0616,\n CVE-2019-0619, CVE-2019-0660)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0658)\n\n - A security feature bypass vulnerability exists in\n Windows which could allow an attacker to bypass Device\n Guard. An attacker who successfully exploited this\n vulnerability could circumvent a User Mode Code\n Integrity (UMCI) policy on the machine. (CVE-2019-0627,\n CVE-2019-0631, CVE-2019-0632)\n\n - A vulnerability exists in certain .Net Framework API's\n and Visual Studio in the way they parse URL's. An\n attacker who successfully exploited this vulnerability\n could use it to bypass security logic intended to ensure\n that a user-provided URL belonged to a specific hostname\n or a subdomain of that hostname. This could be used to\n cause privileged communication to be made to an\n untrusted service as if it was a trusted service.\n (CVE-2019-0657)\n\n - A security feature bypass vulnerability exists in\n Microsoft Edge handles whitelisting. Edge depends on a\n default whitelist of sites where Adobe Flash will load\n without user interaction. Because the whitelist was not\n scheme-aware, an attacker could use a man in the middle\n attack to cause Flash policies to be bypassed and\n arbitrary Flash content to be loaded without user\n interaction. The security update addresses the\n vulnerability by modifying how affected Microsoft Edge\n handles whitelisting. (CVE-2019-0641)\n\n - A spoofing vulnerability exists when Microsoft browsers\n improperly handles specific redirects. An attacker who\n successfully exploited this vulnerability could trick a\n user into believing that the user was on a legitimate\n website. The specially crafted website could either\n spoof content or serve as a pivot to chain an attack\n with other vulnerabilities in web services.\n (CVE-2019-0654)\n\n - A remote code execution vulnerability exists in the way\n that the Microsoft Server Message Block 2.0 (SMBv2)\n server handles certain requests. An attacker who\n successfully exploited the vulnerability could gain the\n ability to execute code on the target server.\n (CVE-2019-0630, CVE-2019-0633)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n To exploit this vulnerability, an authenticated attacker\n could run a specially crafted application. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the user's system.\n (CVE-2019-0663)", "edition": 13, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-02-12T00:00:00", "title": "KB4487020: Windows 10 Version 1703 February 2019 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-0618", "CVE-2019-0645", "CVE-2019-0628", "CVE-2019-0600", "CVE-2019-0640", "CVE-2019-0590", "CVE-2019-0595", "CVE-2019-0656", "CVE-2019-0660", "CVE-2019-0642", "CVE-2019-0597", "CVE-2019-0651", "CVE-2019-0657", "CVE-2019-0602", "CVE-2019-0606", "CVE-2019-0605", "CVE-2019-0654", "CVE-2019-0659", "CVE-2019-0644", "CVE-2019-0627", "CVE-2019-0616", "CVE-2019-0613", "CVE-2019-0634", "CVE-2019-0626", "CVE-2019-0619", "CVE-2019-0662", "CVE-2019-0598", "CVE-2019-0652", "CVE-2019-0631", "CVE-2019-0610", "CVE-2019-0596", "CVE-2019-0599", "CVE-2019-0625", "CVE-2019-0655", "CVE-2019-0632", "CVE-2019-0641", "CVE-2019-0621", "CVE-2019-0601", "CVE-2019-0630", "CVE-2019-0636", "CVE-2019-0676", "CVE-2019-0615", "CVE-2019-0658", "CVE-2019-0633", "CVE-2019-0649", "CVE-2019-0623", "CVE-2019-0635", "CVE-2019-0591", "CVE-2019-0593", "CVE-2019-0663"], "modified": "2019-02-12T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_FEB_4487020.NASL", "href": "https://www.tenable.com/plugins/nessus/122124", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122124);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2019-0590\",\n \"CVE-2019-0591\",\n \"CVE-2019-0593\",\n \"CVE-2019-0595\",\n \"CVE-2019-0596\",\n \"CVE-2019-0597\",\n \"CVE-2019-0598\",\n \"CVE-2019-0599\",\n \"CVE-2019-0600\",\n \"CVE-2019-0601\",\n \"CVE-2019-0602\",\n \"CVE-2019-0605\",\n \"CVE-2019-0606\",\n \"CVE-2019-0610\",\n \"CVE-2019-0613\",\n \"CVE-2019-0615\",\n \"CVE-2019-0616\",\n \"CVE-2019-0618\",\n \"CVE-2019-0619\",\n \"CVE-2019-0621\",\n \"CVE-2019-0623\",\n \"CVE-2019-0625\",\n \"CVE-2019-0626\",\n \"CVE-2019-0627\",\n \"CVE-2019-0628\",\n \"CVE-2019-0630\",\n \"CVE-2019-0631\",\n \"CVE-2019-0632\",\n \"CVE-2019-0633\",\n \"CVE-2019-0634\",\n \"CVE-2019-0635\",\n \"CVE-2019-0636\",\n \"CVE-2019-0640\",\n \"CVE-2019-0641\",\n \"CVE-2019-0642\",\n \"CVE-2019-0644\",\n \"CVE-2019-0645\",\n \"CVE-2019-0649\",\n \"CVE-2019-0651\",\n \"CVE-2019-0652\",\n \"CVE-2019-0654\",\n \"CVE-2019-0655\",\n \"CVE-2019-0656\",\n \"CVE-2019-0657\",\n \"CVE-2019-0658\",\n \"CVE-2019-0659\",\n \"CVE-2019-0660\",\n \"CVE-2019-0662\",\n \"CVE-2019-0663\",\n \"CVE-2019-0676\"\n );\n script_xref(name:\"MSKB\", value:\"4487020\");\n script_xref(name:\"MSFT\", value:\"MS19-4487020\");\n\n script_name(english:\"KB4487020: Windows 10 Version 1703 February 2019 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4487020. \nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET\n Framework and Visual Studio software when the software\n fails to check the source markup of a file. An attacker\n who successfully exploited the vulnerability could run\n arbitrary code in the context of the current user. If\n the current user is logged on with administrative user\n rights, an attacker could take control of the affected\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0613)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0606)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-0623)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-0621)\n\n - A vulnerability exists in Microsoft Chakra JIT server.\n An attacker who successfully exploited this\n vulnerability could gain elevated privileges. The\n vulnerability by itself does not allow arbitrary code to\n run. However, this vulnerability could be used in\n conjunction with one or more vulnerabilities (for\n example a remote code execution vulnerability and\n another elevation of privilege vulnerability) to take\n advantage of the elevated privileges when running. The\n security update addresses the vulnerability by modifying\n how Microsoft Chakra handles constructorCaches.\n (CVE-2019-0649)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-0628)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-0618,\n CVE-2019-0662)\n\n - An information vulnerability exists when Windows\n improperly discloses file information. Successful\n exploitation of the vulnerability could allow the\n attacker to read the contents of files on disk.\n (CVE-2019-0636)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0595, CVE-2019-0596, CVE-2019-0597,\n CVE-2019-0598, CVE-2019-0599, CVE-2019-0625)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-0656)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0634,\n CVE-2019-0645)\n\n - An information disclosure vulnerability exists when the\n Human Interface Devices (HID) component improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could obtain information to\n further compromise the victims system. (CVE-2019-0600,\n CVE-2019-0601)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0659)\n\n - An information disclosure vulnerability exists when\n Internet Explorer improperly handles objects in memory.\n An attacker who successfully exploited this\n vulnerability could test for the presence of files on\n disk. For an attack to be successful, an attacker must\n persuade a user to open a malicious website. The\n security update addresses the vulnerability by changing\n the way Internet Explorer handles objects in memory.\n (CVE-2019-0676)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Microsoft Edge. The vulnerability could corrupt memory\n in such a way that an attacker could execute arbitrary\n code in the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0590,\n CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,\n CVE-2019-0610, CVE-2019-0640, CVE-2019-0642,\n CVE-2019-0644, CVE-2019-0651, CVE-2019-0652,\n CVE-2019-0655)\n\n - A memory corruption vulnerability exists in the Windows\n Server DHCP service when an attacker sends specially\n crafted packets to a DHCP server. An attacker who\n successfully exploited the vulnerability could run\n arbitrary code on the DHCP server. (CVE-2019-0626)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-0635)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-0602, CVE-2019-0615, CVE-2019-0616,\n CVE-2019-0619, CVE-2019-0660)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0658)\n\n - A security feature bypass vulnerability exists in\n Windows which could allow an attacker to bypass Device\n Guard. An attacker who successfully exploited this\n vulnerability could circumvent a User Mode Code\n Integrity (UMCI) policy on the machine. (CVE-2019-0627,\n CVE-2019-0631, CVE-2019-0632)\n\n - A vulnerability exists in certain .Net Framework API's\n and Visual Studio in the way they parse URL's. An\n attacker who successfully exploited this vulnerability\n could use it to bypass security logic intended to ensure\n that a user-provided URL belonged to a specific hostname\n or a subdomain of that hostname. This could be used to\n cause privileged communication to be made to an\n untrusted service as if it was a trusted service.