Microsoft’s June 2019 Patch is out with a Security Patch Bundle for vulnerabilities

Windows June update

Microsoft on the June 11, 2019, Patch Day, released security updates for all supported versions of the Microsoft Windows operating system. Microsoft, this month, the OS maker has patched 88 vulnerabilities, among which 21 received a rating of “Critical,” the company’s highest severity ranking. Microsoft patched four Windows operating system bugs – all of which are already publicly known or have proof of concept exploits.

Microsoft’s four Important vulnerabilities that were publicly disclosed all affect Windows systems are as follows:

  • CVE-2019-0973, an elevation-of-privilege (EOP) flaw in the Windows Installer for all supported Windows systems.
  • CVE-2019-1053, an EOP vulnerability in the Windows Shell for all supported Windows systems.
  • CVE-2019-1064, an EOP issue associated with the AppX Deployment Service that affects Windows 10, Windows Server 2016 and Windows Server 2019.
  • CVE-2019-1069, a Task Scheduler EOP vulnerability in Windows 10, Windows Server 2016 and Windows Server 2019. Trend Micro’s Zero Day Initiative published a technical analysis on this particular vulnerability, which leverages the high privileges of Task Scheduler.

Below is the full list of vulnerabilities resolved, advisories, and SSUs in the June 2019 Patch Tuesday updates.

Tag CVE ID CVE Title Severity
Adobe Flash Player ADV190015 June 2019 Adobe Flash Security Update Critical
Kerberos CVE-2019-0972 Local Security Authority Subsystem Service Denial of Service Vulnerability Important
Microsoft Browsers CVE-2019-1081 Microsoft Browser Information Disclosure Vulnerability Important
Microsoft Browsers CVE-2019-1038 Microsoft Browser Memory Corruption Vulnerability Critical
Microsoft Devices ADV190017 Microsoft HoloLens Remote Code Execution Vulnerabilities Important
Microsoft Devices ADV190016 Bluetooth Low Energy Advisory Important
Microsoft Edge CVE-2019-1054 Microsoft Edge Security Feature Bypass Vulnerability Important
Microsoft Exchange Server ADV190018 Microsoft Exchange Server Defense in Depth Update Unknown
Microsoft Graphics Component CVE-2019-1018 DirectX Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2019-1047 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1046 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1013 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1015 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1016 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1048 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-0977 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-0960 Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2019-0968 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1049 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1050 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-0985 Microsoft Speech API Remote Code Execution Vulnerability Critical
Microsoft Graphics Component CVE-2019-1010 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1009 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1011 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-1012 Windows GDI Information Disclosure Vulnerability Important
Microsoft JET Database Engine CVE-2019-0905 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0974 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0904 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0906 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0908 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0909 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0907 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-1035 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-1034 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2019-1032 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Office SharePoint CVE-2019-1036 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Office SharePoint CVE-2019-1031 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Office SharePoint CVE-2019-1033 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Scripting Engine CVE-2019-1002 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0991 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-1080 Scripting Engine Memory Corruption Vulnerability Moderate
Microsoft Scripting Engine CVE-2019-1023 Scripting Engine Information Disclosure Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0993 Chakra Scripting Engine Memory Corruption Vulnerability Moderate
Microsoft Scripting Engine CVE-2019-0992 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-1024 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0990 Scripting Engine Information Disclosure Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0988 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0989 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-1055 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-1052 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-1051 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0920 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-1003 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Windows CVE-2019-1069 Task Scheduler Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2019-1064 Windows Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2019-0888 ActiveX Data Objects (ADO) Remote Code Execution Vulnerability Critical
Microsoft Windows CVE-2019-1025 Windows Denial of Service Vulnerability Important
Microsoft Windows CVE-2019-1045 Windows Network File System Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2019-1043 Comctl32 Remote Code Execution Vulnerability Important
Microsoft Windows CVE-2019-0710 Windows Hyper-V Denial of Service Vulnerability Important
Microsoft Windows CVE-2019-0709 Windows Hyper-V Remote Code Execution Vulnerability Critical
Microsoft Windows CVE-2019-0722 Windows Hyper-V Remote Code Execution Vulnerability Critical
Microsoft Windows CVE-2019-0943 Windows ALPC Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2019-0713 Windows Hyper-V Denial of Service Vulnerability Important
Microsoft Windows CVE-2019-0983 Windows Storage Service Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2019-0984 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2019-0711 Windows Hyper-V Denial of Service Vulnerability Important
Microsoft Windows CVE-2019-0948 Windows Event Viewer Information Disclosure Vulnerability Moderate
Microsoft Windows CVE-2019-0959 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2019-0998 Windows Storage Service Elevation of Privilege Vulnerability Important
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates Critical
Skype for Business and Microsoft Lync CVE-2019-1029 Skype for Business and Lync Server Denial of Service Vulnerability Important
Team Foundation Server CVE-2019-0996 Azure DevOps Server Spoofing Vulnerability Important
VBScript CVE-2019-1005 Scripting Engine Memory Corruption Vulnerability Low
Windows Authentication Methods CVE-2019-1040 Windows NTLM Tampering Vulnerability Important
Windows Hyper-V CVE-2019-0620 Windows Hyper-V Remote Code Execution Vulnerability Critical
Windows IIS CVE-2019-0941 Microsoft IIS Server Denial of Service Vulnerability Important
Windows Installer CVE-2019-0973 Windows Installer Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2019-1044 Windows Secure Kernel Mode Security Feature Bypass Vulnerability Important
Windows Kernel CVE-2019-1014 Win32k Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2019-1017 Win32k Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2019-1065 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2019-1041 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2019-1039 Windows Kernel Information Disclosure Vulnerability Important
Windows Media CVE-2019-1026 Windows Audio Service Elevation of Privilege Vulnerability Important
Windows Media CVE-2019-1007 Windows Audio Service Elevation of Privilege Vulnerability Important
Windows Media CVE-2019-1027 Windows Audio Service Elevation of Privilege Vulnerability Important
Windows Media CVE-2019-1022 Windows Audio Service Elevation of Privilege Vulnerability Important
Windows Media CVE-2019-1021 Windows Audio Service Elevation of Privilege Vulnerability Important
Windows Media CVE-2019-1028 Windows Audio Service Elevation of Privilege Vulnerability Important
Windows NTLM CVE-2019-1019 Microsoft Windows Security Feature Bypass Vulnerability Important
Windows Shell CVE-2019-0986 Windows User Profile Service Elevation of Privilege Vulnerability Important
Windows Shell CVE-2019-1053 Windows Shell Elevation of Privilege Vulnerability Important

 

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here