-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2019.0156
                     Microsoft Windows Security Update
                               12 June 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Microsoft Windows
Operating System:     Windows 10
                      Windows 7
                      Windows 8.1
                      Windows Server 2008
                      Windows Server 2012 R2
                      Windows Server 2016
Impact/Access:        Execute Arbitrary Code/Commands -- Remote/Unauthenticated      
                      Increased Privileges            -- Existing Account            
                      Access Privileged Data          -- Remote with User Interaction
                      Denial of Service               -- Remote/Unauthenticated      
                      Provide Misleading Information  -- Remote/Unauthenticated      
                      Unauthorised Access             -- Remote/Unauthenticated      
Resolution:           Patch/Upgrade
CVE Names:            CVE-2019-1069 CVE-2019-1065 CVE-2019-1064
                      CVE-2019-1053 CVE-2019-1050 CVE-2019-1049
                      CVE-2019-1048 CVE-2019-1047 CVE-2019-1046
                      CVE-2019-1045 CVE-2019-1044 CVE-2019-1043
                      CVE-2019-1041 CVE-2019-1040 CVE-2019-1039
                      CVE-2019-1028 CVE-2019-1027 CVE-2019-1026
                      CVE-2019-1025 CVE-2019-1022 CVE-2019-1021
                      CVE-2019-1019 CVE-2019-1018 CVE-2019-1017
                      CVE-2019-1016 CVE-2019-1015 CVE-2019-1014
                      CVE-2019-1013 CVE-2019-1012 CVE-2019-1011
                      CVE-2019-1010 CVE-2019-1009 CVE-2019-1007
                      CVE-2019-0998 CVE-2019-0986 CVE-2019-0985
                      CVE-2019-0984 CVE-2019-0983 CVE-2019-0977
                      CVE-2019-0974 CVE-2019-0973 CVE-2019-0972
                      CVE-2019-0968 CVE-2019-0961 CVE-2019-0960
                      CVE-2019-0959 CVE-2019-0948 CVE-2019-0943
                      CVE-2019-0942 CVE-2019-0941 CVE-2019-0936
                      CVE-2019-0931 CVE-2019-0909 CVE-2019-0908
                      CVE-2019-0907 CVE-2019-0906 CVE-2019-0905
                      CVE-2019-0904 CVE-2019-0903 CVE-2019-0902
                      CVE-2019-0901 CVE-2019-0900 CVE-2019-0899
                      CVE-2019-0898 CVE-2019-0897 CVE-2019-0896
                      CVE-2019-0895 CVE-2019-0894 CVE-2019-0893
                      CVE-2019-0892 CVE-2019-0891 CVE-2019-0890
                      CVE-2019-0889 CVE-2019-0888 CVE-2019-0886
                      CVE-2019-0885 CVE-2019-0882 CVE-2019-0881
                      CVE-2019-0863 CVE-2019-0758 CVE-2019-0734
                      CVE-2019-0733 CVE-2019-0727 CVE-2019-0725
                      CVE-2019-0722 CVE-2019-0713 CVE-2019-0711
                      CVE-2019-0710 CVE-2019-0709 CVE-2019-0708
                      CVE-2019-0707 CVE-2019-0620 
Member content until: Friday, July 12 2019
Reference:            ASB-2019.0139
                      ASB-2019.0137
                      ESB-2019.2074
                      ESB-2019.2073

OVERVIEW

        Microsoft has released its monthly security patch update for the month of June 2019.
        
