Microsoft issued Patch Tuesday updates for July 2019 that address as many as 77 flaws, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity.
Patch Tuesday updates for July 2019 rectified security delivered in several products of the tech colossus, including Windows operating systems, Internet Explorer, Edge, Office, Azure DevOps, Open Source Software, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Exchange Server.
All the 14 serious susceptibilities Microsoft addressed are remote code execution issues hitting numerous products, including Internet Explorer and Edge to Windows Server DHCP, Azure DevOps and Team Foundation Servers.
Technical details for six significant security faults were openly revealed before a patch was issued, but luckily, there is no news of the misuse of the faults in the wild.
Microsoft also addressed two privilege escalation faults vigorously exploited in the wild.
Tracked as CVE-2019-1132, the first one hits the Win32k component and could be misused to run random code in kernel mode.
“An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.” reads the security advisory.
“To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.”
Tracked as CVE-2019.0880, the second one affects Windows 7 and Server 2008. The problem resides in the way splwow64 (Thunking Spooler APIs) deals with certain calls.
“A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.” reads the advisory.
“This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.”
Important-rated security faults comprise remote code implementation susceptibilities, privilege escalation issues, information revelation, cross-site scripting (XSS), security feature bypass, spoofing, and renunciation of service flaws.
Do remember to check that your system has fixed the latest security covers Microsoft released.