August 2019 - Microsoft Releases Security Patches
Publish Date: 28 maggio 2020
Data notifica: 14 agosto 2019
Descrizione
Microsoft addresses vulnerabilities in its August security bulletin. Trend Micro Deep Security covers the following:
- CVE-2019-1196 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability. - CVE-2019-1139 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability. - CVE-2019-1140 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability. - CVE-2019-1141 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability. - CVE-2019-1195 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability. - CVE-2019-1197 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability. - CVE-2019-1201 - Microsoft Word Remote Code Execution Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft Word. Attackers looking to exploit this vulnerability may create a specially crafted file that contains an exploit to this vulnerability.
Informazioni esposizione:
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection are also protected from attacks using these vulnerabilities.
Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | Vulnerability Protection Compatibility |
CVE-2019-1140 | 1009905 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1140) | 13-Aug-19 | YES |
CVE-2019-1141 | 1009906 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1141) | 13-Aug-19 | YES |
CVE-2019-1196 | 1009903 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1196) | 13-Aug-19 | YES |
CVE-2019-1195 | 1009907 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1195) | 13-Aug-19 | YES |
CVE-2019-1139 | 1009904 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1139) | 13-Aug-19 | YES |
CVE-2019-1201 | 1009909 | Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1201) | 13-Aug-19 | YES |
CVE-2019-1197 | 1009908 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1197) | 13-Aug-19 | YES |