Search...

Microsoft Edge Chakra Scripting Engine CVE-2019-0770 Remote Memory Corruption Vulnerability

2019-03-12T00:00:00

ID SMNTC-107251
Type symantec
Reporter Symantec Security Response
Modified 2019-03-12T00:00:00

Description

Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions.

Technologies Affected

Microsoft Edge

Recommendations

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits

Do not follow links provided by unknown or untrusted sources.
Web users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.

Implement multiple redundant layers of security.
Memory-protection schemes (such as nonexecutable stack and heap configurations and randomly mapped memory segments) will complicate exploits of memory-corruption vulnerabilities.

Updates are available. Please see the references or vendor advisory for more information.

JSON Vulners Source

Initial Source

{"id": "SMNTC-107251", "bulletinFamily": "software", "title": "Microsoft Edge Chakra Scripting Engine CVE-2019-0770 Remote Memory Corruption Vulnerability", "description": "### Description\n\nMicrosoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions.\n\n### Technologies Affected\n\n * Microsoft Edge \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nMemory-protection schemes (such as nonexecutable stack and heap configurations and randomly mapped memory segments) will complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "published": "2019-03-12T00:00:00", "modified": "2019-03-12T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/107251", "reporter": "Symantec Security Response", "references": [], "cvelist": ["CVE-2019-0770"], "type": "symantec", "lastseen": "2019-03-12T23:49:51", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "c99ee5e3babf3ac49f6dec6fab2033c5"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "2ced72ee4fa7858e11500c9f515f290f"}, {"key": "href", "hash": "4fa3830ff7d612a0d872487e57f329d0"}, {"key": "modified", "hash": "eeec691869a764a07bece6a3f6892c61"}, {"key": "published", "hash": "eeec691869a764a07bece6a3f6892c61"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "d6218597dc7a1b025a781373296b2b63"}, {"key": "title", "hash": "e561c31348419858b7767fc120832e1d"}, {"key": "type", "hash": "52e3bbafc627009ac13caff1200a0dbf"}], "hash": "63c21799560b6be41bb957137c23411b0f4b4eb6974f1f703bdf9ec2d796dfce", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-0770"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814693", "OPENVAS:1361412562310814696", "OPENVAS:1361412562310814695", "OPENVAS:1361412562310814697", "OPENVAS:1361412562310814694"]}, {"type": "talosblog", "idList": ["TALOSBLOG:D9C5C0AB436B4386A2A294DC24E5D966"]}], "modified": "2019-03-12T23:49:51"}, "score": {"value": 6.8, "vector": "NONE", "modified": "2019-03-12T23:49:51"}, "vulnersScore": 6.8}, "objectVersion": "1.3", "affectedSoftware": []}

