[SingCERT] Alert on Microsoft January 2019 Patch Tuesday

Published on Thursday, 10 January 2019 09:31

Background

Microsoft has announced the release of over 50 security patches to address vulnerabilities affecting its operating system and other products. Seven vulnerabilities were identified as critical and required immediate attention.

Successful exploitation of these 7 critical vulnerabilities could allow remote code execution by attackers. The vulnerabilities include:

 

  • CVE-2019-0539, CVE-2019-0567 and CVE-2019-0568 – These vulnerabilities exist when the Chakra scripting engine handles objects in memory in Microsoft Edge. These vulnerabilities could corrupt memory, allowing attackers to execute arbitrary code in the context of a user.
  • CVE-2019-0547 - This vulnerability allows an attacker to send a specially crafted Dynamic Host Configuration Protocol (DHCP) response back to the client to perform arbitrary code execution.
  • CVE-2019-0550 and CVE-2019-0551 - These vulnerabilities exist when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. These vulnerabilities could cause the Hyper-V host operating system to execute arbitrary code.
  • CVE-2019-0565 - This vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory, allowing attackers to execute arbitrary code in the context of the current user.

For the full list of security updates released by Microsoft, please visit https://portal.msrc.microsoft.com/en-us/security-guidance.

Affected Products

The security release contains security updates for the following software:


•    Internet Explorer
•    Microsoft Edge
•    Microsoft Windows
•    Microsoft Office and Microsoft Office Services and Web Apps
•    ChakraCore
•    .NET Framework
•    ASP.NET
•    Microsoft Exchange Server
•    Microsoft Visual Studio

Impact

Successful exploitation of these vulnerabilities could allow attackers to perform remote code execution and take control of the affected system to perform malicious activities including unauthorised installation of programs, creating rogue administrator accounts and viewing, changing, or deleting data.

Recommendations

Users and system administrators of affected products are advised to download and install the security updates immediately.

References

https://portal.msrc.microsoft.com/en-us/security-guidance

https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2019-patch-tuesday-includes-51-security-updates/