Patch Tuesday Archive
Patch Tuesday August 2019
Total CVEs
97
Critical
26
Important
65
Exploited
0
Publicly Disclosed
1
All CVEs this month 97
| CVE | Title | Severity | CVSS | Product | Exploited | Disclosed |
|---|---|---|---|---|---|---|
| CVE-2019-0720 | Hyper-V Remote Code Execution Vulnerability | Critical | 8 |
Windows Hyper-V | - | - |
| CVE-2019-0736 | Windows DHCP Client Remote Code Execution Vulnerability | Critical | 9.8 |
Windows DHCP Client | - | - |
| CVE-2019-0965 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 7.6 |
Windows Hyper-V | - | - |
| CVE-2019-1131 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1139 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1140 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 8.8 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1141 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1144 | Microsoft Graphics Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Graphics Component | - | - |
| CVE-2019-1145 | Microsoft Graphics Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Graphics Component | - | - |
| CVE-2019-1149 | Microsoft Graphics Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Graphics Component | - | - |
| CVE-2019-1150 | Microsoft Graphics Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Graphics Component | - | - |
| CVE-2019-1151 | Microsoft Graphics Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Graphics Component | - | - |
| CVE-2019-1152 | Microsoft Graphics Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Graphics Component | - | - |
| CVE-2019-1181 | Remote Desktop Services Remote Code Execution Vulnerability | Critical | 9.8 |
Windows RDP | - | - |
| CVE-2019-1182 | Remote Desktop Services Remote Code Execution Vulnerability | Critical | 9.8 |
Windows RDP | - | - |
| CVE-2019-1188 | LNK Remote Code Execution Vulnerability | Critical | 7.5 |
Microsoft Windows | - | - |
| CVE-2019-1195 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1196 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1197 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1199 | Microsoft Outlook Memory Corruption Vulnerability | Critical | - | Microsoft Office | - | - |
| CVE-2019-1200 | Microsoft Outlook Remote Code Execution Vulnerability | Critical | - | Microsoft Office | - | - |
| CVE-2019-1201 | Microsoft Word Remote Code Execution Vulnerability | Critical | - | Microsoft Office | - | - |
| CVE-2019-1205 | Microsoft Word Remote Code Execution Vulnerability | Critical | - | Microsoft Office | - | - |
| CVE-2019-1213 | Windows DHCP Server Remote Code Execution Vulnerability | Critical | 9.8 |
Windows DHCP Server | - | - |
| CVE-2019-1222 | Remote Desktop Services Remote Code Execution Vulnerability | Critical | 9.8 |
Windows RDP | - | - |
| CVE-2019-1226 | Remote Desktop Services Remote Code Execution Vulnerability | Critical | 9.8 |
Windows RDP | - | - |
| ADV190014 | Microsoft Live Accounts Elevation of Privilege Vulnerability | Important | - | Online Services | - | - |
| CVE-2019-0714 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.8 |
Windows Hyper-V | - | - |
| CVE-2019-0715 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.8 |
Windows Hyper-V | - | - |
| CVE-2019-0716 | Windows Denial of Service Vulnerability | Important | 5.8 |
Microsoft Windows | - | - |
| CVE-2019-0717 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.8 |
Windows Hyper-V | - | - |
| CVE-2019-0718 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.8 |
Windows Hyper-V | - | - |
| CVE-2019-0723 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.8 |
Windows Hyper-V | - | - |
| CVE-2019-1030 | Microsoft Edge based on Edge HTML Information Disclosure Vulnerability | Important | 4.3 |
Microsoft Edge (HTML-based) | - | - |
| CVE-2019-1057 | MS XML Remote Code Execution Vulnerability | Important | 7.5 |
Microsoft XML Core Services | - | - |
| CVE-2019-1078 | Microsoft Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2019-1125 | Windows Kernel Information Disclosure Vulnerability | Important | 5.6 |
Windows Kernel | - | - |
| CVE-2019-1143 | Windows Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2019-1146 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-1147 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-1148 | Microsoft Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2019-1153 | Microsoft Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2019-1154 | Windows Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2019-1155 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-1156 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-1157 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft JET Database Engine | - | - |
| CVE-2019-1158 | Windows Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2019-1159 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Kernel | - | - |
| CVE-2019-1161 | Microsoft Defender Elevation of Privilege Vulnerability | Important | - | Microsoft Malware Protection Engine | - | - |
| CVE-2019-1162 | Windows ALPC Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2019-1163 | Windows File Signature Security Feature Bypass Vulnerability | Important | 5.5 |
Microsoft Windows | - | - |
| CVE-2019-1164 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Kernel | - | - |
| CVE-2019-1168 | Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2019-1169 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Kernel | - | - |
| CVE-2019-1170 | Windows NTFS Elevation of Privilege Vulnerability | Important | 7.9 |
Windows NTFS | - | - |
| CVE-2019-1171 | SymCrypt Information Disclosure Vulnerability | Important | 5.6 |
