Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2019.0238
Security update for Microsoft Windows
14 August 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Windows
Operating System: Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Administrator Compromise -- Existing Account
Access Privileged Data -- Existing Account
Delete Arbitrary Files -- Existing Account
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote with User Interaction
Reduced Security -- Remote with User Interaction
Unauthorised Access -- Console/Physical
Resolution: Patch/Upgrade
CVE Names: CVE-2019-9518 CVE-2019-9514 CVE-2019-9513
CVE-2019-9512 CVE-2019-9511 CVE-2019-9506
CVE-2019-1228 CVE-2019-1227 CVE-2019-1226
CVE-2019-1225 CVE-2019-1224 CVE-2019-1223
CVE-2019-1222 CVE-2019-1213 CVE-2019-1212
CVE-2019-1206 CVE-2019-1198 CVE-2019-1190
CVE-2019-1188 CVE-2019-1187 CVE-2019-1186
CVE-2019-1185 CVE-2019-1184 CVE-2019-1183
CVE-2019-1182 CVE-2019-1181 CVE-2019-1180
CVE-2019-1179 CVE-2019-1178 CVE-2019-1177
CVE-2019-1176 CVE-2019-1175 CVE-2019-1174
CVE-2019-1173 CVE-2019-1172 CVE-2019-1171
CVE-2019-1170 CVE-2019-1169 CVE-2019-1168
CVE-2019-1164 CVE-2019-1163 CVE-2019-1162
CVE-2019-1161 CVE-2019-1159 CVE-2019-1158
CVE-2019-1157 CVE-2019-1156 CVE-2019-1155
CVE-2019-1154 CVE-2019-1153 CVE-2019-1152
CVE-2019-1151 CVE-2019-1150 CVE-2019-1149
CVE-2019-1148 CVE-2019-1147 CVE-2019-1146
CVE-2019-1145 CVE-2019-1144 CVE-2019-1143
CVE-2019-1078 CVE-2019-1057 CVE-2019-0965
CVE-2019-0736 CVE-2019-0723 CVE-2019-0720
CVE-2019-0718 CVE-2019-0717 CVE-2019-0716
CVE-2019-0715 CVE-2019-0714
Member content until: Friday, September 13 2019
Reference: ASB-2019.0234
ASB-2019.0233
ASB-2019.0227
ASB-2019.0224
ESB-2019.1489
ESB-2019.1461
ESB-2019.1450
OVERVIEW
Microsoft has released its monthly security patch update for the month
of August 2019. [1]
This update resolves 71 vulnerabilities across the following products:
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for 64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows Defender
Windows RT 8.1
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
IMPACT
Microsoft has given the following details regarding these
vulnerabilities.
Details Impact Severity
CVE-2019-0714 Denial of Service Important
CVE-2019-0715 Denial of Service Important
CVE-2019-0716 Denial of Service Important
CVE-2019-0717 Denial of Service Important
CVE-2019-0718 Denial of Service Important
CVE-2019-0720 Remote Code Execution Critical
CVE-2019-0723 Denial of Service Important
CVE-2019-0736 Remote Code Execution Critical
CVE-2019-0965 Remote Code Execution Critical
CVE-2019-1057 Remote Code Execution Important
CVE-2019-1078 Information Disclosure Important
CVE-2019-1143 Information Disclosure Important
CVE-2019-1144 Remote Code Execution Critical
CVE-2019-1145 Remote Code Execution Critical
CVE-2019-1146 Remote Code Execution Important
CVE-2019-1147 Remote Code Execution Important
CVE-2019-1148 Information Disclosure Important
CVE-2019-1149 Remote Code Execution Critical
CVE-2019-1150 Remote Code Execution Critical
CVE-2019-1151 Remote Code Execution Critical
CVE-2019-1152 Remote Code Execution Critical
CVE-2019-1153 Information Disclosure Important
CVE-2019-1154 Information Disclosure Important
CVE-2019-1155 Remote Code Execution Important