{"cve": [{"lastseen": "2019-04-10T10:38:59", "bulletinFamily": "NVD", "description": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.", "modified": "2019-04-09T14:26:41", "published": "2019-04-08T23:29:00", "id": "CVE-2019-0770", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0770", "title": "CVE-2019-0770", "type": "cve", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-06T14:22:07", "bulletinFamily": "scanner", "description": "This host is missing a critical security\n update according to Microsoft KB4489872", "modified": "2019-05-03T00:00:00", "published": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310814693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814693", "title": "Microsoft Windows Multiple Vulnerabilities (KB4489872)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814693\");\n script_version(\"2019-05-03T10:54:50+0000\");\n script_cve_id(\"CVE-2019-0609\", \"CVE-2019-0782\", \"CVE-2019-0783\", \"CVE-2019-0784\",\n \"CVE-2019-0614\", \"CVE-2019-0617\", \"CVE-2019-0797\", \"CVE-2019-0821\",\n \"CVE-2019-0680\", \"CVE-2019-0690\", \"CVE-2019-0695\", \"CVE-2019-0702\",\n \"CVE-2019-0703\", \"CVE-2019-0704\", \"CVE-2019-0746\", \"CVE-2019-0754\",\n \"CVE-2019-0755\", \"CVE-2019-0756\", \"CVE-2019-0759\", \"CVE-2019-0761\",\n \"CVE-2019-0763\", \"CVE-2019-0765\", \"CVE-2019-0767\", \"CVE-2019-0769\",\n \"CVE-2019-0770\", \"CVE-2019-0771\", \"CVE-2019-0772\", \"CVE-2019-0773\",\n \"CVE-2019-0774\", \"CVE-2019-0775\", \"CVE-2019-0776\", \"CVE-2019-0780\",\n \"CVE-2019-0665\", \"CVE-2019-0666\", \"CVE-2019-0667\", \"CVE-2019-0601\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 10:54:50 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-13 08:42:56 +0530 (Wed, 13 Mar 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4489872)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4489872\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the\n target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows kernel improperly handles objects in memory.\n\n - The win32k component improperly provides kernel information.\n\n - The Microsoft XML Core Services MSXML parser processes user input.\n\n - Windows improperly handles objects in memory.\n\n - The Win32k component fails to properly handle objects in memory.\n\n - Windows Print Spooler does not properly handle objects in memory.\n\n - Microsoft Hyper-V Network Switch on a host server fails to properly\n validate input from a privileged user on a guest operating system.\n\n - Windows SMB Server does not properly handles certain requests.\n\n - Windows kernel improperly initializes objects in memory.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Internet Explorer fails to validate the correct Security Zone of requests\n for specific URLs.\n\n - Microsoft browsers improperly access objects in memory.\n\n - The ActiveX Data objects (ADO) improperly handles objects in memory.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to execute arbitrary code on a victim system, obtain information\n to further compromise the user's system, gain elevated privileges, cause the\n host server to crash and bypass security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Windows 10 for 32-bit Systems and\n\n Windows 10 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4489872\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\ndllPath = smb_get_system32root();\nif(!dllPath ){\n exit(0);\n}\n\nfileVer = fetch_file_version(sysPath:dllPath, file_name:\"Edgehtml.dll\");\nif(!fileVer){\n exit(0);\n}\n\nif(version_in_range(version:fileVer, test_version:\"11.0.10240.0\", test_version2:\"11.0.10240.18157\"))\n{\n report = report_fixed_ver(file_checked:dllPath + \"\\Edgehtml.dll\",\n file_version:fileVer, vulnerable_range:\"11.0.10240.0 - 11.0.10240.18157\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-06T14:22:06", "bulletinFamily": "scanner", "description": "This host is missing a critical security\n update according to Microsoft KB4489871", "modified": "2019-05-03T00:00:00", "published": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310814694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814694", "title": "Microsoft Windows Multiple Vulnerabilities (KB4489871)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814694\");\n script_version(\"2019-05-03T10:54:50+0000\");\n script_cve_id(\"CVE-2019-0609\", \"CVE-2019-0782\", \"CVE-2019-0783\", \"CVE-2019-0784\",\n \"CVE-2019-0611\", \"CVE-2019-0612\", \"CVE-2019-0614\", \"CVE-2019-0617\",\n \"CVE-2019-0797\", \"CVE-2019-0821\", \"CVE-2019-0680\", \"CVE-2019-0682\",\n \"CVE-2019-0690\", \"CVE-2019-0695\", \"CVE-2019-0696\", \"CVE-2019-0702\",\n \"CVE-2019-0703\", \"CVE-2019-0704\", \"CVE-2019-0746\", \"CVE-2019-0754\",\n \"CVE-2019-0755\", \"CVE-2019-0756\", \"CVE-2019-0759\", \"CVE-2019-0761\",\n \"CVE-2019-0763\", \"CVE-2019-0765\", \"CVE-2019-0766\", \"CVE-2019-0767\",\n \"CVE-2019-0769\", \"CVE-2019-0770\", \"CVE-2019-0771\", \"CVE-2019-0772\",\n \"CVE-2019-0773\", \"CVE-2019-0774\", \"CVE-2019-0775\", \"CVE-2019-0776\",\n \"CVE-2019-0779\", \"CVE-2019-0780\", \"CVE-2019-0665\", \"CVE-2019-0666\",\n \"CVE-2019-0667\", \"CVE-2019-0678\", \"CVE-2019-0601\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 10:54:50 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-13 09:06:34 +0530 (Wed, 13 Mar 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4489871)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4489871\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Microsoft Edge does not properly enforce cross-domain policies.\n\n - The scripting engine improperly handles objects in memory in Microsoft\n browsers.\n\n - Click2Play protection in Microsoft Edge improperly handles flash objects.\n\n - The Chakra scripting engine handles objects in memory in Microsoft Edge.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows kernel improperly handles objects in memory.\n\n - The win32k component improperly provides kernel information.\n\n - Microsoft XML Core Services MSXML parser improperly processes user input.\n\n - Windows Print Spooler does not properly handle objects in memory.\n\n - Microsoft Edge improperly accesses objects in memory.\n\n - Microsoft Hyper-V Network Switch on a host server fails to properly\n validate input from a privileged user on a guest operating system.\n\n - Windows kernel fails to properly handle objects in memory.\n\n - An error in way Windows SMB Server handles certain requests.\n\n - Windows AppX Deployment Server that allows file creation in arbitrary\n locations.\n\n - Windows kernel improperly initializes objects in memory.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Internet Explorer fails to validate the correct Security Zone of requests\n for specific URLs.\n\n - An error in the ActiveX Data objects (ADO) handles objects in memory.\n\n - An integer overflow in Windows Subsystem for Linux.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to elevate privileges, run arbitrary code on a target system,\n gain access to potentially sensitive data, causes a host machine to crash\n and bypass security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1703 x32/x64\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4489871\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\ndllPath = smb_get_system32root();\nif(!dllPath ){\n exit(0);\n}\n\nfileVer = fetch_file_version(sysPath:dllPath, file_name:\"Edgehtml.dll\");\nif(!fileVer){\n exit(0);\n}\n\nif(version_in_range(version:fileVer, test_version:\"11.0.15063.0\", test_version2:\"11.0.15063.1688\"))\n{\n report = report_fixed_ver(file_checked:dllPath + \"\\Edgehtml.dll\",\n file_version:fileVer, vulnerable_range:\"11.0.15063.0 - 11.0.15063.1688\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-06T14:22:07", "bulletinFamily": "scanner", "description": "This host is missing a critical security\n update according to Microsoft KB4489886", "modified": "2019-05-03T00:00:00", "published": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310814696", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814696", "title": "Microsoft Windows Multiple Vulnerabilities (KB4489886)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814696\");\n script_version(\"2019-05-03T10:54:50+0000\");\n script_cve_id(\"CVE-2019-0609\", \"CVE-2019-0780\", \"CVE-2019-0782\", \"CVE-2019-0783\",\n \"CVE-2019-0611\", \"CVE-2019-0612\", \"CVE-2019-0614\", \"CVE-2019-0617\",\n \"CVE-2019-0784\", \"CVE-2019-0797\", \"CVE-2019-0821\", \"CVE-2019-0678\",\n \"CVE-2019-0680\", \"CVE-2019-0682\", \"CVE-2019-0689\", \"CVE-2019-0690\",\n \"CVE-2019-0692\", \"CVE-2019-0693\", \"CVE-2019-0694\", \"CVE-2019-0695\",\n \"CVE-2019-0696\", \"CVE-2019-0702\", \"CVE-2019-0703\", \"CVE-2019-0704\",\n \"CVE-2019-0746\", \"CVE-2019-0754\", \"CVE-2019-0755\", \"CVE-2019-0756\",\n \"CVE-2019-0759\", \"CVE-2019-0761\", \"CVE-2019-0762\", \"CVE-2019-0763\",\n \"CVE-2019-0765\", \"CVE-2019-0766\", \"CVE-2019-0767\", \"CVE-2019-0768\",\n \"CVE-2019-0769\", \"CVE-2019-0770\", \"CVE-2019-0771\", \"CVE-2019-0772\",\n \"CVE-2019-0773\", \"CVE-2019-0774\", \"CVE-2019-0775\", \"CVE-2019-0776\",\n \"CVE-2019-0779\", \"CVE-2019-0665\", \"CVE-2019-0666\", \"CVE-2019-0667\",\n \"CVE-2019-0601\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 10:54:50 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-13 09:15:08 +0530 (Wed, 13 Mar 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4489886)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4489886\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Microsoft Edge does not properly enforce cross-domain policies.