August 2019 - Microsoft Releases Security Patches

Publish date: 28 de mayo de 2020

Fecha recomendada: 14 de agosto de 2019

Descripción

Microsoft addresses vulnerabilities in its August security bulletin. Trend Micro Deep Security covers the following:

CVE-2019-1196 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical

This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability.

CVE-2019-1139 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical

This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability.

CVE-2019-1140 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical

This remote code execution vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability.

CVE-2019-1141 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical

This remote code execution vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability.

CVE-2019-1195 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical

This remote code execution vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability.

CVE-2019-1197 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical

This remote code execution vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability.

CVE-2019-1201 - Microsoft Word Remote Code Execution Vulnerability
Risk Rating: Critical

This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft Word. Attackers looking to exploit this vulnerability may create a specially crafted file that contains an exploit to this vulnerability.

Revelación de la información

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection Compatibility

CVE-2019-1140 1009905 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1140) 13-Aug-19 YES

CVE-2019-1141 1009906 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1141) 13-Aug-19 YES

CVE-2019-1196 1009903 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1196) 13-Aug-19 YES

CVE-2019-1195 1009907 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1195) 13-Aug-19 YES

CVE-2019-1139 1009904 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1139) 13-Aug-19 YES

CVE-2019-1201 1009909 Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1201) 13-Aug-19 YES

CVE-2019-1197 1009908 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1197) 13-Aug-19 YES

August 2019 - Microsoft Releases Security Patches

Descripción

Revelación de la información

Recursos

Soporte

Acerca de Trend

Vulnerability ID	DPI Rule Number	DPI Rule Name	Release Date	Vulnerability Protection Compatibility
CVE-2019-1140	1009905	Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1140)	13-Aug-19	YES
CVE-2019-1141	1009906	Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1141)	13-Aug-19	YES
CVE-2019-1196	1009903	Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1196)	13-Aug-19	YES
CVE-2019-1195	1009907	Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1195)	13-Aug-19	YES
CVE-2019-1139	1009904	Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1139)	13-Aug-19	YES
CVE-2019-1201	1009909	Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1201)	13-Aug-19	YES
CVE-2019-1197	1009908	Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1197)	13-Aug-19	YES

August 2019 - Microsoft Releases Security Patches

Descripción

Revelación de la información

Recursos

Soporte

Acerca de Trend

América

Oriente Medio y África

Europa

Asia-Pacífico