June’s Patch Tuesday Fixes 88 Security Flaws, Including SandboxEscaper’s Zero Days, HoloLens

Microsoft’s June Patch Tuesday announced the release of 88 vulnerability patches in this month’s security bulletin, as well as four advisories and one servicing stack update. Of the total number of updates, 21 patches were rated critical, 66 as important, and one as moderate. Four of the critical patches included in this release are fixes for the zero-days that SandboxEscaper previously disclosed, namely CVE-2019-1069, CVE-2019-1053, CVE-2019-1064, and CVE-2019-0973. The advisories include driver and software fixes for third party hardware and software flaws, including Adobe Flash Player, Azure, ChakraCore, Edge, Exchange Server, HoloLens’ Broadcomm wireless chipset, Internet Explorer, Skype for Business, Lync, Office, Office Services and Web Apps. None of the vulnerabilities have been seen exploited in the wild.

CVE-2019-1069 is a security flaw involving Windows Task Scheduler in Windows 10 and Server 2016 and above. Successfully exploiting this vulnerability provides an attacker with escalated privileges in the victim’s machine via local privilege escalation (LPE).

CVE-2019-2053 refers to a Windows Shell vulnerability that, when exploited, causes it to fail when validating folder shortcuts, enabling an attacker to elevate privileges and escape sandbox detection.

CVE-2019-1064 involves a flaw in the way Windows AppX Deployment Service (AppXSVC) handles hard links. An attacker running a customized application could exploit it to install, view, delete, or change programs and data.

CVE-2019-0973 is a security concern in Windows Installer that fails to sanitize input when exploited. An attacker can use it to elevate system privileges via the library in order to install programs; create a new account with full user rights; or view, change, or delete data in the victim’s machine.

The security advisories include firmware updates for remote code execution (RCE) flaws in Microsoft’s HoloLens device, specifically security flaws in the Broadcomm wireless chipset. Abusing CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503 could allow an attacker to execute commands in the system such as a denial of service (DoS) attack.

Another advisory also announced that applying this month’s patches for Feitian and Google Titan Bluetooth-based security keys causes the Bluetooth Low Energy (BLE) version of FIDO Security Keys to stop working due to a misconfiguration in pairing protocols. Abusing the bug can allow an attacker to interact with the key, enabling communication with the security key or the device where the key is paired. Users of the affected devices are advised to request for a free replacement.

The Trend Micro™ Deep Security™ and Vulnerability Protection solutions protect systems and users from threats targeting the vulnerabilities included in this month’s Patch Tuesday release via the following Deep Packet Inspection (DPI) rules:

Rule Description Vulnerability
1009764 Microsoft Office Security Feature Bypass Vulnerability CVE-2019-0540
1009769 Microsoft Windows Codecs Library Information Disclosure Vulnerability CVE-2018-8506
1009778 Microsoft Windows Speech API Remote Code Execution Vulnerability CVE-2019-0985
1009779 Microsoft Windows Multiple Security Vulnerabilities (June-2019) CVE-2019-0943, CVE-2019-0984, CVE-2019-0986, CVE-2019-1017, CVE-2019-1041, CVE-2019-1053, CVE-2019-1064, CVE-2019-1069
1009780 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability CVE-2019-0988
1009781 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability CVE-2019-0920
1009782 Microsoft Edge Scripting Engine Information Disclosure Vulnerability CVE-2019-0990
1009783 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-0992
1009784 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-0993
1009785 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-0989
1009786 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-0991
1009787 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1024
1009788 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1051
1009789 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1002
1009790 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1003
1009791 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability CVE-2019-1005
1009792 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1052
1009793 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability CVE-2019-1055
1009794 Microsoft Edge Scripting Engine Information Disclosure Vulnerability CVE-2019-1023
1009796 Adobe Flash Player Out-Of-Bounds Read Vulnerability CVE-2019-7845

 

Trend Micro™ TippingPoint® customers are protected from threats and attacks that may exploit this month’s list of vulnerabilities via these MainlineDV filters:

  • 34748: HTTP: Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Vulnerability
  • 34763: HTTP: Microsoft Windows gdiplus Font Parsing Information Disclosure Vulnerability
  • 34764: HTTP: Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Vulnerability
  • 34766: HTTP: Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Vulnerability
  • 34792: HTTP: Microsoft Windows DirectWrite Information Disclosure Vulnerability
  • 34795: HTTP: Microsoft Windows gdiplus Font Parsing Information Disclosure Vulnerability
  • 34956: HTTP: Microsoft Windows gdiplus Font Parsing Information Disclosure Vulnerability
  • 34981: HTTP: Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Vulnerability
  • 35439: HTTP: Microsoft Internet Explorer VBScript Engine Type Confusion Vulnerability
  • 35441: HTTP: Microsoft Speech API (SAPI) Remote Code Execution Vulnerability
  • 35443: HTTP: Microsoft Internet Explorer RegExp Use-After-Free Vulnerability
  • 35444: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 35445: HTTP: Microsoft Edge Out-of-Bounds Write Vulnerability
  • 35446: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 35447: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 35448: HTTP: Microsoft Edge Chakra Out-of-Bounds Write Vulnerability
  • 35449: HTTP: Microsoft Edge Proxy Type Confusion Vulnerability
  • 35450: HTTP: Microsoft Internet Explorer CreateObject Use-After-Free Vulnerability
  • 35452: HTTP: Microsoft Edge Out-Of-Bound Write Vulnerability
  • 35453: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 35454: HTTP: Microsoft Windows Win32k Privilege Escalation Vulnerability
  • 35456: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 35457: HTTP: Microsoft Edge Use-After-Free Vulnerability
  • 35478: HTTP: Microsoft Windows Privilege Escalation Vulnerability
  • 35479: HTTP: Microsoft Windows ALPC Privilege Escalation Vulnerability
  • 35480: HTTP: Microsoft Internet Explorer Privilege Escalation Vulnerability
  • 35481: HTTP: Microsoft Windows User Profile Privilege Escalation Vulnerability
  • 35487: HTTP: Microsoft Edge VBScript Engine Use-After-Free Vulnerability
  • 35488: HTTP: Microsoft CLFS Use-After-Free Vulnerability
  • 35491: HTTP: Microsoft Windows CLFS Privilege Escalation Vulnerability
  • 35493: HTTP: Microsoft Windows DACL Privilege Escalation Vulnerability
  • 35495: HTTP: Microsoft Windows Privilege Escalation Vulnerability
  • 35518: HTTP: Microsoft Edge JIT Type Confusion Vulnerability

 

The post June’s Patch Tuesday Fixes 88 Security Flaws, Including SandboxEscaper’s Zero Days, HoloLens appeared first on .

Read more: June’s Patch Tuesday Fixes 88 Security Flaws, Including SandboxEscaper’s Zero Days, HoloLens

Story added 12. June 2019, content source with full text you can find at link above.