        This update resolves 95 vulnerabilities across the following products: [1]
        
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1703 for 32-bit Systems
         Windows 10 Version 1703 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for 64-based Systems
         Windows 10 Version 1709 for ARM64-based Systems
         Windows 10 Version 1803 for 32-bit Systems
         Windows 10 Version 1803 for ARM64-based Systems
         Windows 10 Version 1803 for x64-based Systems
         Windows 10 Version 1809 for 32-bit Systems
         Windows 10 Version 1809 for ARM64-based Systems
         Windows 10 Version 1809 for HoloLens
         Windows 10 Version 1809 for x64-based Systems
         Windows 10 Version 1903 for 32-bit Systems
         Windows 10 Version 1903 for ARM64-based Systems
         Windows 10 Version 1903 for x64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for Itanium-Based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)
         Windows Server 2019
         Windows Server 2019  (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         ADV190013       Information Disclosure   Important
         ADV190016       Elevation of Privilege   Important
         ADV190017       Remote Code Execution    Important
         CVE-2019-0620   Remote Code Execution    Critical
         CVE-2019-0707   Elevation of Privilege   Important
         CVE-2019-0708   Remote Code Execution    Critical
         CVE-2019-0709   Remote Code Execution    Critical
         CVE-2019-0710   Denial of Service        Important
         CVE-2019-0711   Denial of Service        Important
         CVE-2019-0713   Denial of Service        Important
         CVE-2019-0722   Remote Code Execution    Critical
         CVE-2019-0725   Remote Code Execution    Critical
         CVE-2019-0727   Elevation of Privilege   Important
         CVE-2019-0733   Security Feature Bypass  Important
         CVE-2019-0734   Elevation of Privilege   Important
         CVE-2019-0758   Information Disclosure   Important
         CVE-2019-0863   Elevation of Privilege   Important
         CVE-2019-0881   Elevation of Privilege   Important
         CVE-2019-0882   Information Disclosure   Important
         CVE-2019-0885   Remote Code Execution    Important
         CVE-2019-0886   Information Disclosure   Important
         CVE-2019-0888   Remote Code Execution    Critical
         CVE-2019-0889   Remote Code Execution    Important
         CVE-2019-0890   Remote Code Execution    Important
         CVE-2019-0891   Remote Code Execution    Important
         CVE-2019-0892   Elevation of Privilege   Important
         CVE-2019-0893   Remote Code Execution    Important
         CVE-2019-0894   Remote Code Execution    Important
         CVE-2019-0895   Remote Code Execution    Important
         CVE-2019-0896   Remote Code Execution    Important
         CVE-2019-0897   Remote Code Execution    Important
         CVE-2019-0898   Remote Code Execution    Important
         CVE-2019-0899   Remote Code Execution    Important
         CVE-2019-0900   Remote Code Execution    Important
         CVE-2019-0901   Remote Code Execution    Important
         CVE-2019-0902   Remote Code Execution    Important
         CVE-2019-0903   Remote Code Execution    Critical
         CVE-2019-0904   Remote Code Execution    Important
         CVE-2019-0905   Remote Code Execution    Important
         CVE-2019-0906   Remote Code Execution    Important
         CVE-2019-0907   Remote Code Execution    Important
         CVE-2019-0908   Remote Code Execution    Important
         CVE-2019-0909   Remote Code Execution    Important
         CVE-2019-0931   Elevation of Privilege   Important
         CVE-2019-0936   Elevation of Privilege   Important
         CVE-2019-0941   Denial of Service        Important
         CVE-2019-0942   Elevation of Privilege   Important
         CVE-2019-0943   Elevation of Privilege   Important
         CVE-2019-0948   Information Disclosure   Moderate
         CVE-2019-0959   Elevation of Privilege   Important
         CVE-2019-0960   Elevation of Privilege   Important
         CVE-2019-0961   Information Disclosure   Important
         CVE-2019-0968   Information Disclosure   Important
         CVE-2019-0972   Denial of Service        Important
         CVE-2019-0973   Elevation of Privilege   Important
         CVE-2019-0974   Remote Code Execution    Important
         CVE-2019-0977   Information Disclosure   Important
         CVE-2019-0983   Elevation of Privilege   Important
         CVE-2019-0984   Elevation of Privilege   Important
         CVE-2019-0985   Remote Code Execution    Critical
         CVE-2019-0986   Elevation of Privilege   Important
         CVE-2019-0998   Elevation of Privilege   Important
         CVE-2019-1007   Elevation of Privilege   Important
         CVE-2019-1009   Information Disclosure   Important
         CVE-2019-1010   Information Disclosure   Important
         CVE-2019-1011   Information Disclosure   Important
         CVE-2019-1012   Information Disclosure   Important
         CVE-2019-1013   Information Disclosure   Important
         CVE-2019-1014   Elevation of Privilege   Important
         CVE-2019-1015   Information Disclosure   Important
         CVE-2019-1016   Information Disclosure   Important
         CVE-2019-1017   Elevation of Privilege   Important
         CVE-2019-1018   Elevation of Privilege   Important
         CVE-2019-1019   Security Feature Bypass  Important
         CVE-2019-1021   Elevation of Privilege   Important
         CVE-2019-1022   Elevation of Privilege   Important
         CVE-2019-1025   Denial of Service        Important
         CVE-2019-1026   Elevation of Privilege   Important
         CVE-2019-1027   Elevation of Privilege   Important
         CVE-2019-1028   Elevation of Privilege   Important
         CVE-2019-1039   Information Disclosure   Important
         CVE-2019-1040   Tampering                Important
         CVE-2019-1041   Elevation of Privilege   Important
         CVE-2019-1043   Remote Code Execution    Important
         CVE-2019-1044   Security Feature Bypass  Important
         CVE-2019-1045   Elevation of Privilege   Important
         CVE-2019-1046   Information Disclosure   Important
         CVE-2019-1047   Information Disclosure   Important
         CVE-2019-1048   Information Disclosure   Important
         CVE-2019-1049   Information Disclosure   Important
         CVE-2019-1050   Information Disclosure   Important
         CVE-2019-1053   Elevation of Privilege   Important
         CVE-2019-1064   Elevation of Privilege   Important
         CVE-2019-1065   Elevation of Privilege   Important
         CVE-2019-1069   Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version made available on the Microsoft Update Cataloge for the following Knowledge Base articles. [1].
        
