OnlyFm252
Patch Tuesday Archive

Patch Tuesday December 2019

Total CVEs

38

Critical

7

Important

28

Exploited

1

Publicly Disclosed

0

All CVEs this month 38

CVE Title Severity CVSS Product Exploited Disclosed
CVE-2019-1349 Git for Visual Studio Remote Code Execution Vulnerability Critical - Visual Studio - -
CVE-2019-1350 Git for Visual Studio Remote Code Execution Vulnerability Critical - Visual Studio - -
CVE-2019-1352 Git for Visual Studio Remote Code Execution Vulnerability Critical - Visual Studio - -
CVE-2019-1354 Git for Visual Studio Remote Code Execution Vulnerability Critical - Visual Studio - -
CVE-2019-1387 Git for Visual Studio Remote Code Execution Vulnerability Critical - Visual Studio - -
CVE-2019-1468 Win32k Graphics Remote Code Execution Vulnerability Critical 8.4 Microsoft Graphics Component - -
CVE-2019-1471 Windows Hyper-V Remote Code Execution Vulnerability Critical 8.2 Windows Hyper-V - -
CVE-2019-1332 Microsoft SQL Server Reporting Services XSS Vulnerability Important - SQL Server - -
CVE-2019-1400 Microsoft Access Information Disclosure Vulnerability Important - Microsoft Office - -
CVE-2019-1453 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important 7.5 Microsoft Windows - -
CVE-2019-1458 Win32k Elevation of Privilege Vulnerability Important 7.8 Windows Kernel Yes -
CVE-2019-1461 Microsoft Word Remote Code Execution Vulnerability Important - Microsoft Office - -
CVE-2019-1462 Microsoft PowerPoint Remote Code Execution Vulnerability Important - Microsoft Office - -
CVE-2019-1463 Microsoft Access Information Disclosure Vulnerability Important - Microsoft Office - -
CVE-2019-1464 Microsoft Excel Information Disclosure Vulnerability Important - Microsoft Office - -
CVE-2019-1465 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1466 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1467 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1469 Win32k Information Disclosure Vulnerability Important 5.5 Windows Kernel - -
CVE-2019-1470 Windows Hyper-V Information Disclosure Vulnerability Important 6 Windows Hyper-V - -
CVE-2019-1472 Windows Kernel Information Disclosure Vulnerability Important 5.5 Windows Kernel - -
CVE-2019-1474 Windows Kernel Information Disclosure Vulnerability Important 5.5 Microsoft Windows - -
CVE-2019-1476 Windows Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1477 Windows Printer Service Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1478 Windows COM Server Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1480 Windows Media Player Information Disclosure Vulnerability Important 5.5 Windows Media Player - -
CVE-2019-1481 Windows Media Player Information Disclosure Vulnerability Important 5.5 Windows Media Player - -
CVE-2019-1483 Windows Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1484 Windows OLE Remote Code Execution Vulnerability Important 7.8 Windows OLE - -
CVE-2019-1486 Visual Studio Live Share Spoofing Vulnerability Important - Visual Studio - -
CVE-2019-1487 Microsoft Authentication Library for Android Information Disclosure Vulnerability Important - Open Source Software - -
CVE-2019-1488 Microsoft Defender Security Feature Bypass Vulnerability Important 3.3 Microsoft Windows - -
CVE-2019-1489 Remote Desktop Protocol Information Disclosure Vulnerability Important - End of Life Software - -
CVE-2019-1490 Skype for Business Server Spoofing Vulnerability Important - Skype for Business - -
CVE-2019-1491 Microsoft SharePoint Server Information Disclosure Vulnerability Important - Microsoft Office SharePoint - -
CVE-2019-1351 Git for Visual Studio Tampering Vulnerability Moderate - Visual Studio - -
CVE-2019-1485 VBScript Remote Code Execution Vulnerability Low 7.5 Microsoft Scripting Engine - -
ADV190026 Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for Business Unknown - Windows Hello - -

    Threat Categories 8

    Threat Category CVEs Critical
    Information Disclosure 15 -
    Remote Code Execution 11 7
    Elevation of Privilege 5 -
    Spoofing 3 -
    Denial of Service 1 -
    Security Feature Bypass 1 -
    Tampering 1 -
    Unknown 1 -

    Affected Products 15

    Product CVEs Exploited
    Visual Studio 7 -
    Microsoft Windows 7 -
    Microsoft Office 5 -
    Microsoft Graphics Component 4 -
    Windows Kernel 3 1
    Windows Hyper-V 2 -
    Windows Media Player 2 -
    SQL Server 1 -
    Windows OLE 1 -
    Open Source Software 1 -
    End of Life Software 1 -
    Skype for Business 1 -
    Microsoft Office SharePoint 1 -
    Microsoft Scripting Engine 1 -
    Windows Hello 1 -