Patch Tuesday Archive
Patch Tuesday June 2019
Total CVEs
94
Critical
17
Important
69
Exploited
0
Publicly Disclosed
5
All CVEs this month 94
| CVE | Title | Severity | CVSS | Product | Exploited | Disclosed |
|---|---|---|---|---|---|---|
| ADV190015 | June 2019 Adobe Flash Security Update | Critical | - | Adobe Flash Player | - | - |
| CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 7.6 |
Windows Hyper-V | - | - |
| CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 7.6 |
Microsoft Windows | - | - |
| CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Windows | - | - |
| CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Windows | - | - |
| CVE-2019-0920 | Scripting Engine Memory Corruption Vulnerability | Critical | 7.5 |
Microsoft Scripting Engine | - | - |
| CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability | Critical | 7.8 |
Microsoft Graphics Component | - | - |
| CVE-2019-0989 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-0990 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 6.5 |
Microsoft Scripting Engine | - | - |
| CVE-2019-0991 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-0992 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-0993 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1002 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1003 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1024 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1051 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1052 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| ADV190016 | Bluetooth Low Energy Advisory | Important | - | Microsoft Devices | - | - |
| ADV190017 | Microsoft HoloLens Remote Code Execution Vulnerabilities | Important | - | Microsoft Devices | - | - |
| CVE-2019-0710 | Windows Hyper-V Denial of Service Vulnerability | Important | 6.8 |
Microsoft Windows | - | - |
| CVE-2019-0711 | Windows Hyper-V Denial of Service Vulnerability | Important | 6.8 |
Microsoft Windows | - | - |
| CVE-2019-0713 | Windows Hyper-V Denial of Service Vulnerability | Important | 6.8 |
Microsoft Windows | - | - |
| CVE-2019-0904 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-0905 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-0906 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-0907 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-0908 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-0909 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-0941 | Microsoft IIS Server Denial of Service Vulnerability | Important | 7.5 |
Windows IIS | - | - |
| CVE-2019-0943 | Windows ALPC Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2019-0959 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-0960 | Win32k Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Graphics Component | - | - |
| CVE-2019-0968 | Windows GDI Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2019-0972 | Local Security Authority Subsystem Service Denial of Service Vulnerability | Important | 6.5 |
Kerberos | - | - |
| CVE-2019-0973 | Windows Installer Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Installer | - | Yes |
| CVE-2019-0974 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-0977 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-0983 | Windows Storage Service Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2019-0984 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-0986 | Windows User Profile Service Elevation of Privilege Vulnerability | Important | 6.3 |
Windows Shell | - | - |
| CVE-2019-0996 | Azure DevOps Server Spoofing Vulnerability | Important | - | Team Foundation Server | - | - |
| CVE-2019-0998 | Windows Storage Service Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2019-1007 | Windows Audio Service Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Media | - | - |
| CVE-2019-1009 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1010 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1011 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1012 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1013 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1014 | Win32k Elevation of Privilege Vulnerability | Important | 7 |
Windows Kernel | - | - |
| CVE-2019-1015 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1016 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1017 | Win32k Elevation of Privilege Vulnerability | Important | 7 |
Windows Kernel | - | - |
| CVE-2019-1018 | DirectX Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1019 | Microsoft Windows Security Feature Bypass Vulnerability | Important | 8.5 |
Windows NTLM | - | - |
| CVE-2019-1021 | Windows Audio Service Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Media | - | - |
| CVE-2019-1022 | Windows Audio Service Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Media | - | - |
| CVE-2019-1023 | Scripting Engine Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1025 | Windows Denial of Service Vulnerability | Important | 6.5 |
