• Support Channels
    • Facebook Group
    • Youtube Channel
    • Github
    • Telegram
  • Events
  • Privacy
           
ITFORVN
  • Trang chủ
  • Training
  • Infrastructure
    • Hardware
    • Network
      • Cisco
      • HP
      • Low End
    • Clouds
      • Amazon
      • Google
      • Cloud App
      • VMWare
    • Virtualization
      • Hyper-V
      • Citrix
      • Azure
    • On-Premise
      • Linux
      • MAC
      • VoIP
      • Windows
  • Security
    • Application Security
    • APT
    • Client Security
      • Android
      • iOS
      • Linux OS
      • MAC
      • Windows OS
    • Database Security
    • End Point
    • Forensic
    • IDS/IPS
    • Proxy
    • SOC
    • Web Firewall
  • ITFORVN Docs
    • Series 802.1x
    • Series Backup Solution
    • Series MCSA
    • Series CCNA
    • Series MCAfee DLP
    • Series VMWare
  • IT Books & Tool
    • Free Tools
    • Paid Tools
  • About Us
  • Trang chủ
  • Training
  • Infrastructure
    • Hardware
    • Network
      • Cisco
      • HP
      • Low End
    • Clouds
      • Amazon
      • Google
      • Cloud App
      • VMWare
    • Virtualization
      • Hyper-V
      • Citrix
      • Azure
    • On-Premise
      • Linux
      • MAC
      • VoIP
      • Windows
  • Security
    • Application Security
    • APT
    • Client Security
      • Android
      • iOS
      • Linux OS
      • MAC
      • Windows OS
    • Database Security
    • End Point
    • Forensic
    • IDS/IPS
    • Proxy
    • SOC
    • Web Firewall
  • ITFORVN Docs
    • Series 802.1x
    • Series Backup Solution
    • Series MCSA
    • Series CCNA
    • Series MCAfee DLP
    • Series VMWare
  • IT Books & Tool
    • Free Tools
    • Paid Tools
  • About Us
           
ITFORVN
Trang chủ Security

Microsoft’s April Patch Tuesday comes with fixes for two Windows zero-days

Nguyễn Lê Quân bởi Nguyễn Lê Quân
15/09/2019
trong Security
0

Microsoft’s April Patch Tuesday comes with fixes for two Windows zero-days

Tháng 4 2019 Patch Tuesday mang đến 74 bản vá Security, bao gồm các bản vá for 2 windows zero days

Hôm nay, MS đã công bố đợt cập nhật hằng tháng về security updates điển hình Patch Tuesday. Bản công bố về security cho tháng này là 74 lỗ hỏng trong 1 loạt các sản phẩm của MS, nó cũng bao gồm 2 actively exploited zero-days.

Đây là tháng thứ 2 mà MS cung cấp bản vá cho two zero-days, sau khi họ vá 2 bản tương tự vào tháng rồi.

The Windows zero-days

Cả 2 The two zero-days được vá vào tháng này cùng là một loại lỗ hỏng. Cả hai  đều  là elevation of privilege ảnh hưởng trên win32k, ảnh hưởng đến core của hệ điều hành Windows.

Đó là CVE-2019-0803 và CVE-2019-0859. Mặc dù được phát hiện bởi 2 security team. Alibaba Cloud Intelligence Security Team, và Kaspersky Lab, MS mô tả the two-zero days tương tự nhau.

An elevation of privilege vulnerability tồn tại trong hđh Windows khi Win32k không xử lý đúng các objects trong bộ nhớ. Attacker nếu exploit lỗ hỏng này thành công, họ có thể tùy ý chạy code trong kernel mode bao gồm: cài đặt phần mềm, view, change, delete data, thậm chí có thể tạo một account full quyền trong hệ thống của chúng ta.

Để exploit lỗ hỏng này, Đầu tiên attacker phải log on vào hệ thống. Sau đó attacker chạy một ứng dụng “đặt biệt” để có thể exploit lỗ hỏng và tiến hành control hệ thống.

Bản cập nhật vá lỗ hổng này bằng cách sửa cách mà win32k chạy các objects trong bộ nhớ.