\n (CVE-2019-0657)\n\n - A security feature bypass vulnerability exists in\n Microsoft Edge handles whitelisting. Edge depends on a\n default whitelist of sites where Adobe Flash will load\n without user interaction. Because the whitelist was not\n scheme-aware, an attacker could use a man in the middle\n attack to cause Flash policies to be bypassed and\n arbitrary Flash content to be loaded without user\n interaction. The security update addresses the\n vulnerability by modifying how affected Microsoft Edge\n handles whitelisting. (CVE-2019-0641)\n\n - A spoofing vulnerability exists when Microsoft browsers\n improperly handles specific redirects. An attacker who\n successfully exploited this vulnerability could trick a\n user into believing that the user was on a legitimate\n website. The specially crafted website could either\n spoof content or serve as a pivot to chain an attack\n with other vulnerabilities in web services.\n (CVE-2019-0654)\n\n - A remote code execution vulnerability exists in the way\n that the Microsoft Server Message Block 2.0 (SMBv2)\n server handles certain requests. An attacker who\n successfully exploited the vulnerability could gain the\n ability to execute code on the target server.\n (CVE-2019-0630, CVE-2019-0633)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly initializes objects in memory.\n To exploit this vulnerability, an authenticated attacker\n could run a specially crafted application. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the user's system.\n (CVE-2019-0663)\");\n # https://support.microsoft.com/en-us/help/4487020/windows-10-update-kb4487020\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c56bb182\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4487020.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0662\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-02\";\nkbs = make_list('4487020');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"15063\",\n rollup_date:\"02_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4487020])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T18:32:03", "description": "The remote Windows host is missing security update 4487044. \nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET\n Framework and Visual Studio software when the software\n fails to check the source markup of a file. An attacker\n who successfully exploited the vulnerability could run\n arbitrary code in the context of the current user. If\n the current user is logged on with administrative user\n rights, an attacker could take control of the affected\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0613)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0634,\n CVE-2019-0645, CVE-2019-0650)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Microsoft Edge. The vulnerability could corrupt memory\n in such a way that an attacker could execute arbitrary\n code in the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0590,\n CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,\n CVE-2019-0607, CVE-2019-0610, CVE-2019-0640,\n CVE-2019-0642, CVE-2019-0644, CVE-2019-0651,\n CVE-2019-0652, CVE-2019-0655)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0606)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-0635)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-0621)\n\n - A vulnerability exists in Microsoft Chakra JIT server.\n An attacker who successfully exploited this\n vulnerability could gain elevated privileges. The\n vulnerability by itself does not allow arbitrary code to\n run. However, this vulnerability could be used in\n conjunction with one or more vulnerabilities (for\n example a remote code execution vulnerability and\n another elevation of privilege vulnerability) to take\n advantage of the elevated privileges when running. The\n security update addresses the vulnerability by modifying\n how Microsoft Chakra handles constructorCaches.\n (CVE-2019-0649)\n\n - An information disclosure vulnerability exists when\n Chakra improperly discloses the contents of its memory,\n which could provide an attacker with information to\n further compromise the users computer or data.\n (CVE-2019-0648)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-0628)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-0618,\n CVE-2019-0662)\n\n - A security feature bypass vulnerability exists when\n Windows Defender Firewall incorrectly applies firewall\n profiles to cellular network connections. This\n vulnerability occurs when Windows is connected to both\n an ethernet network and a cellular network. An attacker\n would have no way to trigger this vulnerability\n remotely, and this vulnerability by itself does not\n allow Windows to be exploited. This update addresses the\n behavior by correcting how Windows Defender Firewall\n handles firewall profiles when ethernet and cellular\n network connections are both present. (CVE-2019-0637)\n\n - An information vulnerability exists when Windows\n improperly discloses file information. Successful\n exploitation of the vulnerability could allow the\n attacker to read the contents of files on disk.