CVE-2019-1156 Remote Code Execution Important
CVE-2019-1157 Remote Code Execution Important
CVE-2019-1158 Information Disclosure Important
CVE-2019-1159 Elevation of Privilege Important
CVE-2019-1161 Elevation of Privilege Important
CVE-2019-1162 Elevation of Privilege Important
CVE-2019-1163 Security Feature Bypass Important
CVE-2019-1164 Elevation of Privilege Important
CVE-2019-1168 Elevation of Privilege Important
CVE-2019-1169 Elevation of Privilege Important
CVE-2019-1170 Elevation of Privilege Important
CVE-2019-1171 Information Disclosure Important
CVE-2019-1172 Information Disclosure Important
CVE-2019-1173 Elevation of Privilege Important
CVE-2019-1174 Elevation of Privilege Important
CVE-2019-1175 Elevation of Privilege Important
CVE-2019-1176 Elevation of Privilege Important
CVE-2019-1177 Elevation of Privilege Important
CVE-2019-1178 Elevation of Privilege Important
CVE-2019-1179 Elevation of Privilege Important
CVE-2019-1180 Elevation of Privilege Important
CVE-2019-1181 Remote Code Execution Critical
CVE-2019-1182 Remote Code Execution Critical
CVE-2019-1183 Remote Code Execution Critical
CVE-2019-1184 Elevation of Privilege Important
CVE-2019-1185 Elevation of Privilege Important
CVE-2019-1186 Elevation of Privilege Important
CVE-2019-1187 Denial of Service Important
CVE-2019-1188 Remote Code Execution Critical
CVE-2019-1190 Elevation of Privilege Important
CVE-2019-1198 Elevation of Privilege Important
CVE-2019-1206 Denial of Service Important
CVE-2019-1212 Denial of Service Important
CVE-2019-1213 Remote Code Execution Critical
CVE-2019-1222 Remote Code Execution Critical
CVE-2019-1223 Denial of Service Important
CVE-2019-1224 Information Disclosure Important
CVE-2019-1225 Information Disclosure Important
CVE-2019-1226 Remote Code Execution Critical
CVE-2019-1227 Information Disclosure Important
CVE-2019-1228 Information Disclosure Important
CVE-2019-9506 Tampering Important
CVE-2019-9511 Denial of Service Important
CVE-2019-9512 Denial of Service Important
CVE-2019-9513 Denial of Service Important
CVE-2019-9514 Denial of Service Important
CVE-2019-9518 Denial of Service Important
MITIGATION
Microsoft recommends updating the software with the version made
available on the Microsoft Update Catalogue for the following
Knowledge Base articles. [1]
KB4511553, KB4512476, KB4512517, KB4512489, KB4512488
KB4512486, KB4512497, KB4512491, KB4512482, KB4512516
KB4512508, KB4512507, KB4512506, KB4512518, KB4512501
REFERENCES
[1] Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXVNPU2aOgq3Tt24GAQiidQ//ddYwYMxBZ6M8nn7JMts7ejwKWwn0FRYp
vNWHddxtIxegN/pKgqn+M0F3IP4I+TcilqPqY0XIX02HCvoos02kD2ojuMDvsr4m
woQlA9hHtBO8Y9M5m+h9SpuIdp8u2q08r7qP6/ho02ZYP3V/ncohukLxnOjzGonh
TR7NE7iA5fsY3zX/1icbsYUpewVDOtXaysRDbNGj9uoUCqxkFWcf1+8BwEE+4WFA
pvqWu0PdCqwpueI87zdTY7qxLcnhpEisNLo6iQl2WSZh399+RCiTbAdbj8JtLodB
fKXUH+RdT7QHqfNZRgBSmNfaOmZ+EOtJ3g3PHG8Oz3F4dyTYWlyKe1XHy4e7Qkcs
2p0OOLe/eMGW+JgPIKpzgcGVLp0eFAPHa4p8/3MsjeDM/DtaWAwIXBaUyvzdfRH1
BaIxP+xjfeH54aFO09sKIKj92RyZ5mn1VQ9czvf7oqfRELaZWK1/Y3zOCK229dFx
xF2V9wC/HoRKJMs1R5opbbu9/Ia1M5t5i1OfB5thkb1w/2mUMHEWVOR3DLMFblrU
bzEmqCXwM5EJO49/ET5FSr1P4C5W8XEGKv798BiGzlEJ8ddE18qqEu3G2HZlPDD8
pD0ZhVgmgN2J81ilknDlezHjbmhzsj9TGrU+uExRlsp8V3HxsjP8DxgLpshSmCki
eTdq6KMT5go=
=7lDM
-----END PGP SIGNATURE-----