\n\n - The scripting engine improperly handles objects in memory in Microsoft\n Edge.\n\n - Click2Play protection in Microsoft Edge improperly handles flash objects.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows GDI component improperly discloses the contents of its\n memory.\n\n - Windows kernel improperly handles objects in memory.\n\n - The win32k component improperly provides kernel information.\n\n - Microsoft XML Core Services MSXML parser improperly processes user input.\n\n - Windows Print Spooler does not properly handle objects in memory.\n\n - Microsoft Edge improperly accesses objects in memory.\n\n - An integer overflow in Windows Subsystem for Linux.\n\n - Microsoft Hyper-V Network Switch on a host server fails to properly\n validate input from a privileged user on a guest operating system.\n\n - Windows kernel fails to properly handle objects in memory.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - Windows SMB Server improperly handles certain requests.\n\n - Windows AppX Deployment Server that allows file creation in arbitrary\n locations.\n\n - Windows kernel improperly initializes objects in memory.\n\n - Microsoft browsers improperly handle requests of different origins.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Internet Explorer fails to validate the correct Security Zone of requests\n for specific URLs.\n\n - The ActiveX Data objects (ADO) improperly handles objects in memory.\n\n - When Internet Explorer VBScript execution policy does not properly restrict\n VBScript under specific conditions, and to allow requests that should otherwise\n be ignored.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to elevate privileges, run arbitrary code on a target system,\n cause the host server to crash and bypass security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Windows 10 Version 1709 for 32-bit Systems\n\n Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4489886\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\ndllPath = smb_get_system32root();\nif(!dllPath ){\n exit(0);\n}\n\nfileVer = fetch_file_version(sysPath:dllPath, file_name:\"Edgehtml.dll\");\nif(!fileVer){\n exit(0);\n}\n\nif(version_in_range(version:fileVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.1028\"))\n{\n report = report_fixed_ver(file_checked:dllPath + \"\\Edgehtml.dll\",\n file_version:fileVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.1028\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-06T14:22:04", "bulletinFamily": "scanner", "description": "This host is missing a critical security\n update according to Microsoft KB4489868", "modified": "2019-05-03T00:00:00", "published": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310814697", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814697", "title": "Microsoft Windows Multiple Vulnerabilities (KB4489868)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814697\");\n script_version(\"2019-05-03T10:54:50+0000\");\n script_cve_id(\"CVE-2019-0603\", \"CVE-2019-0609\", \"CVE-2019-0780\", \"CVE-2019-0782\",\n \"CVE-2019-0783\", \"CVE-2019-0611\", \"CVE-2019-0612\", \"CVE-2019-0614\",\n \"CVE-2019-0617\", \"CVE-2019-0784\", \"CVE-2019-0797\", \"CVE-2019-0821\",\n \"CVE-2019-0678\", \"CVE-2019-0680\", \"CVE-2019-0682\", \"CVE-2019-0689\",\n \"CVE-2019-0690\", \"CVE-2019-0692\", \"CVE-2019-0693\", \"CVE-2019-0694\",\n \"CVE-2019-0695\", \"CVE-2019-0696\", \"CVE-2019-0697\", \"CVE-2019-0698\",\n \"CVE-2019-0701\", \"CVE-2019-0702\", \"CVE-2019-0703\", \"CVE-2019-0704\",\n \"CVE-2019-0726\", \"CVE-2019-0746\", \"CVE-2019-0754\", \"CVE-2019-0755\",\n \"CVE-2019-0756\", \"CVE-2019-0759\", \"CVE-2019-0761\", \"CVE-2019-0762\",\n \"CVE-2019-0763\", \"CVE-2019-0765\", \"CVE-2019-0766\", \"CVE-2019-0767\",\n \"CVE-2019-0768\", \"CVE-2019-0769\", \"CVE-2019-0770\", \"CVE-2019-0771\",\n \"CVE-2019-0772\", \"CVE-2019-0773\", \"CVE-2019-0774\", \"CVE-2019-0775\",\n \"CVE-2019-0776\", \"CVE-2019-0639\", \"CVE-2019-0665\", \"CVE-2019-0666\",\n \"CVE-2019-0667\", \"CVE-2019-0601\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 10:54:50 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-13 09:20:16 +0530 (Wed, 13 Mar 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4489868)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4489868\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Microsoft Edge does not properly enforce cross-domain policies.