An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
microsoft windows 8.1 - |
||
microsoft windows rt 8.1 - |
||
microsoft windows 10 - |
||
microsoft windows 10 1607 |
||
microsoft windows server 2008 - |
||
microsoft windows server 2008 r2 |
||
microsoft windows server 2012 - |
||
microsoft windows 7 - |
||
microsoft windows 10 1703 |
||
microsoft windows 10 1803 |
||
microsoft windows server 2016 - |
||
microsoft windows server 2016 1803 |
||
microsoft windows 10 1709 |
||
microsoft windows 10 1809 |
||
microsoft windows server 2012 r2 |
||
microsoft windows server 2016 1709 |
||
microsoft windows server 2019 - |
This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical.
Posted: 10 Apr, 201927 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – April 2019This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid handlin...
Exploit kits are not as widespread as they used to be. In the past, they relied on the use of already patched vulnerabilities. Newer and more secure web browsers with automatic updates simply do not allow known vulnerabilities to be exploited. It was very different back in the heyday of Adobe Flash because it’s just a plugin for a web browser, meaning that even if the user has an up-to-date browser, there’s a non-zero chance that Adobe Flash may still be vulnerable to 1-day exploits. Now tha...
Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the exploits and vulnerabilities used in this attack. In the original blog post we described the exploit loader responsible for initial validation of the targe...
In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added a backdoor to the utility and then distributed it to users through official channels. ASUS was not the only company used by the attackers. Other targets included several gaming companies, a conglomerate holding company and a pharmaceutical company – all located i...
In March 2019, our automatic Exploit Prevention (EP) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis of this event led to us discovering a zero-day vulnerability in win32k.sys. It was the fifth consecutive exploited Local Privilege Escalation vulnerability in Windows that we have discovered in recent months using our technologies. The previous ones were: On March 17, 2019 we reported our discovery to Microsoft; the company confir...
Hefty patch Tuesday checks in at just under 100 CVEs A patchy Apache a-patchin: HTTP server gets fix for worrying root access hole
Updated A pair of actively-targeted Windows flaws highlight this month's edition of Redmond's Patch Tuesday, the monthly moment when admins sigh and determine what to fix.. For Microsoft, the monthly flaw folder fixes for a total of 74 CVE-listed security bugs in Windows and Office. Of those, 33 are flaws which, if exploited, would allow the attacker to achieve remote code execution. As usual, most of the remote code execution flaws were spotted in the browser and scripting engines. Those includ...
Vulmon