\n (CVE-2019-0636)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0595, CVE-2019-0596, CVE-2019-0597,\n CVE-2019-0598, CVE-2019-0599, CVE-2019-0625)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-0656)\n\n - An information disclosure vulnerability exists when the\n Human Interface Devices (HID) component improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could obtain information to\n further compromise the victims system. (CVE-2019-0600,\n CVE-2019-0601)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0659)\n\n - An information disclosure vulnerability exists when\n Internet Explorer improperly handles objects in memory.\n An attacker who successfully exploited this\n vulnerability could test for the presence of files on\n disk. For an attack to be successful, an attacker must\n persuade a user to open a malicious website. The\n security update addresses the vulnerability by changing\n the way Internet Explorer handles objects in memory.\n (CVE-2019-0676)\n\n - An information disclosure vulnerability exists in the\n way that Microsoft Edge handles cross-origin requests.\n An attacker who successfully exploited this\n vulnerability could determine the origin of all webpages\n in the affected browser. (CVE-2019-0643)\n\n - A memory corruption vulnerability exists in the Windows\n Server DHCP service when an attacker sends specially\n crafted packets to a DHCP server. An attacker who\n successfully exploited the vulnerability could run\n arbitrary code on the DHCP server. (CVE-2019-0626)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-0602, CVE-2019-0615, CVE-2019-0616,\n CVE-2019-0619, CVE-2019-0660)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0658)\n\n - A security feature bypass vulnerability exists in\n Windows which could allow an attacker to bypass Device\n Guard. An attacker who successfully exploited this\n vulnerability could circumvent a User Mode Code\n Integrity (UMCI) policy on the machine. (CVE-2019-0627,\n CVE-2019-0631, CVE-2019-0632)\n\n - A vulnerability exists in certain .Net Framework API's\n and Visual Studio in the way they parse URL's. An\n attacker who successfully exploited this vulnerability\n could use it to bypass security logic intended to ensure\n that a user-provided URL belonged to a specific hostname\n or a subdomain of that hostname. This could be used to\n cause privileged communication to be made to an\n untrusted service as if it was a trusted service.\n (CVE-2019-0657)\n\n - A security feature bypass vulnerability exists in\n Microsoft Edge handles whitelisting. Edge depends on a\n default whitelist of sites where Adobe Flash will load\n without user interaction. Because the whitelist was not\n scheme-aware, an attacker could use a man in the middle\n attack to cause Flash policies to be bypassed and\n arbitrary Flash content to be loaded without user\n interaction. The security update addresses the\n vulnerability by modifying how affected Microsoft Edge\n handles whitelisting. (CVE-2019-0641)\n\n - A spoofing vulnerability exists when Microsoft browsers\n improperly handles specific redirects. An attacker who\n successfully exploited this vulnerability could trick a\n user into believing that the user was on a legitimate\n website. The specially crafted website could either\n spoof content or serve as a pivot to chain an attack\n with other vulnerabilities in web services.\n (CVE-2019-0654)\n\n - A remote code execution vulnerability exists in the way\n that the Microsoft Server Message Block 2.0 (SMBv2)\n server handles certain requests. An attacker who\n successfully exploited the vulnerability could gain the\n ability to execute code on the target server.\n (CVE-2019-0630, CVE-2019-0633)", "edition": 16, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-02-12T00:00:00", "title": "KB4487044: Windows 10 Version 1809 and Windows Server 2019 February 2019 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-0618", "CVE-2019-0637", "CVE-2019-0645", "CVE-2019-0628", "CVE-2019-0600", "CVE-2019-0640", "CVE-2019-0590", "CVE-2019-0595", "CVE-2019-0656", "CVE-2019-0660", "CVE-2019-0642", "CVE-2019-0597", "CVE-2019-0651", "CVE-2019-0657", "CVE-2019-0602", "CVE-2019-0606", "CVE-2019-0605", "CVE-2019-0654", "CVE-2019-0659", "CVE-2019-0644", "CVE-2019-0627", "CVE-2019-0616", "CVE-2019-0613", "CVE-2019-0634", "CVE-2019-0626", "CVE-2019-0619", "CVE-2019-0648", "CVE-2019-0662", "CVE-2019-0598", "CVE-2019-0643", "CVE-2019-0652", "CVE-2019-0631", "CVE-2019-0610", "CVE-2019-0596", "CVE-2019-0607", "CVE-2019-0599", "CVE-2019-0625", "CVE-2019-0655", "CVE-2019-0632", "CVE-2019-0641", "CVE-2019-0621", "CVE-2019-0650", "CVE-2019-0601", "CVE-2019-0630", "CVE-2019-0636", "CVE-2019-0676", "CVE-2019-0615", "CVE-2019-0658", "CVE-2019-0633", "CVE-2019-0649", "CVE-2019-0635", "CVE-2019-0591", "CVE-2019-0593"], "modified": "2019-02-12T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_FEB_4487044.NASL", "href": "https://www.tenable.com/plugins/nessus/122127", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122127);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2019-0590\",\n \"CVE-2019-0591\",\n \"CVE-2019-0593\",\n \"CVE-2019-0595\",\n \"CVE-2019-0596\",\n \"CVE-2019-0597\",\n \"CVE-2019-0598\",\n \"CVE-2019-0599\",\n \"CVE-2019-0600\",\n \"CVE-2019-0601\",\n \"CVE-2019-0602\",\n \"CVE-2019-0605\",\n \"CVE-2019-0606\",\n \"CVE-2019-0607\",\n \"CVE-2019-0610\",\n \"CVE-2019-0613\",\n \"CVE-2019-0615\",\n \"CVE-2019-0616\",\n \"CVE-2019-0618\",\n \"CVE-2019-0619\",\n \"CVE-2019-0621\",\n \"CVE-2019-0625\",\n \"CVE-2019-0626\",\n \"CVE-2019-0627\",\n \"CVE-2019-0628\",\n \"CVE-2019-0630\",\n \"CVE-2019-0631\",\n \"CVE-2019-0632\",\n \"CVE-2019-0633\",\n \"CVE-2019-0634\",\n \"CVE-2019-0635\",\n \"CVE-2019-0636\",\n \"CVE-2019-0637\",\n \"CVE-2019-0640\",\n \"CVE-2019-0641\",\n \"CVE-2019-0642\",\n \"CVE-2019-0643\",\n \"CVE-2019-0644\",\n \"CVE-2019-0645\",\n \"CVE-2019-0648\",\n \"CVE-2019-0649\",\n \"CVE-2019-0650\",\n \"CVE-2019-0651\",\n \"CVE-2019-0652\",\n \"CVE-2019-0654\",\n \"CVE-2019-0655\",\n \"CVE-2019-0656\",\n \"CVE-2019-0657\",\n \"CVE-2019-0658\",\n \"CVE-2019-0659\",\n \"CVE-2019-0660\",\n \"CVE-2019-0662\",\n \"CVE-2019-0676\"\n );\n script_xref(name:\"MSKB\", value:\"4487044\");\n script_xref(name:\"MSFT\", value:\"MS19-4487044\");\n\n script_name(english:\"KB4487044: Windows 10 Version 1809 and Windows Server 2019 February 2019 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4487044. \nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in .NET\n Framework and Visual Studio software when the software\n fails to check the source markup of a file. An attacker\n who successfully exploited the vulnerability could run\n arbitrary code in the context of the current user. If\n the current user is logged on with administrative user\n rights, an attacker could take control of the affected\n system. An attacker could then install programs; view,\n change, or delete data; or create new accounts with full\n user rights. (CVE-2019-0613)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0634,\n CVE-2019-0645, CVE-2019-0650)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Microsoft Edge. The vulnerability could corrupt memory\n in such a way that an attacker could execute arbitrary\n code in the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0590,\n CVE-2019-0591, CVE-2019-0593, CVE-2019-0605,\n CVE-2019-0607, CVE-2019-0610, CVE-2019-0640,\n CVE-2019-0642, CVE-2019-0644, CVE-2019-0651,\n CVE-2019-0652, CVE-2019-0655)\n\n - A remote code execution vulnerability exists when\n Internet Explorer improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that an attacker could execute arbitrary code in the\n context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2019-0606)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-0635)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-0621)\n\n - A vulnerability exists in Microsoft Chakra JIT server.\n An attacker who successfully exploited this\n vulnerability could gain elevated privileges. The\n vulnerability by itself does not allow arbitrary code to\n run. However, this vulnerability could be used in\n conjunction with one or more vulnerabilities (for\n example a remote code execution vulnerability and\n another elevation of privilege vulnerability) to take\n advantage of the elevated privileges when running. The\n security update addresses the vulnerability by modifying\n how Microsoft Chakra handles constructorCaches.\n (CVE-2019-0649)\n\n - An information disclosure vulnerability exists when\n Chakra improperly discloses the contents of its memory,\n which could provide an attacker with information to\n further compromise the users computer or data.\n (CVE-2019-0648)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-0628)\n\n - A remote code execution vulnerability exists in the way\n that the Windows Graphics Device Interface (GDI) handles\n objects in the memory. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-0618,\n CVE-2019-0662)\n\n - A security feature bypass vulnerability exists when\n Windows Defender Firewall incorrectly applies firewall\n profiles to cellular network connections. This\n vulnerability occurs when Windows is connected to both\n an ethernet network and a cellular network. An attacker\n would have no way to trigger this vulnerability\n remotely, and this vulnerability by itself does not\n allow Windows to be exploited. This update addresses the\n behavior by correcting how Windows Defender Firewall\n handles firewall profiles when ethernet and cellular\n network connections are both present. (CVE-2019-0637)\n\n - An information vulnerability exists when Windows\n improperly discloses file information. Successful\n exploitation of the vulnerability could allow the\n attacker to read the contents of files on disk.