\n\n - An error in way scripting engine handles objects in memory in Microsoft Edge.\n\n - Click2Play protection in Microsoft Edge improperly handles flash objects.\n\n - ChakraCore scripting engine improperly handles objects in memory.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows kernel improperly handles objects in memory.\n\n - The win32k component improperly provides kernel information.\n\n - Microsoft XML Core Services MSXML parser improperly processes user input.\n\n - The Win32k component fails to properly handle objects in memory.\n\n - Windows Print Spooler does not properly handle objects in memory.\n\n - An integer overflow in Windows Subsystem for Linux.\n\n - Microsoft Hyper-V Network Switch on a host server fails to properly\n validate input from a privileged user on a guest operating system.\n\n - Windows kernel fails to properly handle objects in memory.\n\n - Windows DHCP client does not validate specially crafted DHCP responses\n to a client.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - Windows SMB Server fails to properly handle handles certain requests.\n\n - VBScript engine improperly handles objects in memory.\n\n - Windows Deployment Services TFTP Server improperly handles objects in\n memory.\n\n - Windows AppX Deployment Server allows file creation in arbitrary\n locations.\n\n - Microsoft browsers improperly handle requests of different origins.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Internet Explorer fails to validate the correct Security Zone of requests\n for specific URLs.\n\n - The ActiveX Data objects (ADO) improperly handles objects in memory.\n\n - Internet Explorer VBScript execution policy does not properly restrict\n VBScript under specific conditions, and to allow requests that should otherwise\n be ignored.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to elevate privileges, execute arbitrary code on a victim system,\n cause a target system to stop responding and bypass security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Windows 10 Version 1803 for 32-bit Systems\n\n Windows 10 Version 1803 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4489868\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\ndllPath = smb_get_system32root();\nif(!dllPath ){\n exit(0);\n}\n\nfileVer = fetch_file_version(sysPath:dllPath, file_name:\"Edgehtml.dll\");\nif(!fileVer){\n exit(0);\n}\n\nif(version_in_range(version:fileVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.647\"))\n{\n report = report_fixed_ver(file_checked:dllPath + \"\\Edgehtml.dll\",\n file_version:fileVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.647\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-06T14:22:07", "bulletinFamily": "scanner", "description": "This host is missing a critical security\n update according to Microsoft KB4489882", "modified": "2019-05-03T00:00:00", "published": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310814695", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814695", "title": "Microsoft Windows Multiple Vulnerabilities (KB4489882)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814695\");\n script_version(\"2019-05-03T10:54:50+0000\");\n script_cve_id(\"CVE-2019-0603\", \"CVE-2019-0609\", \"CVE-2019-0782\", \"CVE-2019-0783\",\n \"CVE-2019-0784\", \"CVE-2019-0614\", \"CVE-2019-0617\", \"CVE-2019-0797\",\n \"CVE-2019-0821\", \"CVE-2019-0680\", \"CVE-2019-0690\", \"CVE-2019-0695\",\n \"CVE-2019-0696\", \"CVE-2019-0702\", \"CVE-2019-0703\", \"CVE-2019-0704\",\n \"CVE-2019-0746\", \"CVE-2019-0754\", \"CVE-2019-0755\", \"CVE-2019-0756\",\n \"CVE-2019-0759\", \"CVE-2019-0761\", \"CVE-2019-0763\", \"CVE-2019-0765\",\n \"CVE-2019-0766\", \"CVE-2019-0767\", \"CVE-2019-0769\", \"CVE-2019-0770\",\n \"CVE-2019-0771\", \"CVE-2019-0772\", \"CVE-2019-0773\", \"CVE-2019-0774\",\n \"CVE-2019-0775\", \"CVE-2019-0776\", \"CVE-2019-0779\", \"CVE-2019-0780\",\n \"CVE-2019-0665\", \"CVE-2019-0666\", \"CVE-2019-0667\", \"CVE-2019-0678\",\n \"CVE-2019-0601\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 10:54:50 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-13 09:11:30 +0530 (Wed, 13 Mar 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4489882)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4489882\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Microsoft Edge does not properly enforce cross-domain policies.