On Tuesday, April 9th, Microsoft announced that 15 major software related updates were released to fix and/or repair over 70 security vulnerabilities found in the Windows Operating System.

These patches apply to the following categories:

  • Internet Explorer;
  • The Edge Web Browser;
  • The Office Suite of products;
  • SharePoint;
  • The Exchange Server system.

*Despite these patches, there are still two nefarious vulnerabilities that still exist out there (CVE-2019-0803 and CVE-2019-0859).  These can quickly escalate privilege and rights privileges, and impact of the various Windows OS versions that are still supported by Microsoft;

*Remote Code Execution still remains a grave vulnerability;

*At the same time, Adobe has also released its software series of patches as well, which address the security vulnerabilities found in the following software applications:

  • The Flash Player;
  • The AIR Software Package;
  • Adobe Acrobat;
  • Adobe Reader.

For those of you may not know this, the Flash Player updates are installed simultaneously along with the other Windows-based patches.  If you use Google Chrome, then these are installed automatically.  But more than likely, you will probably to reboot your computer in order for both the Microsoft and Adobe patches to take full effect.

It should be noted that the Adobe Shockwave Player has reached its end of life as of April 9, 2019.  This means that it will no longer be available for download for the Windows OS, but those organizations that have “Enterprise” level licenses will still continue to receive full technical support until the expiration date of their contract.

Because of this, it is highly recommended that you uninstall Shockwave, as there are 7 vulnerabilities that still exist in it, and more than likely, patches will not be offered to repair them. 

The next section examines those patches which are classified as “Critical” and “Important”.

 

The Patches That You Need to Pay Attention To

                Microsoft Rating                                 Reference Number                                      Description

 

 

 

 

Critical

 

 

 

 

CVE-2019-0753

This is a Remote Code Execution vulnerability that impacts the Microsoft Scripting Engine found in the IE Web Browser.  A Cyber attacker could very easily so that they can gain administrative access to execute malicious Source Code remotely. This is done by embedding a specially crafted Active X control.

 

 

 

 

Critical

 

 

 

CVE-2019-0790CVE-2019-0791CVE-2019-0792CVE-2019-0793 and CVE-2019-0795

These are also all Remote Code Execution vulnerabilities found in the Microsoft XML Core Services, which processes end user input.  Through the vulnerabilities that exist here, a Cyber attacker can easily exploit this system for malicious purposes.

 

 

 

 

Important

 

 

 

 

CVE-2019-0732

This vulnerability impacts the Windows Device Guard.  This exists because the Windows cannot effectively process the calls that are made to the LUAV Driver.  Thus, a Cyber attacker can very easily manipulate the User Mode Code Integrity policy.

 

 

Important

 

 

CVE-2019-0752

This is another Remote Code Execution Vulnerability and is nearly the same which CVE-2019-0753 addresses.

 

 

 

Important

 

 

 

CVE-2019-0790 and CVE-2019-0795

This is nearly the same as the second vulnerability noted in this matrix.  But the key difference is that a Cyber attacker can also create a phony webpage that contains malicious MSXML Source Code.

Important

CVE-2019-0801

This is Remote Code Execution that impacts the Microsoft Office Suite, especially that of Excel and PowerPoint. 

 

 

 

 

 

Important

 

 

 

 

 

CVE-2019-0803 and CVE-2019-0859

These are Escalation of Privilege Vulnerabilities when the Win32k component cannot process the objects that it currently has in memory.  If a Cyber attacker takes advantage of this, they could quite easily execute malicious Source Code in a Kernel Mode.  This can be accomplished by a specially created application.

Important

CVE-2019-0822

This is another Remote Code Execution Vulnerability, and it specifically impacts the Microsoft Graphics Component. It can have a substantial negative effect on how it processes objects that are held in its memory.

 

 

 

 

Important

 

 

 

 

CVE-2019-0841

This is a Privilege Escalation Vulnerability, and it especially impacts the Windows AppX Deployment Service (aka the “AppXSVC”).  This is the mechanism that has primary responsibility for the deployment of Windows Store based applications.

 

Conclusions

Remember that Microsoft likes to install its updates and patches in one fell swoop, so it could take some time for your computer to download and install these them.  It is expected that the next group of patches will be released on May 14th.  More specific information about the Microsoft Patches can be found at this link:

https://portal.msrc.microsoft.com/en-us/security-guidance