Weekly Comments

11 - 18 June 2019

Microsoft Patch Tuesday for June fixes 88 vulnerabilities, 21 of which are rated “Critical”, 66 “Important” and one “Moderate”.

Microsoft Patch Tuesday for June fixes 88 vulnerabilities, 21 of which are rated “Critical”, 66 “Important” and one “Moderate”. Majority of the “Critical” vulnerabilities affect the scripting engines used in Microsoft browsers which can lead to remote code execution (RCE) or information disclosure. Among the 66 “Important” vulnerabilities, four are disclosed by SandboxEscaper at the end of May who released proof-of-concepts (PoCs) code to trigger local privilege elevation. CVE-2019-1069 exploits the way Task Scheduler Service validates file operation (BearLPE PoC). CVE-2019-0973 is caused by Windows Installer’s failure to properly sanitise input leading to an insecure library loading behaviour (InstallerBypass PoC). CVE-2019-1064 is due to AppX Deployment Service (AppXSVC) improper handling of hardlinks (CVE-2019-0841-BYPASS PoC). CVE-2019-1053 exists when the Window Shells fail to validate folder shortcuts (SandboxEscape PoC). None of the disclosed vulnerabilities have been detected as being exploited in the wild. Adobe also released updates for Flash, ColdFusion, and Campaign. The Flash update fixes one critical use-after-free bug (CVE-2019-7845) that can be exploited for RCE. The ColdFusion updates address three critical RCE vulnerabilities while the Adobe Campaign patch fixes seven different vulnerabilities, with one labelled as Critical.

 

References:

Windows 10 zero-day details published on GitHub

June 2019 Security Updates

Microsoft Security Update Guide

Security Bulletin for Adobe Flash Player | APSB19-30

Security updates available for ColdFusion | APSB19-27

Security Bulletin for Adobe Campaign | APSB19-28

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Solutioning

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence