Operating System:

[WIN]

Published:

10 January 2019

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ASB-2019.0003.3 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                              ASB-2019.0003.3
                             Microsoft Windows
                              10 January 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Windows 10
                      Windows 7
                      Windows 8.1
                      Windows Server 2008
                      Windows Server 2012
                      Windows Server 2016
                      Windows Server 2019
Operating System:     Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Access Privileged Data          -- Remote with User Interaction
                      Increased Privileges            -- Existing Account            
Resolution:           Patch/Upgrade
CVE Names:            CVE-2019-0584 CVE-2019-0583 CVE-2019-0582
                      CVE-2019-0581 CVE-2019-0580 CVE-2019-0579
                      CVE-2019-0578 CVE-2019-0577 CVE-2019-0576
                      CVE-2019-0575 CVE-2019-0574 CVE-2019-0573
                      CVE-2019-0572 CVE-2019-0571 CVE-2019-0570
                      CVE-2019-0569 CVE-2019-0555 CVE-2019-0554
                      CVE-2019-0553 CVE-2019-0552 CVE-2019-0551
                      CVE-2019-0550 CVE-2019-0549 CVE-2019-0547
                      CVE-2019-0543 CVE-2019-0538 CVE-2019-0536
Member content until: Friday, February  8 2019

Revision History:     January 10 2019: Update for Jan 2019
                      January  9 2019: Fixed typo
                      January  9 2019: Initial Release

OVERVIEW

        Microsoft has released its monthly security patch update for the month 
        of January 2019.
        
        This update resolves 27 vulnerabilities across the following products: 
        [1]
        
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1703 for 32-bit Systems
         Windows 10 Version 1703 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for 64-based Systems
         Windows 10 Version 1709 for ARM64-based Systems
         Windows 10 Version 1803 for 32-bit Systems
         Windows 10 Version 1803 for ARM64-based Systems
         Windows 10 Version 1803 for x64-based Systems
         Windows 10 Version 1809 for 32-bit Systems
         Windows 10 Version 1809 for ARM64-based Systems
         Windows 10 Version 1809 for x64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for Itanium-Based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)
         Windows Server 2019
         Windows Server 2019  (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2019-0536   Information Disclosure   Important
         CVE-2019-0538   Remote Code Execution    Important
         CVE-2019-0543   Elevation of Privilege   Important
         CVE-2019-0547   Remote Code Execution    Critical
         CVE-2019-0549   Information Disclosure   Important
         CVE-2019-0550   Remote Code Execution    Critical
         CVE-2019-0551   Remote Code Execution    Critical
         CVE-2019-0552   Elevation of Privilege   Important
         CVE-2019-0553   Information Disclosure   Important
         CVE-2019-0554   Information Disclosure   Important
         CVE-2019-0555   Elevation of Privilege   Important
         CVE-2019-0569   Information Disclosure   Important
         CVE-2019-0570   Elevation of Privilege   Important
         CVE-2019-0571   Elevation of Privilege   Important
         CVE-2019-0572   Elevation of Privilege   Important
         CVE-2019-0573   Elevation of Privilege   Important
         CVE-2019-0574   Elevation of Privilege   Important
         CVE-2019-0575   Remote Code Execution    Important
         CVE-2019-0576   Remote Code Execution    Important
         CVE-2019-0577   Remote Code Execution    Important
         CVE-2019-0578   Remote Code Execution    Important
         CVE-2019-0579   Remote Code Execution    Important
         CVE-2019-0580   Remote Code Execution    Important
         CVE-2019-0581   Remote Code Execution    Important
         CVE-2019-0582   Remote Code Execution    Important
         CVE-2019-0583   Remote Code Execution    Important
         CVE-2019-0584   Remote Code Execution    Important


MITIGATION

        Microsoft recommends updating the software with the version made 
        available on the Microsoft Update Catalogue for the following Knowledge 
        Base articles. [1].
        
        
         KB4480963, KB4480973, KB4480975, KB4480961, KB4480116
         KB4480960, KB4480972, KB4480962, KB4480970, KB4480964
         KB4480966, KB4480968, KB4480957, KB4480978


REFERENCES

        [1] Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXDaSDmaOgq3Tt24GAQjSEQ//epn75WLE5NmmQuVl6TAgT1qbuEXAtiI7
v6BjjvAxiH18b2kgQEEw6Qu1QkMg6MxG5iiTArNGxQTZhzRMSbWnkKHZIIem3iRZ
YMchmsFZ8yCvXmZBsqvgKVDvUzl6rqR/9FKsJWa8BPGCoBoauE7QDB/mLc7uVVhB
4b9b1Q78J/WbQiAablDJsrj1KH1VJF9nZSYKe/BTjcfJZLFkoB+qW5hCd2es8Epg
TP3Lrz0vK8uKIyQLpzVo5dSk2ogT2qKyJtzJ1MZ7DkTpjbywItdj3tU84i17z2hW
ch6YLOEIAvbHXmot6yYAfim6vNnZ9Em0HNpXEhByALoaYX4I6w22D3z4Y65K9MZU
LBdM5c0EMHZiiEi1LQlKBsT5AdjGaLAZK3KDKrvOxcbB5FzRxt22ShrR0I6S44Ij
zxZg3Vn75STVVSVPTBJ25+TjGM31EXoxwj0/I6aVxJjn2KtXKqu2GtrPbz+26TF4
3wTHocy1UI3etKng6+ZbpKnODFqFDHh7wfdFf8jqdgqv/BfvZtEvrvb7SUuwRTaE
+kELvS0mMfkwwe1xELeLnZoQrzMZL8/52fth8uI6B0oCdv5Xu36IPxHapl2Y6w/F
ToS46H71RA+LDz02gR3PynnM8dexVx1neQAPqn0qpuVtoY0bztRcJFuqqm0XV1b0
6UfgMIIoTrM=
=7gYs
-----END PGP SIGNATURE-----