Microsoft July Patch Tuesday Addressed 78 Security Flaws Including Two Zero-Days

Microsoft has released its monthly scheduled updates for different products this week. Once again, the tech giant fixed two zero-day bugs under active exploit in the wild. The Microsoft July Patch Tuesday bundle addressed 15 critical vulnerabilities with a total of 78 bug fixes in all.

Actively Exploited Zero-Day Bugs Fixed

The Microsoft July Patch Tuesday update bundle holds importance for fixing actively exploited zero-days. These two zero-day bugs have been under active exploits by Russian hackers.

The first of these is a Win32k elevation of privilege vulnerability (CVE-2019-1132). Describing this vulnerability in the advisory, Microsoft stated,

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit the flaw, simply had to log on to the target system and run a specially crafted app.

As reported by the researcher Anton Cherepanov from ESET, the vulnerability was under active exploits in Eastern Europe, as discovered in June 2019. Explaining about the exploit in his blog, he stated that the flaw affected Windows 7 (SP-1) and Windows Server 2008 (SP 1 and 2).

The other zero-day vulnerability included a local elevation of privilege in the way Microsoft splwow64 handles some calls. As stated in Microsoft’s advisory,

An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.

This flaw (CVE-2019-0880) could lead to remote code execution as well when exploited together with another flaw.

15 Critical Security Fixes Rolled-Out

In addition to the two important-severity zero-days discussed above, Microsoft also released fixes for 15 critical security flaws. All of these could allow remote code execution by an adversary upon an exploit. Some of the notable ones include a memory corruption vulnerability in Windows DHCP Server (CVE-2019-0785), and RCE flaws in Azure DevOps Server and Team Foundation Server (CVE-2019-1072), GDI+ (CVE-2019-1102), and .NET Framework (CVE-2019-1113).

Besides, Microsoft also patched 4 memory corruption vulnerabilities in Scripting Engine, 5 memory corruption flaws in Chakra Scripting Engine, and 1 memory corruption vulnerability each in Internet Explorer and Microsoft browser.

Patches For Important Publicly Disclosed Vulnerabilities

With July updates, Microsoft also patched 6 vulnerabilities that were disclosed publicly.

Precisely, these include elevation of privilege vulnerabilities in Docker (CVE-2018-15664), Azure Automation (CVE-2019-0962) and Windows AppX Deployment Service (AppXSVC) (CVE-2019-1129); remote code execution vulnerabilities in Remote Desktop Services (CVE-2019-0887) and Microsoft SQL Server (CVE-2019-1068); and denial of service vulnerability in SymCrypt (CVE-2019-0865).

Fortunately, Microsoft patched these important severity vulnerabilities before any exploits.

Other Microsoft July Patch Tuesday Fixes

Alongside the above-discussed security flaws, the tech giant also patched 54 other important severity vulnerabilities in various products. Besides, they also fixed a single moderate-severity ASP.NET Core Spoofing Vulnerability (CVE-2019-1075) with these updates.

While this update bundle also fixed tens of security flaws, it still addressed relatively fewer bugs than the previous month. In June’s Patch Tuesday, Microsoft fixed 88 security flaws including zero-day bugs.

Take your time to comment on this article.

Related posts

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

ZenHammer Memory Attack Exploits Rowhammer Against AMD CPUs