Tuy nhiên, nếu chúng ta tính đến việc Kaspersky đã báo cáo về MS six Window Win32k elevation of privilege zero-days vào 6 tháng trước, chúng ta hoàn toàn có thể giả định rằng CVE-2019-0859 là một dạng zero-day exploited khác thực thi bởi một nhóm tin tặc giống như tất cả lỗ hỏng zero-days mà Kasperskype đã báo cáo trong quá khứ.

Other notable security flaws

Bên cạnh the window zero-days, cũng có nhiều lỗ hỏng đáng chú ý về security bugs trong các sản phẩm của MS. Người dùng nên ghi nhận và chuẩn bị apply bản vá cho tháng này.

Vd: có 3 MS office access connectivity bugs(CVE-2019-0824, CVE-2019-0825, CVE-2019-0827) cho phép tin tặc thực thi code trong 1 một hệ thống bị tấn công. Tất cả bugs có thể bị exploited từ xa, làm cho cả ba vấn đề trở nên nguy hiểm trong môi trường mạng doanh nghiệp.

Exploit từ xa (CVE-2019-0853) cũng ảnh hưởng Windows GDI + component khi phân tích tệp EMF. Việc exploit lỗ hỏng này có thể được thực hiện bằng cách “dụ” người dùng truy cập website hoặc email chứa malicious file. Vấn đề này cũng khá nghiêm trọng, người dùng nên cân nhắc khi quyết định update bản vá trong tháng này.

Adobe and SAP also release updates.

MS Patch Tuesday cũng là ngày mà các vendor khác công bố các bản vá security. Đáng kể đến là Adobe và SAP cũng đã published các bản cập nhật trong hôm nay.

Đáng chú ý hơn trong Patch Tuesday updates hiện có trên MS’s official security Update Guide portal. Bạn cũng có thể tham khảo bảng bên dưới, hoặc tham khảo trên Patch Tuesday report của ZDNet.

 

Tag CVE ID CVE Title
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates
Adobe Flash Player ADV190011 April 2019 Adobe Flash Security Update
.NET Core CVE-2019-0815 ASP.NET Core Denial of Service Vulnerability
CSRSS CVE-2019-0735 Windows CSRSS Elevation of Privilege Vulnerability
Microsoft Browsers CVE-2019-0764 Microsoft Browsers Tampering Vulnerability
Microsoft Edge CVE-2019-0833 Microsoft Edge Information Disclosure Vulnerability
Microsoft Exchange Server CVE-2019-0817 Microsoft Exchange Spoofing Vulnerability
Microsoft Exchange Server CVE-2019-0858 Microsoft Exchange Spoofing Vulnerability
Microsoft Graphics Component CVE-2019-0803 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2019-0802 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-0849 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-0853 GDI+ Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2019-0851 Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2019-0879 Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2019-0877 Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2019-0847 Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2019-0846 Jet Database Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2019-0826 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2019-0801 Office Remote Code Execution Vulnerability
Microsoft Office CVE-2019-0823 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2019-0828 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2019-0822 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Office CVE-2019-0827 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2019-0824 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2019-0825 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2019-0831 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2019-0830 Microsoft Office SharePoint XSS Vulnerability
Microsoft Scripting Engine CVE-2019-0752 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0861 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0862 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0860 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0835 Microsoft Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2019-0753 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0806 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0739 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0810 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0812 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-0829 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2019-0840 Windows Kernel Information Disclosure Vulnerability
Microsoft Windows CVE-2019-0838 Windows Information Disclosure Vulnerability
Microsoft Windows CVE-2019-0796 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0839 Windows Information Disclosure Vulnerability
Microsoft Windows CVE-2019-0836 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0837 DirectX Information Disclosure Vulnerability
Microsoft Windows CVE-2019-0794 OLE Automation Remote Code Execution Vulnerability
Microsoft Windows CVE-2019-0814 Win32k Information Disclosure Vulnerability
Microsoft Windows CVE-2019-0805 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0848 Win32k Information Disclosure Vulnerability
Microsoft Windows CVE-2019-0730 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0688 Windows TCP/IP Information Disclosure Vulnerability
Microsoft Windows CVE-2019-0845 Windows IOleCvt Interface Remote Code Execution Vulnerability
Microsoft Windows CVE-2019-0685 Win32k Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0842 Windows VBScript Engine Remote Code Execution Vulnerability
Microsoft Windows CVE-2019-0841 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0731 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0732 Windows Security Feature Bypass Vulnerability
Microsoft XML CVE-2019-0793 MS XML Remote Code Execution Vulnerability
Microsoft XML CVE-2019-0791 MS XML Remote Code Execution Vulnerability
Microsoft XML CVE-2019-0790 MS XML Remote Code Execution Vulnerability
Microsoft XML CVE-2019-0792 MS XML Remote Code Execution Vulnerability
Microsoft XML CVE-2019-0795 MS XML Remote Code Execution Vulnerability
Open Source Software CVE-2019-0876 Open Enclave SDK Information Disclosure Vulnerability
Team Foundation Server CVE-2019-0870 Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation Server CVE-2019-0869 Team Foundation Server HTML Injection Vulnerability
Team Foundation Server CVE-2019-0868 Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation Server CVE-2019-0874 Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation Server CVE-2019-0871 Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation Server CVE-2019-0875 Azure DevOps Server Elevation of Privilege Vulnerability
Team Foundation Server CVE-2019-0867 Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation Server CVE-2019-0857 Team Foundation Server Spoofing Vulnerability
Team Foundation Server CVE-2019-0866 Team Foundation Server Cross-site Scripting Vulnerability
Windows Admin Center CVE-2019-0813 Windows Admin Center Elevation of Privilege Vulnerability
Windows Kernel CVE-2019-0856 Windows Remote Code Execution Vulnerability
Windows Kernel CVE-2019-0859 Win32k Elevation of Privilege Vulnerability
Windows Kernel CVE-2019-0844 Windows Kernel Information Disclosure Vulnerability
Windows SMB Server CVE-2019-0786 SMB Server Elevation of Privilege Vulnerability