Microsoft Windows | - | - |
| CVE-2019-1026 | Windows Audio Service Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Media | - | - |
| CVE-2019-1027 | Windows Audio Service Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Media | - | - |
| CVE-2019-1028 | Windows Audio Service Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Media | - | - |
| CVE-2019-1029 | Skype for Business and Lync Server Denial of Service Vulnerability | Important | - | Skype for Business and Microsoft Lync | - | - |
| CVE-2019-1031 | Microsoft Office SharePoint XSS Vulnerability | Important | - | Microsoft Office SharePoint | - | - |
| CVE-2019-1032 | Microsoft Office SharePoint XSS Vulnerability | Important | - | Microsoft Office SharePoint | - | - |
| CVE-2019-1033 | Microsoft Office SharePoint XSS Vulnerability | Important | - | Microsoft Office SharePoint | - | - |
| CVE-2019-1034 | Microsoft Word Remote Code Execution Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2019-1035 | Microsoft Word Remote Code Execution Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2019-1036 | Microsoft Office SharePoint XSS Vulnerability | Important | - | Microsoft Office SharePoint | - | - |
| CVE-2019-1039 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 |
Windows Kernel | - | - |
| CVE-2019-1040 | Windows NTLM Tampering Vulnerability | Important | 5.3 |
Windows Authentication Methods | - | - |
| CVE-2019-1041 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7 |
Windows Kernel | - | - |
| CVE-2019-1043 | Comctl32 Remote Code Execution Vulnerability | Important | 6.4 |
Microsoft Windows | - | - |
| CVE-2019-1044 | Windows Secure Kernel Mode Security Feature Bypass Vulnerability | Important | 5.3 |
Windows Kernel | - | - |
| CVE-2019-1045 | Windows Network File System Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2019-1046 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1047 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1048 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1049 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1050 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | - | - |
| CVE-2019-1053 | Windows Shell Elevation of Privilege Vulnerability | Important | 6.3 |
Windows Shell | - | Yes |
| CVE-2019-1054 | Microsoft Edge Security Feature Bypass Vulnerability | Important | 5 |
Microsoft Edge | - | - |
| CVE-2019-1064 | Windows Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | Yes |
| CVE-2019-1065 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Kernel | - | - |
| CVE-2019-1069 | Task Scheduler Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | Yes |
| CVE-2019-1081 | Microsoft Browser Information Disclosure Vulnerability | Important | 4.3 |
Microsoft Browsers | - | - |
| CVE-2019-1105 | Outlook for Android Spoofing Vulnerability | Important | - | Android App | - | - |
| CVE-2019-0948 | Windows Event Viewer Information Disclosure Vulnerability | Moderate | 4.7 |
Microsoft Windows | - | - |
| CVE-2019-0988 | Scripting Engine Memory Corruption Vulnerability | Moderate | 7.5 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability | Moderate | 7.5 |
Microsoft Browsers | - | - |
| CVE-2019-1055 | Scripting Engine Memory Corruption Vulnerability | Moderate | 7.5 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1080 | Scripting Engine Memory Corruption Vulnerability | Moderate | 7.5 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1005 | Scripting Engine Memory Corruption Vulnerability | Low | 7.5 |
VBScript | - | - |
| ADV190018 | Microsoft Exchange Server Defense in Depth Update | Unknown | - | Microsoft Exchange Server | - | - |
| ADV190020 | Linux Kernel TCP SACK Denial of Service Vulnerability | Unknown | - | Linux Kernel | - | Yes |
Threat Categories 9
| Threat Category | CVEs | Critical |
|---|---|---|
| Remote Code Execution | 33 | 17 |
| Elevation of Privilege | 24 | - |
| Information Disclosure | 18 | - |
| Denial of Service | 7 | - |
| Spoofing | 6 | - |
| Security Feature Bypass | 3 | - |
| Tampering | 1 | - |
| Defense in Depth | 1 | - |
| Unknown | 1 | - |
Affected Products 25
| Product | CVEs | Exploited |
|---|---|---|
| Microsoft Windows | 17 | - |
| Microsoft Graphics Component | 17 | - |
| Microsoft Scripting Engine | 15 | - |
| Microsoft JET Database Engine | 7 | - |
| Windows Media | 6 | - |
| Windows Kernel | 6 | - |
| Microsoft Office SharePoint | 4 | - |
| Microsoft Devices | 2 | - |
| Windows Shell | 2 | - |
| Microsoft Office | 2 | - |
| Microsoft Browsers | 2 | - |
| Adobe Flash Player | 1 | - |
| Windows Hyper-V | 1 | - |
| Windows IIS | 1 | - |
| Kerberos | 1 | - |
| Windows Installer | 1 | - |
| Team Foundation Server | 1 | - |
| Windows NTLM | 1 | - |
| Skype for Business and Microsoft Lync | 1 | - |
| Windows Authentication Methods | 1 | - |
| Microsoft Edge | 1 | - |
| Android App | 1 | - |
| VBScript | 1 | - |
| Microsoft Exchange Server | 1 | - |
| Linux Kernel | 1 | - |