July 2019 - Microsoft Releases Security Patches

Microsoft addresses vulnerabilities in its July security bulletin. Trend Micro Deep Security covers the following:

• CVE-2019-1001 - Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the improper handling of objects in memory by the scripting engine in Microsoft browsers. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability.



• CVE-2019-1004 - Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the improper handling of objects in memory by the scripting engine in Microsoft browsers. Attackers looking to exploit this vulnerability must find a way to convince a user to visit a specially crafted website that contains an exploit to this vulnerability.



• CVE-2019-1062 - Chakra Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the handling of objects in memory in the Chakra scripting engine of Microsoft Edge. Attackers looking to exploit this vulnerability may host a specially crafted website that contains an exploit to this vulnerability.



• CVE-2019-1063 - Internet Explorer Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the handling of objects in memory by Internet Explorer. Attackers looking to exploit this vulnerability may host a specially crafted website that contains an exploit to this vulnerability.



• CVE-2019-1092 - Chakra Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the handling of objects in memory in the Chakra scripting engine of Microsoft Edge. Attackers looking to exploit this vulnerability may host a specially crafted website that contains an exploit to this vulnerability.



• CVE-2019-1103 - Chakra Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the improper handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability may create a specially crafted webpage that contains an exploit to this vulnerability.



• CVE-2019-1104 - Microsoft Browser Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the improper handling of objects in memory by Microsoft browsers. Attackers looking to exploit this vulnerability may create a specially crafted webpage that contains an exploit to this vulnerability.



• CVE-2019-1106 - Chakra Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability may gain the same user rights as the currently logged on user.



• CVE-2019-1107 - Chakra Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the handling of objects in memory by the Chakra scripting engine in Microsoft Edge. Attackers looking to exploit this vulnerability may gain the same user rights as the currently logged on user.



• CVE-2019-1112 - Microsoft Excel Information Disclosure Vulnerability
  Risk Rating: Important
  
  This information disclosure vulnerability exists in the disclosure of memory contents by Microsoft Excel. Attackers looking to exploit this vulnerability may host a specially crafted file that contains an exploit to this vulnerability.