
close
close
This month Microsoft patches four zero-day flaws in Windows 10 and some Bluetooth security keys stop working.
advertisment
This month Microsoft issued fixes for four zero-day bugs in Windows. BearLPE (CVE-2019-1069) is a bug in the Task Scheduler component of Windows 10 and Windows Server that could allow an attacker to elevate privileges. SandboxEscape (CVE-2019-1053) is a Windows Shell elevation of privilege (EOP) bug that fails to validate folder shortcuts and could allow an attacker to elevate privileges by escaping a sandbox. CVE-2019-1064 was issued to prevent bypass of a previous EOP bug (CVE-2019-0841) in the AppX Deployment Service. Finally, InstallerBypass (CVE-2019-0973) is another EOP bug affecting Windows 10 and Windows 8, this time in the Windows Installer service when it fails to properly check input, which could allow an attacker to load an insecure library.
SandboxEscaper, the security researcher that has been revealing tons of bugs in Windows of late, also published details on a fifth zero-day called ByeBear that affects Windows 10 and Server 2019. It is another method of exploiting the AppX Deployment Service patch that Microsoft is deploying this month. As fast as Microsoft patches this exploit, SandboxEscaper finds another way around it. If Microsoft deems it serious enough, we might see this new bug patched before next month’s Patch Tuesday.
Aside from the four zero-days, Microsoft patched 11 remote code execution (RCE) bugs, three of which are rated critical. CVE-2019-0620 and CVE-2019-0722 are a Hyper-V bug that could let an attacker run arbitrary code on the host operating system by running specially designed code in a guest OS. CVE-2019-0888 is a vulnerability in the way ActiveX Data Objects (ADO) handle objects in memory and could allow an attacker to compromise a machine by convincing a user to visit a specially crafted website.
There are also 9 RCEs rated critical for Microsoft Edge and Chakra Core, all of which are either memory corruption bugs or problems with the way objects are handled in memory. Some of these vulnerabilities also affect Internet Explorer.
advertisment
Windows 7 gets patches for two critical RCEs. One is for CVE-2019-0888, the ActiveX Data Objects flaw described above. The second (CVE-2019-0985), is a bug in how the Microsoft Speech API (SAPI) handles text-to-speech (TTS) input. To exploit this flaw, a user would have to be convinced to open a specially crafted document with TTS content.
Additionally, a patch for CVE-2019-1019 fixes a problem where NETLOGON message might be able to get the session key and sign messages.
Office 365 Pro Plus (Click-to-Run) gets a patch for two RCEs. CVE-2019-1034 and CVE-2019-1035 are both flaws in Word that fail to properly handle objects in memory and could allow an attacker to run actions in the context of the logged in user.
All supported versions of Exchange get a patch that improves defense-in-depth security. Microsoft SharePoint Server 2010 SP2, SharePoint Enterprise Server 2013 SP1, 2016, and 2019 are all patched for the Word memory vulnerability (CVE-2019-1034) that is outlined above.
advertisment
After you apply the updates for this month’s Patch Tuesday, you will no longer be able to pair Feitian and Google Titan security keys containing a misconfiguration in the Bluetooth pairing protocols that could allow an attacker to interact with the key. For more information about this issue, see Microsoft’s website here. If you have an affected Google key, you can use this page to request a free replacement.
Last but not least, Adobe fixed several RCEs flaws rated critical in Flash Player, Acrobat, and Acrobat Reader.
More from Russell Smith
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Security
CISA Warns Federal Agencies to Mitigate Critical VMware Vulnerabilities by May 23
May 20, 2022 | Rabia Noureen
CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers
May 17, 2022 | Rabia Noureen
Microsoft's New Security Experts Service Protects Businesses Against Ransomware Attacks
May 9, 2022 | Rabia Noureen
Microsoft, Google, and Apple to Expand Passwordless Login Across All Major Platforms
May 5, 2022 | Rabia Noureen
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group