        
         KB4503276, KB4503273, KB4503279, KB4499180, KB4499181
         KB4499158, KB4499149, KB4503290, KB4503291, KB4503292
         KB4503293, KB4499179, KB4503327, KB4499171, KB4499154
         KB4499175, KB4499151, KB4503269, KB4503263, KB4503267
         KB4494440, KB4494441, KB4497936, KB4503287, KB4503286
         KB4503285, KB4503284, KB4499167, KB4499164, KB4499165


REFERENCES

        [1] Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXQCaEGaOgq3Tt24GAQhgSxAAoewbnfZGzQpEMGdK5DzbK183qtraWyK1
4wm4FVWFxm0UNnjV8kN9MTcF4jSb3YMI7FHbwpDwr1bA+WFntKGRh7P0v+j9fD4h
KW52BdeBt9kk9ghzVHwHZZ2xLpgbPzroT4T+xinJ+8Ydd77BCFisHA4MwxfslsfL
DglQvBgVFDff+hXV54VT1JhOLw4XMr39yDChjcHDWBZCf5paFUBpQKu/XEwM+Epc
zEO5DfC6AucWBGyvgn5ieSXQ97vkgCvKXKbNYS3NT8rGeWEu5NMd5a95CiTdSQMJ
wc/LpAKAE8gsMYKuUV4O5yRBi6GxeNk4RCEjX2JGj/M7Ox3N2c4j/DExrsfjfQIe
DpbDk7XC9u5ObOVtBJz0WCweT3vy3Z0MCWQ0SmHgPsfWNGxPyH7l9tzdUihpRR3x
Uy673utv/6369tTqx/IfPW8kFmyX9HVrRCWyryfZhkEkRDyUsFlp1dxO+WOuqqRD
+9z6iiKhT7gEqo/6Q23TNM6fmT6I8140wRmnGI+fpDcb4pzSOmmprF4f0Ku5sM2v
2rYB4J8+GjWDmMrOCQMwSFIWHHXeGcVThPHYm8M7Dv1cWw9pc+flsvsRaW8mOoY8
rWqpnLmygobAyhNnE+3LCdG59wsmYIq2cJNjaA23ocYKW5sF7PlDCIW3ERViggbO
02gz8zt43gU=
=p5Df
-----END PGP SIGNATURE-----