 

 

Bài trước

VERT Threat Alert: April 2019 Patch Tuesday Analysis

Bài kế tiếp

Tự học Citrix VDI – XenApp, XenDesktop – bài 2: Hướng dẫn cài XenDesktop

Nguyễn Lê Quân

Nguyễn Lê Quân

Bài viết liên quan

ITFORVN.COM BG99.2-350x250 Microsoft's April Patch Tuesday comes with fixes for two Windows zero-days
Khác

RANSOMWARE VÀ NHỮNG NGUY HẠI ĐỐI VỚI ESXi SERVER

09/12/2020
ITFORVN.COM wp1-350x250 Microsoft's April Patch Tuesday comes with fixes for two Windows zero-days
Free Tools

Hướng dẫn cài đặt WordPress trên Ubuntu để tạo Website

11/12/2020
ITFORVN.COM Untitled3 Microsoft's April Patch Tuesday comes with fixes for two Windows zero-days
Security

CEH_Giới thiệu về Ethical Hacking

27/11/2020
Bài kế tiếp
ITFORVN.COM xendesktop-install-75x75 Microsoft's April Patch Tuesday comes with fixes for two Windows zero-days

Tự học Citrix VDI – XenApp, XenDesktop – bài 2: Hướng dẫn cài XenDesktop

0 0 vote
Article Rating
Bạn có thể đăng nhập để phải hồi dễ dàng hơn
Subscribe
Connect with
Login
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Notify of
guest
Connect with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
guest
17 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
trackback
hydroxychloroquine tablet prescription
7 months ago

hydroxychloroquine tablet prescription

Microsoft's April Patch Tuesday comes with fixes for two Windows zero-days – ITFORVN.COM

0
Reply
trackback
generic cialis no doctor's prescription
7 months ago

generic cialis no doctor’s prescription

Microsoft's April Patch Tuesday comes with fixes for two Windows zero-days – ITFORVN.COM

0
Reply
best Royal CBD oil
best Royal CBD oil
9 months ago

Neat blog! Is your theme custom made or did you download it from somewhere?
A design like yours with a few simple adjustements would really make my blog
stand out. Please let me know where you got your design.
Thanks

0
Reply
carte prepagate
carte prepagate
9 months ago

Wow, that’s what I was looking for, what a stuff!

present here at this website, thanks admin of this web site.

0
Reply
Janhek
Janhek
9 months ago

Coconut [url=http://cialibuy.com/#]Cialis[/url] Propecia Epilobio De Satisfaccion Cialis Zithromax Twice Daily

0
Reply
cialis professional 40mg
cialis professional 40mg
9 months ago

cialis professional 40mg http://genericalis.com/

0
Reply
best CBD oil for pain
best CBD oil for pain
9 months ago

Very good information. Lucky me I recently found your blog by
chance (stumbleupon). I have saved as a favorite for later!

