Lucene search

K
myhack58佚名MYHACK58:62201995515
HistoryAug 14, 2019 - 12:00 a.m.

Microsoft Patch Day: Word/DHCP/LNK remote code execution vulnerability alerts-a vulnerability alert-the black bar safety net

2019-08-1400:00:00
佚名
www.myhack58.com
86

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.902 High

EPSS

Percentile

98.8%

2019 8 May 14, Microsoft released security updates in addition to the RDP vulnerability also covers for a plurality of remote code execution high-risk vulnerabilities repair.
Microsoft Word remote code execution vulnerability, the vulnerability number CVE-2019-0585。
The Windows DHCP client remote code execution vulnerability, the vulnerability number CVE-2019-0736 in.
LNK remote code execution vulnerability, the vulnerability number CVE-2019-1188 the.

0x01 vulnerability details
LNK remote code execution vulnerability CVE-2019-1188
This LNK remote code execution vulnerability and before Stuxnet the use of the LNK vulnerability and to bypass similar. If the system is processing the attacker prepared. LNK file, an attacker can remotely execute code. The attacker can be through a removable drive(such as U disk)or a remote shared way of attack.
The vulnerability affects the following version of theoperating system: the
Windows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for 64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows Server 2019Windows Server 2019 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows Server, version 1903 (Server Core installation)
Microsoft Word remote code execution vulnerability CVE-2019-0585
Most of the word patch is rated as Important, but this one is rated as Critical. Usually the word vulnerability requires that the victim Open in word vulnerability word document. For this vulnerability the attack vector is Outlook Preview Pane, and therefore the attacker will need to prepare the word document or link by e-mail sent to the victim, if the victim in the Outlook Preview Pane open, you could exploit this vulnerability to execute arbitrary code.
The vulnerability affects the following versions of office:
Microsoft Office 2010 Service Pack 2 (32-bit editions)Microsoft Office 2010 Service Pack 2 (64-bit editions)Microsoft Office 2016 for MacMicrosoft Office 2019 for 32-bit editionsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for MacMicrosoft Office Online ServerMicrosoft Office Web Apps 2010 Service Pack 2Microsoft Office Word ViewerMicrosoft SharePoint Enterprise Server 2013 Service Pack 1Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Server 2019Microsoft Word 2010 Service Pack 2 (32-bit editions)Microsoft Word 2010 Service Pack 2 (64-bit editions)Microsoft Word 2013 RT Service Pack 1Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions)Microsoft Word 2016 (32-bit edition)Microsoft Word 2016 (64-bit edition)Office 365 ProPlus for 32-bit SystemsOffice 365 ProPlus for 64-bit SystemsWord Automation Services
The Windows DHCP client remote code execution vulnerability CVE-2019-0736
If an attacker to the affected target to send one through the special design of the DHCP packets, this vulnerability could allow an attacker to execute arbitrary code. This process does not involve user interaction or authentication, in theory, also be worms of.
The vulnerability affects the following version of theoperating system: the
Windows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1703 for 32-bit SystemsWindows 10 Version 1703 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for 64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32- bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server, version 1803 (Server Core Installation)

0x02 repair recommendations
360CERT suggestions through the installation of 360 security guards(http://weishi.360.cn)for a key update. It is timely for the Microsoft Windows version of the update and keep Windows Automatic Updates turned on, you can also download the reference link in the package, the manual upgrade.

0x03 timeline
2019-08-14 the official Microsoft Security Bulletin
2019-08-14 360CERT warning0x04 reference links

  1. https://portal. msrc. microsoft. com/en-US/security-guidance/advisory/CVE-2019-05852. https://portal. msrc. microsoft. com/en-US/security-guidance/advisory/CVE-2019-07363. https://portal. msrc. microsoft. com/en-US/security-guidance/advisory/CVE-2019-11884. https://www. zerodayinitiative. com/blog/2019/8/13/the-august-2019-security-update-review

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.902 High

EPSS

Percentile

98.8%