June’s Patch Tuesday Fixes 88 Security Flaws, Including SandboxEscaper’s Zero Days, HoloLens
Microsoft’s June Patch Tuesday announced the release of 88 vulnerability patches in this month’s security bulletin, as well as four advisories and one servicing stack update. Of the total number of updates, 21 patches were rated critical, 66 as important, and one as moderate. Four of the critical patches included in this release are fixes for the zero-days that SandboxEscaper previously disclosed, namely CVE-2019-1069, CVE-2019-1053, CVE-2019-1064, and CVE-2019-0973. The advisories include driver and software fixes for third party hardware and software flaws, including Adobe Flash Player, Azure, ChakraCore, Edge, Exchange Server, HoloLens’ Broadcomm wireless chipset, Internet Explorer, Skype for Business, Lync, Office, Office Services and Web Apps. None of the vulnerabilities have been seen exploited in the wild.
CVE-2019-1069 is a security flaw involving Windows Task Scheduler in Windows 10 and Server 2016 and above. Successfully exploiting this vulnerability provides an attacker with escalated privileges in the victim’s machine via local privilege escalation (LPE).
CVE-2019-2053 refers to a Windows Shell vulnerability that, when exploited, causes it to fail when validating folder shortcuts, enabling an attacker to elevate privileges and escape sandbox detection.
CVE-2019-1064 involves a flaw in the way Windows AppX Deployment Service (AppXSVC) handles hard links. An attacker running a customized application could exploit it to install, view, delete, or change programs and data.
CVE-2019-0973 is a security concern in Windows Installer that fails to sanitize input when exploited. An attacker can use it to elevate system privileges via the library in order to install programs; create a new account with full user rights; or view, change, or delete data in the victim’s machine.
The security advisories include firmware updates for remote code execution (RCE) flaws in Microsoft’s HoloLens device, specifically security flaws in the Broadcomm wireless chipset. Abusing CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503 could allow an attacker to execute commands in the system such as a denial of service (DoS) attack.
Another advisory also announced that applying this month’s patches for Feitian and Google Titan Bluetooth-based security keys causes the Bluetooth Low Energy (BLE) version of FIDO Security Keys to stop working due to a misconfiguration in pairing protocols. Abusing the bug can allow an attacker to interact with the key, enabling communication with the security key or the device where the key is paired. Users of the affected devices are advised to request for a free replacement.
The Trend Micro
Deep Security and Vulnerability Protection solutions protect systems and users from threats targeting the vulnerabilities included in this month’s Patch Tuesday release via the following Deep Packet Inspection (DPI) rules:
| Rule | Description | Vulnerability |
| 1009764 | Microsoft Office Security Feature Bypass Vulnerability | CVE-2019-0540 |
| 1009769 | Microsoft Windows Codecs Library Information Disclosure Vulnerability | CVE-2018-8506 |
| 1009778 | Microsoft Windows Speech API Remote Code Execution Vulnerability | CVE-2019-0985 |
| 1009779 | Microsoft Windows Multiple Security Vulnerabilities (June-2019) | CVE-2019-0943, CVE-2019-0984, CVE-2019-0986, CVE-2019-1017, CVE-2019-1041, CVE-2019-1053, CVE-2019-1064, CVE-2019-1069 |
| 1009780 | Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability | CVE-2019-0988 |
| 1009781 | Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability | CVE-2019-0920 |
| 1009782 | Microsoft Edge Scripting Engine Information Disclosure Vulnerability | CVE-2019-0990 |
| 1009783 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-0992 |
| 1009784 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-0993 |
| 1009785 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-0989 |
| 1009786 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-0991 |
| 1009787 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-1024 |
| 1009788 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-1051 |
| 1009789 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-1002 |
| 1009790 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-1003 |
| 1009791 | Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability | CVE-2019-1005 |
| 1009792 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2019-1052 |
| 1009793 | Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability | CVE-2019-1055 |
| 1009794 | Microsoft Edge Scripting Engine Information Disclosure Vulnerability | CVE-2019-1023 |
| 1009796 | Adobe Flash Player Out-Of-Bounds Read Vulnerability | CVE-2019-7845 |
Trend Micro TippingPoint® customers are protected from threats and attacks that may exploit this month’s list of vulnerabilities via these MainlineDV filters:
- 34748: HTTP: Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Vulnerability
- 34763: HTTP: Microsoft Windows gdiplus Font Parsing Information Disclosure Vulnerability
- 34764: HTTP: Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Vulnerability
- 34766: HTTP: Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Vulnerability
- 34792: HTTP: Microsoft Windows DirectWrite Information Disclosure Vulnerability
- 34795: HTTP: Microsoft Windows gdiplus Font Parsing Information Disclosure Vulnerability
- 34956: HTTP: Microsoft Windows gdiplus Font Parsing Information Disclosure Vulnerability
- 34981: HTTP: Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Vulnerability
- 35439: HTTP: Microsoft Internet Explorer VBScript Engine Type Confusion Vulnerability
- 35441: HTTP: Microsoft Speech API (SAPI) Remote Code Execution Vulnerability
- 35443: HTTP: Microsoft Internet Explorer RegExp Use-After-Free Vulnerability
- 35444: HTTP: Microsoft Edge Type Confusion Vulnerability
- 35445: HTTP: Microsoft Edge Out-of-Bounds Write Vulnerability
- 35446: HTTP: Microsoft Edge Type Confusion Vulnerability
- 35447: HTTP: Microsoft Edge Type Confusion Vulnerability
- 35448: HTTP: Microsoft Edge Chakra Out-of-Bounds Write Vulnerability
- 35449: HTTP: Microsoft Edge Proxy Type Confusion Vulnerability
- 35450: HTTP: Microsoft Internet Explorer CreateObject Use-After-Free Vulnerability
- 35452: HTTP: Microsoft Edge Out-Of-Bound Write Vulnerability
- 35453: HTTP: Microsoft Edge Type Confusion Vulnerability
- 35454: HTTP: Microsoft Windows Win32k Privilege Escalation Vulnerability
- 35456: HTTP: Microsoft Edge Type Confusion Vulnerability
- 35457: HTTP: Microsoft Edge Use-After-Free Vulnerability
- 35478: HTTP: Microsoft Windows Privilege Escalation Vulnerability
- 35479: HTTP: Microsoft Windows ALPC Privilege Escalation Vulnerability
- 35480: HTTP: Microsoft Internet Explorer Privilege Escalation Vulnerability
- 35481: HTTP: Microsoft Windows User Profile Privilege Escalation Vulnerability
- 35487: HTTP: Microsoft Edge VBScript Engine Use-After-Free Vulnerability
- 35488: HTTP: Microsoft CLFS Use-After-Free Vulnerability
- 35491: HTTP: Microsoft Windows CLFS Privilege Escalation Vulnerability
- 35493: HTTP: Microsoft Windows DACL Privilege Escalation Vulnerability
- 35495: HTTP: Microsoft Windows Privilege Escalation Vulnerability
- 35518: HTTP: Microsoft Edge JIT Type Confusion Vulnerability
The post June’s Patch Tuesday Fixes 88 Security Flaws, Including SandboxEscaper’s Zero Days, HoloLens appeared first on .