0
Reply
best CBD oil for pain
best CBD oil for pain
9 months ago

hi!,I love your writing so a lot! proportion we communicate more
about your article on AOL? I require a specialist in this space to
unravel my problem. Maybe that is you! Having a look ahead
to peer you.

0
Reply
https://royalcbd.com/blog/
https://royalcbd.com/blog/
9 months ago

It’s difficult to find well-informed people in this particular topic, but
you sound like you know what you’re talking about! Thanks

0
Reply
https://royalcbd.com/shop/
https://royalcbd.com/shop/
9 months ago

Terrific work! That is the kind of information that should be shared
around the internet. Disgrace on Google for not positioning this post higher!
Come on over and visit my web site . Thank you =)

0
Reply
Stepnarve
Stepnarve
9 months ago

Cialis Bio [url=https://apcialisle.com/#]best cialis online[/url] Secure On Line Pharmacy Cialis Generic Viagra Deals

0
Reply
https://royalcbd.com/product/cbd-gummies-25mg/
https://royalcbd.com/product/cbd-gummies-25mg/
9 months ago

First off I want to say terrific blog! I had a quick question which I’d like to ask
if you do not mind. I was interested to know how you center yourself
and clear your thoughts before writing. I have had a tough time
clearing my thoughts in getting my ideas out there. I truly do enjoy writing however it
just seems like the first 10 to 15 minutes are lost simply just trying to figure out how to begin. Any suggestions or hints?
Kudos!

0
Reply
cheapest web hosting in uk
cheapest web hosting in uk
9 months ago

This design is spectacular! You obviously know how
to keep a reader entertained. Between your wit and your videos,
I was almost moved to start my own blog (well, almost…HaHa!) Fantastic job.

I really enjoyed what you had to say, and more than that, how you presented
it. Too cool!

0
Reply
Janhek
Janhek
10 months ago

Viagra Tipi [url=https://apcialisle.com/#]Cialis[/url] Propecia Recuperarelpelo Cialis Doxycycline On Line

0
Reply
Stepnarve
Stepnarve
10 months ago

Rx One Pharmacy [url=https://apcialisle.com/#]Buy Cialis[/url] Propecia Cutaneo Cialis Amoxicillin And Parrot

0
Reply
Stepnarve
Stepnarve
10 months ago

Propecia Eficacia Foliculo Piloso [url=http://apcialisle.com/#]Cialis[/url] Order Viagra Online Fast Shipping Cialis Farmacie Online

0
Reply
Stepnarve
Stepnarve
10 months ago

Viagra Sales India [url=http://apcialisle.com/#]buy generic cialis[/url] Propranolol Buy Mastercard canadian pharmacy cialis Levitra Kaufen In Deutschland

0
Reply

Connect US

Facebook
Youtube
Telegram
Skype

Get new post

  • About US
  • Contact US
  • ITFORVN vBlog
  • Our Team
  • Our Missions
Design by ITFORVN.COM ®

Nghiêm cấm sao chép vì mục đích thương mại. Mọi sao chép từ ITFORVN.COM phải ghi rõ nguồn gốc.
DMCA.com Protection Status
  • Trang chủ
  • Training
  • Infrastructure
    • Hardware
    • Network
      • Cisco
      • HP
      • Low End
    • Clouds
      • Amazon
      • Google
      • Cloud App
      • VMWare
    • Virtualization
      • Hyper-V
      • Citrix
      • Azure
    • On-Premise
      • Linux
      • MAC
      • VoIP
      • Windows
  • Security
    • Application Security
    • APT
    • Client Security
      • Android
      • iOS
      • Linux OS
      • MAC
      • Windows OS
    • Database Security
    • End Point
    • Forensic
    • IDS/IPS
    • Proxy
    • SOC
    • Web Firewall
  • ITFORVN Docs
    • Series 802.1x
    • Series Backup Solution
    • Series MCSA
    • Series CCNA
    • Series MCAfee DLP
    • Series VMWare
  • IT Books & Tool
    • Free Tools
    • Paid Tools
  • About Us

© 2021 JNews - Premium WordPress news & magazine theme by Jegtheme.

wpDiscuz
17
0
Would love your thoughts, please comment.x
()
x
| Reply