By 2019, 3-month Microsoft patch day multiple vulnerabilities early warning-vulnerability warning-the black bar safety net

GMT 2019 3 October 14, Microsoft issued a routine security update, patching Internet Explorer, Edge, Exchange Server, ChakraCore, Windows, Office, NuGet包管理器和.NET Framework of multiple products in a vulnerability. This 64 CVE, 17 were rated as severe(Critical), 45 were rated as important(Important), one was rated medium(Moderate), one was rated as low(Low). Four of the vulnerabilities are classified as public, the two vulnerabilities released patches before attackers take advantage of. A few of the more important of the vulnerability details are as follows.
CVE-2019-0797: this is Kaspersky Lab recently found in the Wild being used and reports of a fourth windows kernel 0day vulnerability to be found the EXP for from win8 to win10 build 15063 64-bit system. Kaspersky Lab believes that this vulnerability is more APT organization uses, including but not limited to FruityArmor and SandCat on. In Kaspersky’s blog provides some technical details: The fourth horseman: CVE-2019-0797 vulnerability
CVE-2019-0808: this is a google found in the wild and the chrome 0day exploit with sandbox escape windows kernel 0day vulnerability, after 360CERT has been released. warning: CVE-2019-5786: chrome in the wild exploit 0day vulnerability warning. 360 Core Security Technology Center by writing code to construct a POC for a vulnerability to trigger the process for some of the reduction, so that security vendors can increase the appropriate protective measures: about CVE-2019-0808 kernel mention the right vulnerability cause analysis. The vulnerability is a NULL pointer dereference vulnerability, only in win7 on the use, it is found that the EXP for win7 32-bit system.
CVE-2019-0697, CVE-2019-0698, CVE-2019-0726: this is the month to repair the three DHCP-related vulnerabilities. Domestic and international security research team for last month repair DHCP in CVE-2019-0626 issued a technical analysis: the Windows DHCP Server Remote Code Execution Vulnerability Analysis CVE-2019-0626; and Analyzing a Windows DHCP Server Bug (CVE-2019-0626)。 When the attacker sends to the DHCP server well-designed data packet and successfully exploited, it can be in the DHCP service in the execution of arbitrary code. Microsoft has released for win10 1803/1809 and windows server 2019/1803 patch.
CVE-2019-0603: the vulnerability could allow an attacker via a specially crafted TFTP message executed with elevated privileges code. 2019 3 May 6, checkpoint released a blog post discloses 2018 11 on the repair of the TFTP in CVE-2018-8476: the PXE Dust: Finding a Vulnerability in Windows Servers Deployment Services. The vulnerability is similar to CVE-2018-8476, but this vulnerability in the TFTP service implementation, but not in the TFTP Protocol itself. windows released from win7 to win10 multiple versions of the patch.
In view of this month to fix multiple vulnerabilities affecting serious, some technical details of the disclosure, 360CERT recommended that the majority of users as soon as possible for repair.

0x01 timeline
2019-03-13 Microsoft issued a routine security update
2019-03-15 360CERT assessment of vulnerabilities, post vulnerabilities and Early Warning Bulletin