Windows SymCrypt | - | - |
| CVE-2019-1172 | Windows Information Disclosure Vulnerability | Important | 4.3 |
Microsoft Windows | - | - |
| CVE-2019-1173 | Windows Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1174 | Windows Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1175 | Windows Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1176 | DirectX Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1177 | Windows Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1178 | Windows Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1179 | Windows Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1180 | Windows Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1184 | Windows Elevation of Privilege Vulnerability | Important | 6.7 |
Windows Shell | - | - |
| CVE-2019-1185 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | Important | - | Windows - Linux | - | - |
| CVE-2019-1186 | Windows Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Windows | - | - |
| CVE-2019-1187 | XmlLite Runtime Denial of Service Vulnerability | Important | 5.5 |
Microsoft XML | - | - |
| CVE-2019-1190 | Windows Image Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Kernel | - | - |
| CVE-2019-1198 | Microsoft Windows Elevation of Privilege Vulnerability | Important | 6.5 |
Microsoft Windows | - | - |
| CVE-2019-1202 | SharePoint Information Disclosure Vulnerability | Important | - | Microsoft Office SharePoint | - | - |
| CVE-2019-1203 | Microsoft Office SharePoint XSS Vulnerability | Important | - | Microsoft Office SharePoint | - | - |
| CVE-2019-1204 | Microsoft Outlook Elevation of Privilege Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2019-1206 | Windows DHCP Server Denial of Service Vulnerability | Important | 7.5 |
Windows DHCP Server | - | - |
| CVE-2019-1211 | Git for Visual Studio Elevation of Privilege Vulnerability | Important | - | Visual Studio | - | - |
| CVE-2019-1212 | Windows DHCP Server Denial of Service Vulnerability | Important | 9.8 |
Windows DHCP Server | - | - |
| CVE-2019-1218 | Outlook iOS Spoofing Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2019-1223 | Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | Important | 7.5 |
Windows RDP | - | - |
| CVE-2019-1224 | Remote Desktop Protocol Server Information Disclosure Vulnerability | Important | 7.5 |
Windows RDP | - | - |
| CVE-2019-1225 | Remote Desktop Protocol Server Information Disclosure Vulnerability | Important | 7.5 |
Windows RDP | - | - |
| CVE-2019-1227 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 |
Windows Kernel | - | - |
| CVE-2019-1228 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 |
Windows Kernel | - | - |
| CVE-2019-1229 | Dynamics On-Premise Elevation of Privilege Vulnerability | Important | - | Microsoft Dynamics | - | - |
| CVE-2019-1258 | Azure Active Directory Authentication Library Elevation of Privilege Vulnerability | Important | - | Microsoft Identity Services | - | - |
| CVE-2019-9506 | Encryption Key Negotiation of Bluetooth Vulnerability | Important | 9.3 |
Microsoft Bluetooth Driver | - | - |
| CVE-2019-9511 | HTTP/2 Server Denial of Service Vulnerability | Important | 7.5 |
HTTP/2 | - | - |
| CVE-2019-9512 | HTTP/2 Server Denial of Service Vulnerability | Important | 7.5 |
HTTP/2 | - | - |
| CVE-2019-9513 | HTTP/2 Server Denial of Service Vulnerability | Important | 7.5 |
HTTP/2 | - | - |
| CVE-2019-9514 | HTTP/2 Server Denial of Service Vulnerability | Important | 7.5 |
HTTP/2 | - | - |
| CVE-2019-9518 | HTTP/2 Server Denial of Service Vulnerability | Important | 7.5 |
HTTP/2 | - | - |
| CVE-2019-1133 | Scripting Engine Memory Corruption Vulnerability | Moderate | 7.5 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1194 | Scripting Engine Memory Corruption Vulnerability | Moderate | 7.5 |
Microsoft Scripting Engine | - | - |
| CVE-2019-1192 | Microsoft Browsers Security Feature Bypass Vulnerability | Low | 4.3 |
Microsoft Browsers | - | - |
| CVE-2019-1193 | Microsoft Browser Memory Corruption Vulnerability | Low | 6.4 |
Microsoft Browsers | - | - |
| ADV190023 | Microsoft Guidance for Enabling LDAP Channel Binding and LDAP Signing | None | - | Windows Active Directory | - | Yes |
| CVE-2019-1183 | Windows VBScript Engine Remote Code Execution Vulnerability | Unknown | - | Windows Scripting | - | - |
Threat Categories 9
| Threat Category | CVEs | Critical |
|---|---|---|
| Remote Code Execution | 35 | 26 |
| Elevation of Privilege | 25 | - |
| Denial of Service | 15 | - |
| Information Disclosure | 15 | - |
| Security Feature Bypass | 2 | - |
| Spoofing | 2 | - |
| Tampering | 1 | - |
| Defense in Depth | 1 | - |
| Unknown | 1 | - |
Affected Products 28
| Product | CVEs | Exploited |
|---|---|---|
| Microsoft Windows | 16 | - |
| Microsoft Graphics Component | 12 | - |
| Microsoft Scripting Engine | 9 | - |
| Windows Hyper-V | 7 | - |
| Windows RDP | 7 | - |
| Windows Kernel | 7 | - |
| Microsoft Office | 6 | - |
| Microsoft JET Database Engine | 5 | - |
| HTTP/2 | 5 | - |
| Windows DHCP Server | 3 | - |
| Microsoft Office SharePoint | 2 | - |
| Microsoft Browsers | 2 | - |
| Windows DHCP Client | 1 | - |
| Online Services | 1 | - |
| Microsoft Edge (HTML-based) | 1 | - |
| Microsoft XML Core Services | 1 | - |
| Microsoft Malware Protection Engine | 1 | - |
| Windows NTFS | 1 | - |
| Windows SymCrypt | 1 | - |
| Windows Shell | 1 | - |
| Windows - Linux | 1 | - |
| Microsoft XML | 1 | - |
| Visual Studio | 1 | - |
| Microsoft Dynamics | 1 | - |
| Microsoft Identity Services | 1 | - |
| Microsoft Bluetooth Driver | 1 | - |
| Windows Active Directory | 1 | - |
| Windows Scripting | 1 | - |