Today’s VERT Alert addresses Microsoft’s January 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-812 on Wednesday, January 9th.
出回っている & 公開されているCVE
CVE-2019-0579
The Windows Jet Database Engine improperly handles objects in memory and, if an attacker can convince a victim to open a malicious file, exploitation of this vulnerability could lead to code execution.
Microsoft has rated this as a 3 on the Exploitability Index (Exploitation Unlikely).
その他の情報
In addition to the Microsoft vulnerabilities included in the January Security Guidance, a pair of Adobe bulletins are available today.
JANUARY 2019 ADOBE FLASH UPDATE [ADV190001]
Microsoft released an update for Adobe Flash. This corresponds with Adobe Update APSB19-01. This is a non-security update and includes no new CVEs.
SECURITY BULLETIN FOR ADOBE ACROBAT AND READER [APSB19-02]
Adobe has released security updates for Adobe Acrobat and Reader. This includes fixes for 2 CVEs: CVE-2018-16011 and CVE-2018-16-18.
CVE Breakdown by Tag
TAG |
CVE COUNT |
CVES |
WINDOWS HYPER-V |
2 |
CVE-2019-0550, CVE-2019-0551 |
MICROSOFT EDGE |
2 |
CVE-2019-0565, CVE-2019-0566 |
WINDOWS SUBSYSTEM FOR LINUX |
11 |
CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584 |
ASP.NET |
2 |
CVE-2019-0548, CVE-2019-0564 |
MICROSOFT WINDOWS |
6 |
CVE-2019-0543, CVE-2019-0570, CVE-2019-0571, CVE-2019-0572, CVE-2019-0573, CVE-2019-0574 |
.NET FRAMEWORK |
1 |
CVE-2019-0545 |
WINDOWS COM |
1 |
CVE-2019-0552 |
VISUAL STUDIO |
2 |
CVE-2019-0537, CVE-2019-0546 |
WINDOWS KERNEL |
4 |
CVE-2019-0536, CVE-2019-0549, CVE-2019-0554, CVE-2019-0569 |
WINDOWS DHCP CLIENT |
1 |
CVE-2019-0547 |
MICROSOFT EXCHANGE SERVER |
2 |
CVE-2019-0586, CVE-2019-0588 |
INTERNET EXPLORER |
1 |
CVE-2019-0541 |
MICROSOFT XML |
1 |
CVE-2019-0555 |
ANDROID APP |
1 |
CVE-2019-0622 |
MICROSOFT OFFICE |
4 |
CVE-2019-0585, CVE-2019-0559, CVE-2019-0560, CVE-2019-0561 |
MICROSOFT SCRIPTING ENGINE |
3 |
CVE-2019-0539, CVE-2019-0567, CVE-2019-0568 |
MICROSOFT OFFICE SHAREPOINT |
4 |
CVE-2019-0556, CVE-2019-0557, CVE-2019-0558, CVE-2019-0562 |