\n\n - The scripting engine improperly handles objects in memory in Microsoft Edge.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows GDI component improperly discloses the contents of its\n memory.\n\n - Windows kernel improperly handles objects in memory.\n\n - The win32k component improperly provides kernel information.\n\n - Microsoft XML Core Services MSXML parser processes user input.\n\n - Windows improperly handles objects in memory.\n\n - The Windows Print Spooler does not properly handle objects in memory.\n\n - Microsoft Hyper-V Network Switch on a host server fails to properly\n validate input from a privileged user on a guest operating system.\n\n - Windows kernel fails to properly handle objects in memory.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - Chakra scripting engine handles objects in memory in\n Microsoft Edge.\n\n - Windows SMB Server does not properly handles certain requests.\n\n - Windows Deployment Services TFTP Server does not properly handle objects\n in memory.\n\n - Windows AppX Deployment Server allows file creation in arbitrary\n locations.\n\n - Internet Explorer improperly accesses objects in memory.\n\n - Internet Explorer fails to validate the correct Security Zone of requests\n for specific URLs.\n\n - The ActiveX Data objects (ADO) improperly handles objects in memory.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to elevate privileges, execute arbitrary code on a victim system,\n cause the host server to crash and bypass security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1607 x32/x64\n\n Microsoft Windows Server 2016\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4489882\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2016:1) <= 0){\n exit(0);\n}\n\ndllPath = smb_get_system32root();\nif(!dllPath ){\n exit(0);\n}\n\nfileVer = fetch_file_version(sysPath:dllPath, file_name:\"Edgehtml.dll\");\nif(!fileVer){\n exit(0);\n}\n\nif(version_in_range(version:fileVer, test_version:\"11.0.14393.0\", test_version2:\"11.0.14393.2847\"))\n{\n report = report_fixed_ver(file_checked:dllPath + \"\\Edgehtml.dll\",\n file_version:fileVer, vulnerable_range:\"11.0.14393.0 - 11.0.14393.2847\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "talosblog": [{"lastseen": "2019-04-10T07:55:24", "bulletinFamily": "blog", "description": "[![](https://4.bp.blogspot.com/-N7KuLtUvvXQ/XIfHXnKAXQI/AAAAAAAAFjI/trcN807FgdUskZ_UAx0dWuRlD5HpF9xeACK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg)](<http://4.bp.blogspot.com/-N7KuLtUvvXQ/XIfHXnKAXQI/AAAAAAAAFjI/trcN807FgdUskZ_UAx0dWuRlD5HpF9xeACK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg>) \nMicrosoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 64 vulnerabilities, 17 of which are rated \u201ccritical,\u201d 45 that are considered \u201cimportant\u201d and one \u201cmoderate\u201d and \u201clow\u201d vulnerability each. This release also includes two critical advisories \u2014 one covering security updates to Adobe Flash Player and another concerning SHA-2. \n \nThis month\u2019s security update covers security issues in a variety of Microsoft\u2019s products, including the VBScript scripting engine, Dynamic Host Configuration Protocol and the Chakra scripting engine. For coverage of these vulnerabilities, read the SNORT\u24c7 blog post [here](<https://blog.snort.org/2019/03/snort-rule-update-for-march-12-2019.html>). \n\n\n### Critical vulnerabilities\n\nMicrosoft disclosed 17 critical vulnerabilities this month, all of which we will highlight below. \n \n[CVE-2019-0592](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592>) is a memory corruption vulnerability in the Chakra scripting engine that could allow an attacker to elevate their privileges. The bug lies in the way that the scripting engine handles objects in memory. In order to exploit this vulnerability, an attacker would need to trick a user into visiting a specially crafted, malicious web page in the Microsoft Edge web