\n (CVE-2019-0636)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-0595, CVE-2019-0596, CVE-2019-0597,\n CVE-2019-0598, CVE-2019-0599, CVE-2019-0625)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-0656)\n\n - An information disclosure vulnerability exists when the\n Human Interface Devices (HID) component improperly\n handles objects in memory. An attacker who successfully\n exploited this vulnerability could obtain information to\n further compromise the victims system. (CVE-2019-0600,\n CVE-2019-0601)\n\n - An elevation of privilege vulnerability exists when the\n Storage Service improperly handles file operations. An\n attacker who successfully exploited this vulnerability\n could gain elevated privileges on the victim system.\n (CVE-2019-0659)\n\n - An information disclosure vulnerability exists when\n Internet Explorer improperly handles objects in memory.\n An attacker who successfully exploited this\n vulnerability could test for the presence of files on\n disk. For an attack to be successful, an attacker must\n persuade a user to open a malicious website. The\n security update addresses the vulnerability by changing\n the way Internet Explorer handles objects in memory.\n (CVE-2019-0676)\n\n - An information disclosure vulnerability exists in the\n way that Microsoft Edge handles cross-origin requests.\n An attacker who successfully exploited this\n vulnerability could determine the origin of all webpages\n in the affected browser. (CVE-2019-0643)\n\n - A memory corruption vulnerability exists in the Windows\n Server DHCP service when an attacker sends specially\n crafted packets to a DHCP server. An attacker who\n successfully exploited the vulnerability could run\n arbitrary code on the DHCP server. (CVE-2019-0626)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-0602, CVE-2019-0615, CVE-2019-0616,\n CVE-2019-0619, CVE-2019-0660)\n\n - An information disclosure vulnerability exists when the\n scripting engine does not properly handle objects in\n memory in Microsoft Edge. An attacker who successfully\n exploited the vulnerability could obtain information to\n further compromise the users system. (CVE-2019-0658)\n\n - A security feature bypass vulnerability exists in\n Windows which could allow an attacker to bypass Device\n Guard. An attacker who successfully exploited this\n vulnerability could circumvent a User Mode Code\n Integrity (UMCI) policy on the machine. (CVE-2019-0627,\n CVE-2019-0631, CVE-2019-0632)\n\n - A vulnerability exists in certain .Net Framework API's\n and Visual Studio in the way they parse URL's. An\n attacker who successfully exploited this vulnerability\n could use it to bypass security logic intended to ensure\n that a user-provided URL belonged to a specific hostname\n or a subdomain of that hostname. This could be used to\n cause privileged communication to be made to an\n untrusted service as if it was a trusted service.\n (CVE-2019-0657)\n\n - A security feature bypass vulnerability exists in\n Microsoft Edge handles whitelisting. Edge depends on a\n default whitelist of sites where Adobe Flash will load\n without user interaction. Because the whitelist was not\n scheme-aware, an attacker could use a man in the middle\n attack to cause Flash policies to be bypassed and\n arbitrary Flash content to be loaded without user\n interaction. The security update addresses the\n vulnerability by modifying how affected Microsoft Edge\n handles whitelisting. (CVE-2019-0641)\n\n - A spoofing vulnerability exists when Microsoft browsers\n improperly handles specific redirects. An attacker who\n successfully exploited this vulnerability could trick a\n user into believing that the user was on a legitimate\n website. The specially crafted website could either\n spoof content or serve as a pivot to chain an attack\n with other vulnerabilities in web services.\n (CVE-2019-0654)\n\n - A remote code execution vulnerability exists in the way\n that the Microsoft Server Message Block 2.0 (SMBv2)\n server handles certain requests. An attacker who\n successfully exploited the vulnerability could gain the\n ability to execute code on the target server.\n (CVE-2019-0630, CVE-2019-0633)\");\n # https://support.microsoft.com/en-us/help/4487044/windows-10-update-kb4487044\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?aaaa86ad\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4487044.