90 vulnerabilities of the class Remote Code Execution in May "Tuesday of updates"

"World. Work. May ”is not only about pleasant work in the country, but also about installing updates, especially since this month the office software makers did their best and closed a total of 162 vulnerabilities, of which 90 allow you to execute arbitrary code in the system.

Immediately 2 vulnerabilities that can be exploited remotely, fixed in Windows. We notified about the most dangerous last night – the CVE-2019-070 vulnerability in the remote desktop service allows the exploit owner to execute code with SYSTEM rights. We recommend updating all terminal servers accessible from the outside as soon as possible. Also, do not forget to update the DHCP server from the CVE-2019-0725 vulnerability, since it can also be exploited remotely.

Two more vulnerabilities are noteworthy: CVE-2019-0863 and CVE-2019-0903. The first allows you to increase the privileges in the system, and the exploit is already walking on the network. The second is located in the graphical component of Windows GDI and can be exploited through different vectors – both through the browser and with the help of a file sent, for example, by mail.

May brought us four more hardware vulnerabilities of speculative execution in Intel processors, one of which already has its own website with the beautiful name Zombieload. Recommendations for countering this type of vulnerabilities are standard: update and disable Hyper-Threading in the processor. At the same time, you can check the speculative execution settings using this Powershell script.

In addition, Microsoft and Adobe have eliminated 87 additional vulnerabilities allowing to execute arbitrary code in the system:

19 RCE in the EDGE browser
  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0923

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0926

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0918

5 RCE in Internet Explorer
  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0929

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0918

13 RCEs in the Jet Database Engine
  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0889

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0890

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0891

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0893

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0894

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0895

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0896

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0897

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0898

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0899

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0900

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0901

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0902

2 RCE in MS Word
  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0953

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0885

48 RCE in Adobe Reader
  • helpx.adobe.com/security/products/acrobat/apsb19-18.html

1 RCE in Adobe FlashPlayer
  • helpx.adobe.com/security/products/flash-player/apsb19-26.html

In the end, we want to remind you of two rather serious vulnerabilities in Cisco 1001-X routers called Thrangrycat. They allow you not only to increase the privileges in the router, but also very cleverly to consolidate there, in fact, by installing a bootkit in the router firmware, which will bypass the verification of the Trust Anchor module responsible for the trusted download mechanism.

Similar Posts

Leave a Reply Cancel reply