browser. \n \n[CVE-2019-0763](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0763>) is a remote code execution vulnerability that exists when the Internet Explorer web browser improperly handles objects in memory. An attacker could exploit this vulnerability by tricking a user into visiting a malicious web page while using Internet Explorer. \n \n[CVE-2019-0756](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0756>) is a remote code execution vulnerability in the Microsoft XML Core Services MSXML parser. An attacker can exploit this bug by tricking the user into opening a specially crafted website designed to invoke MSXML through a web browser. Eventually, the attacker would gain the ability to execute malicious code and take control of the user\u2019s system. \n \n[CVE-2019-0609](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609>), [CVE-2019-0639](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639>), [CVE-2019-0680](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0680>), [CVE-2019-0769](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769>), [CVE-2019-0770](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0770>), [CVE-2019-0771](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771>) and [CVE-2019-0773](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773>) are all memory corruption vulnerabilities in Microsoft\u2019s scripting engine that exist due to the way Microsoft Edge handles objects in memory. An attacker could exploit these bugs to corrupt memory in a way that would allow them to execute arbitrary code in the context of the current user. A user would trigger this vulnerability if they visited a specially crafted, malicious web page in Edge. \n \n[CVE-2019-0784](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784>) is a remote code execution vulnerability that exists due to the way ActiveX Data Objects (ADO) handle objects in memory. An attacker could exploit this bug by tricking a user into visiting a specially crafted, malicious web page in Internet Explorer. Alternatively, they could embed an ActiveX control marked \u201csafe for initialization\u201d in an application or Microsoft Office document that hosts the Internet Explorer rendering engine. \n \n[CVE-2019-0603](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0603>) is a remote code execution vulnerability in Windows Deployment Services TFTP Server. The bug lies in the way the server handles objects in memory. If an attacker were to exploit this vulnerability, they\u2019d gain the ability to execute arbitrary code with elevated permissions on a target system. \n \n[CVE-2019-0697](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0697>), [CVE-2019-0698](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0698>) and [CVE-2019-0726](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0726>) are remote code execution vulnerabilities in the Windows DHCP client. The vulnerability triggers when the client receives specially crafted DHCP responses to a client, potentially allowing an attacker to execute arbitrary code on the target machine. \n \n[CVE-2019-0666](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0666>) and [CVE-2019-0667](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0667>) are vulnerabilities in the VBScript engine that exist due to the way the engine handles objects in memory. An attacker could use these bugs to corrupt memory in a way that would allow them to execute arbitrary code in the context of the current user. A user could trigger these vulnerabilities by visiting an attacker-created website through Internet Explorer. An attacker could also provide them with an embedded ActiveX control marked \u201csafe for initialization\u201d in an application or Microsoft Office document that hosts the Internet Explorer rendering engine. \n\n\n### Important vulnerabilities\n\nThis release also contains 45 important vulnerabilities: \n\n\n * [CVE-2019-0784](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784>)\n * [CVE-2019-0611](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611>)\n * [CVE-2019-0612](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0612>)\n * [CVE-2019-0614](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0614>)\n * [CVE-2019-0617](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0617>)\n * [CVE-2019-0665](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0665>)\n * [CVE-2019-0678](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0678>)\n * [CVE-2019-0682](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0682>)\n * [CVE-2019-0683](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0683>)\n * [CVE-2019-0689](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0689>)\n * [CVE-2019-0690](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0690>)\n * [CVE-2019-0692](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0692>)\n * [CVE-2019-0693](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0693>)\n * [CVE-2019-0694](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0694>)\n * [CVE-2019-0695](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0695>)\n * [CVE-2019-0696](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0696>)\n * [CVE-2019-0701](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0701>)\n * [CVE-2019-0702](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0702>)\n * [CVE-2019-0703](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0703>)\n * [CVE-2019-0704](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0704>)\n * [CVE-2019-0746](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746>)\n * [CVE-2019-0748](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0748>)\n * [CVE-2019-0754](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0754>)\n * [CVE-2019-0755](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0755>)\n * [CVE-2019-0757](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757>)\n * [CVE-2019-0759](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0759>)\n * [CVE-2019-0761](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0761>)\n * [CVE-2019-0762](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0762>)\n * [CVE-2019-0765](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0765>)\n * [CVE-2019-0766](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0766>)\n * [CVE-2019-0767](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0767>)\n * [CVE-2019-0768](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0768>)\n * [CVE-2019-0772](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0772>)\n * [CVE-2019-0774](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0774>)\n * [CVE-2019-0775](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0775>)\n * [CVE-2019-0776](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0776>)\n * [CVE-2019-0778](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0778>)\n * [CVE-2019-0779](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0779>)\n * [CVE-2019-0780](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0780>)\n * [CVE-2019-0782](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0782>)\n * [CVE-2019-0783](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0783>)\n * [CVE-2019-0797](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797>)\n * [CVE-2019-0798](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0798>)\n * [CVE-2019-0808](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808>)\n * [CVE-2019-0809](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0809>)\n * [CVE-2019-0821](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0821>)\n\n### Moderate\n\nThere was one moderate vulnerability in this release: [CVE-2019-0816](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0816>), a security feature bypass vulnerability in Azure SSH Keypairs. \n\n\n### Low\n\nThe only low vulnerability in this release is [CVE-2019-0777](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0777>), a cross-site scripting vulnerability in Team Foundation. \n\n\n### Coverage \n\nIn response to these vulnerability disclosures, Talos is releasing the following SNORT\u24c7 rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org. \n \nSnort rules: [45142, 45143](<https://snort.org/advisories/600>), [46554, 46555](<https://snort.org/advisories/760>), [48051, 48052](<https://snort.org/advisories/609>), [49172, 49173, 49364 - 49369, 49371, 49372, 49378 - 49395, 49400 - 49403](<https://snort.org/advisories/760>) \n\n\n \n\n\n![](http://feeds.feedburner.com/~r/feedburner/Talos/~4/I_OWyHUhlnc)", "modified": "2019-03-12T18:00:13", "published": "2019-03-12T11:00:00", "id": "TALOSBLOG:D9C5C0AB436B4386A2A294DC24E5D966", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/I_OWyHUhlnc/microsoft-patch-tuesday-march-2019.html", "type": "talosblog", "title": "Microsoft Patch Tuesday \u2014 March 2019: Vulnerability disclosures and Snort coverage", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}