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0662\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-02\";\nkbs = make_list('4487044');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17763\",\n rollup_date:\"02_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4487044])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "talosblog": [{"lastseen": "2019-03-07T08:34:06", "bulletinFamily": "blog", "cvelist": ["CVE-2019-0540", "CVE-2019-0590", "CVE-2019-0591", "CVE-2019-0593", "CVE-2019-0594", "CVE-2019-0595", "CVE-2019-0596", "CVE-2019-0597", "CVE-2019-0598", "CVE-2019-0599", "CVE-2019-0600", "CVE-2019-0601", "CVE-2019-0602", "CVE-2019-0604", "CVE-2019-0605", "CVE-2019-0606", "CVE-2019-0607", "CVE-2019-0610", "CVE-2019-0613", "CVE-2019-0615", "CVE-2019-0616", "CVE-2019-0618", "CVE-2019-0619", "CVE-2019-0623", "CVE-2019-0625", "CVE-2019-0626", "CVE-2019-0627", "CVE-2019-0628", "CVE-2019-0630", "CVE-2019-0631", "CVE-2019-0632", "CVE-2019-0633", "CVE-2019-0634", "CVE-2019-0635", "CVE-2019-0636", "CVE-2019-0637", "CVE-2019-0640", "CVE-2019-0641", "CVE-2019-0642", "CVE-2019-0643", "CVE-2019-0644", "CVE-2019-0645", "CVE-2019-0648", "CVE-2019-0649", "CVE-2019-0650", "CVE-2019-0651", "CVE-2019-0652", "CVE-2019-0654", "CVE-2019-0655", "CVE-2019-0656", "CVE-2019-0657", "CVE-2019-0658", "CVE-2019-0659", "CVE-2019-0660", "CVE-2019-0661", "CVE-2019-0662", "CVE-2019-0664", "CVE-2019-0668", "CVE-2019-0670", "CVE-2019-0671", "CVE-2019-0672", "CVE-2019-0673", "CVE-2019-0674", "CVE-2019-0675", "CVE-2019-0676", "CVE-2019-0686", "CVE-2019-0728"], "description": "[](<http://2.bp.blogspot.com/-C9ApwGTNu7M/XGLvRFSNSsI/AAAAAAAAFT4/OR6BvUFDD30mBvNZE70PUde_GycCBeNlACK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg>) \nMicrosoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 69 vulnerabilities, 20 of which are rated \u201ccritical,\u201d 46 that are considered \u201cimportant\u201d and three that are \u201cmoderate.\u201d This release also includes a critical security advisory regarding a security update to Adobe Flash Player \n \nThis month\u2019s security update covers security issues in a variety of Microsoft\u2019s products, including the Chakra Scripting Engine and the Internet Explorer and Exchange web browsers. For coverage of these vulnerabilities, read the SNORT\u24c7 blog post [here](<https://blog.snort.org/2019/02/snort-rule-update-for-feb-12-2019.html>). \n \n\n\n### Critical vulnerabilities\n\nMicrosoft disclosed 20 critical vulnerabilities this month, 12 of which we will highlight below. \n \n[CVE-2019-0590](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590>), [CVE-2019-0591](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591>), [CVE-2019-0593](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593>), [CVE-2019-0640](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640>), [CVE-2019-0642](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642>), [CVE-2019-0644](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644>), [CVE-2019-0651](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651>), [CVE-2019-0652](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652>) and [CVE-2019-0655](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655>) are all memory corruption vulnerabilities in Microsoft scripting engine. The bugs all lie in the way the engine processes objects in memory in the Microsoft Edge web browser. An attacker could exploit this vulnerability to corrupt the machine\u2019s memory, eventually allowing them to execute code remotely in the context of the current users. A user could trigger this bug by either visiting a malicious web page while using Edge, or by accessing specially crafted content created by the attacker. \n \n[CVE-2019-0606](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606>) is a memory corruption vulnerability in Microsoft Internet Explorer. The problem lies in the way the web browser accesses objects in memory. An attacker could exploit this vulnerability by tricking a user into visiting a specially crafted website or user-created content in Internet Explorer. Once triggered, the attacker could gain the ability to execute code remotely in the context of the current user. \n \n[CVE-2019-0645](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0645>) and [CVE-2019-0650](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0650>) are memory corruption vulnerabilities that exist in Microsoft Edge when the web browser fails to properly handle objects in memory. An attacker could exploit this vulnerability by tricking a user into visiting a maliciously crafted website in Edge, or clicking on specially crafted content. An attacker could use this bug to gain the ability to execute arbitrary code in the context of the current user. \n \nThese are the other critical vulnerabilities: \n \n\n\n * [CVE-2019-0594](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0594>)\n * [CVE-2019-0604](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604>)\n * [CVE-2019-0605](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605>)\n * [CVE-2019-0607](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607>)\n * [CVE-2019-0618](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0618>)\n * [CVE-2019-0626](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0626>)\n * [CVE-2019-0634](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634>)\n * [CVE-2019-0662](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0662>)\n \n\n\n### Important vulnerabilities\n\nThis release also contains 46 important vulnerabilities: \n \n\n\n * [CVE-2019-0540](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540>)\n * [CVE-2019-0595](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0595>)\n * [CVE-2019-0596](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0596>)\n * [CVE-2019-0597](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0597>)\n * [CVE-2019-0598](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0598>)\n * [CVE-2019-0599](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0599>)\n * [CVE-2019-0600](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0600>)\n * [CVE-2019-0601](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0601>)\n * [CVE-2019-0602](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0602>)\n * [CVE-2019-0610](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610>)\n * [CVE-2019-0613](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613>)\n * [CVE-2019-0615](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0615>)\n * [CVE-2019-0616](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0616>)\n * [CVE-2019-0619](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0619>)\n * [CVE-2019-0623](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0623>)\n * [CVE-2019-0625](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0625>)\n * [CVE-2019-0627](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627>)\n * [CVE-2019-0628](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0628>)\n * [CVE-2019-0630](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0630>)\n * [CVE-2019-0631](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0631>)\n * [CVE-2019-0632](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0632>)\n * [CVE-2019-0633](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0633>)\n * [CVE-2019-0635](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0635>)\n * [CVE-2019-0636](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0636>)\n * [CVE-2019-0637](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0637>)\n * [CVE-2019-0648](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0648>)\n * [CVE-2019-0649](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649>)\n * [CVE-2019-0654](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0654>)\n * [CVE-2019-0656](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0656>)\n * [CVE-2019-0657](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657>)\n * [CVE-2019-0658](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658>)\n * [CVE-2019-0659](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0659>)\n * [CVE-2019-0660](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0660>)\n * [CVE-2019-0661](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0661>)\n * [CVE-2019-0664](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0664>)\n * [CVE-2019-0668](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668>)\n * [CVE-2019-0671](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0671>)\n * [CVE-2019-0672](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0672>)\n * [CVE-2019-0673](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0673>)\n * [CVE-2019-0674](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0674>)\n * [CVE-2019-0675](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0675>)\n * [CVE-2019-0676](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676>)\n * [CVE-2019-0686](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686>)\n * [CVE-2019-0728](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728>)\n\n### Moderate\n\nThere were also three moderate vulnerabilities in this release: [CVE-2019-0641](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0641>), [CVE-2019-0643](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0643>) and [CVE-2019-0670](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0670>). \n\n\n### Coverage \n\nIn response to these vulnerability disclosures, Talos is releasing the following SNORT\u24c7 rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org. \n \nSnort rules: [49128 - 49170](<https://snort.org/advisories/talos-rules-2019-02-12>) \n\n\n \n\n\n", "modified": "2019-02-12T19:55:00", "published": "2019-02-12T11:55:00", "id": "TALOSBLOG:AB5E63755953149993334997F5123794", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/YjaBeKVxw9M/microsoft-patch-tuesday-february-2019.html", "type": "talosblog", "title": "Microsoft Patch Tuesday \u2014 February 2019: Vulnerability disclosures and Snort coverage", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}