Overview
Microsoft released the January 2019 security patch on Tuesday that fixes 79 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Framework, Adobe Flash Player, Azure, Internet Explorer, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Servicing Stack Updates, Team Foundation Server, Visual Studio, Windows DHCP Server, Windows Hyper-V, Windows Kernel, and Windows SMB Server.
Details can be found in the following table.
| Product | CVE ID | CVE Title | Severity Level |
| .NET Framework | CVE-2019-0657 | .NET Framework and Visual Studio Spoofing Vulnerability | Important |
| .NET Framework | CVE-2019-0613 | .NET Framework and Visual Studio Remote Code Execution Vulnerability | Important |
| Adobe Flash Player | ADV190003 | February 2019 Adobe Flash Security Update | Critical |
| Azure | CVE-2019-0729 | Azure IoT Java SDK Privilege Escalation Vulnerability | Important |
| Azure | CVE-2019-0741 | Azure IoT Java SDK Information Disclosure Vulnerbaility | Important |
| Internet Explorer | CVE-2019-0606 | Internet Explorer Memory Corruption Vulnerability | Critical |
| Internet Explorer | CVE-2019-0676 | Internet Explorer Information Disclosure Vulnerability | Important |
| Microsoft Browsers | CVE-2019-0654 | Microsoft Browser Spoofing Vulnerability | Important |
| Microsoft Edge | CVE-2019-0641 | Microsoft Edge Security Feature Bypass Vulnerability | Moderate |
| Microsoft Edge | CVE-2019-0643 | Microsoft Edge Information Disclosure Vulnerability | Moderate |
| Microsoft Edge | CVE-2019-0645 | Microsoft Edge Memory Corruption Vulnerability | Critical |
| Microsoft Edge | CVE-2019-0650 | Microsoft Edge Memory Corruption Vulnerability | Critical |
| Microsoft Edge | CVE-2019-0634 | Microsoft Edge Memory Corruption Vulnerability | Moderate |
| Microsoft Exchange Server | ADV190004 | February 2019 Oracle Outside In Library Security Update | Unknown |
| Microsoft Exchange Server | CVE-2019-0686 | Microsoft Exchange Server Privilege Escalation Vulnerability | Important |
| Microsoft Exchange Server | CVE-2019-0724 | Microsoft Exchange Server Privilege Escalation Vulnerability | Important |
| Microsoft Exchange Server | ADV190007 | Guidance for “PrivExchange” Privilege Escalation Vulnerability | Unknown |
| Microsoft Graphics Component | CVE-2019-0660 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0662 | GDI+ Remote Code Execution Vulnerability | Critical |
| Microsoft Graphics Component | CVE-2019-0664 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0602 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0615 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0616 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0618 | GDI+ Remote Code Execution Vulnerability | Critical |
| Microsoft Graphics Component | CVE-2019-0619 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0625 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0595 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0596 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0597 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0598 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0599 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0540 | Microsoft Office Security Feature Bypass Vulnerability | Important |
| Microsoft Office | CVE-2019-0671 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0672 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0673 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0674 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0675 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0669 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-0668 | Microsoft SharePoint Privilege Escalation Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-0670 | Microsoft SharePoint Spoofing Vulnerability | Moderate |
| Microsoft Office SharePoint | CVE-2019-0594 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2019-0604 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0607 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0610 | Chakra Scripting Engine Memory Corruption Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2019-0640 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0642 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0644 | Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-0648 | Scripting Engine Information Disclosure Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2019-0649 | Scripting Engine Elevation of Privileged Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2019-0651 | Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0652 | Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0655 | Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-0658 | Scripting Engine Information Disclosure Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2019-0590 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0591 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0593 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0605 | Chakra Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Windows | CVE-2019-0659 | Windows Storage Service Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-0600 | HID Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0601 | HID Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0627 | Windows Security Feature Bypass Vulnerability | Important |
| Microsoft Windows | CVE-2019-0631 | Windows Security Feature Bypass Vulnerability | Important |
| Microsoft Windows | CVE-2019-0632 | Windows Security Feature Bypass Vulnerability | Important |
| Microsoft Windows | CVE-2019-0636 | Windows Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0637 | Windows Defender Firewall Security Feature Bypass Vulnerability | Important |
| Microsoft Windows | ADV190006 | Guidance to mitigate unconstrained delegation vulnerabilities | Unknown |
| Servicing Stack Updates | ADV990001 | Latest Servicing Stack Updates | Critical |
| Team Foundation Server | CVE-2019-0743 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Team Foundation Server | CVE-2019-0742 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Visual Studio | CVE-2019-0728 | Visual Studio Code Remote Code Execution Vulnerability | Important |
| Windows DHCP Server | CVE-2019-0626 | Windows DHCP Server Remote Code Execution Vulnerability | Critical |
| Windows Hyper-V | CVE-2019-0635 | Windows Hyper-V Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2019-0623 | Win32k Privilege Escalation Vulnerability | Important |
| Windows Kernel | CVE-2019-0628 | Win32k Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2019-0656 | Windows Kernel Privilege Escalation Vulnerability | Important |
| Windows Kernel | CVE-2019-0661 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2019-0621 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows SMB Server | CVE-2019-0630 | Windows SMB Remote Code Execution Vulnerability | Important |
| Windows SMB Server | CVE-2019-0633 | Windows SMB Remote Code Execution Vulnerability | Important |
Recommended Mitigation Measures
Microsoft has released the January 2019 security patch to fix these issues. Please install the patch as soon as possible.
Affected Software
The following tables list the affected software details for the vulnerability.
| CVE-2019-0743 | ||||||
| Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
| Team Foundation Server 2018 Update 3.2 | Release Notes Security Update | Important | Spoofing | Base: N/A Temporal: N/A Vector: N/A |
Maybe | |
Statement
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.
About NSFOCUS
NSFOCUS IB is a wholly owned subsidiary of NSFOCUS, an enterprise application and network security provider, with operations in the Americas, Europe, the Middle East, Southeast Asia and Japan. NSFOCUS IB has a proven track record of combatting the increasingly complex cyber threat landscape through the construction and implementation of multi-layered defense systems. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide unified, multi-layer protection from advanced cyber threats.
Download:Microsoft Security Bulletin for February 2019 Patches That Fix 79 Security Vulnerabilities
