Microsoft’s April 2019 Patch Tuesday is out, which means Windows admins are getting ready to pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month’s updates are fixes for two vulnerabilities that have been spotted being actively exploited in the wild.
With the release of the April 2019 security updates, Microsoft has released 2 advisories and updates for 74 vulnerabilities, with 15 being classified as Critical. These updates include fixes for actively exploited vulnerabilities discovered by Kaspersky Lab and the Alibaba Cloud Intelligence Security Team.
For information about the non-security Windows updates, you can read about today’s Windows 10 April 2019 Cumulative Updates.
All users should install these security updates as soon as possible to protect Windows from security risks.
Security updates for two actively exploited vulnerabilities
Today’s updates also includes fixes for two Win32k Elevation of Privilege vulnerabilities that are known to be actively exploited in the wild.
The first Win32K Elevation of Privilege vulnerability was discovered by the Alibaba Cloud Intelligence Security Team and has been assigned the ID CVE-2019-0803. The second was discovered by Kaspersky and has been assigned the ID CVE-2019-0859.
Both vulnerabilities have been assigned a severity level of Important and are caused when the Win32k component fails to properly handle objects in memory. If exploited, the vulnerabilities would allow attackers to install programs; view, change, or delete data; or create new accounts with full user rights.
It is not known how these vulnerabilities are being exploited, but as one was discovered by Kaspersky, it may be malware related.
The April 2019 Patch Tuesday Security Updates
Below is the full list of vulnerabilities resolved, advisories, and SSUs in the April 2019 Patch Tuesday updates.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET Core | CVE-2019-0815 | ASP.NET Core Denial of Service Vulnerability | Important |
| Adobe Flash Player | ADV190011 | April 2019 Adobe Flash Security Update | Critical |
| CSRSS | CVE-2019-0735 | Windows CSRSS Elevation of Privilege Vulnerability | Important |
| Microsoft Browsers | CVE-2019-0764 | Microsoft Browsers Tampering Vulnerability | Important |
| Microsoft Edge | CVE-2019-0833 | Microsoft Edge Information Disclosure Vulnerability | Important |
| Microsoft Exchange Server | CVE-2019-0817 | Microsoft Exchange Spoofing Vulnerability | Important |
| Microsoft Exchange Server | CVE-2019-0858 | Microsoft Exchange Spoofing Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0803 | Win32k Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0802 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0849 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability | Critical |
| Microsoft JET Database Engine | CVE-2019-0851 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0879 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0877 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0847 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-0846 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0826 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0801 | Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0823 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0828 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0822 | Microsoft Graphics Components Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0827 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0824 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-0825 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-0831 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-0830 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2019-0752 | Scripting Engine Memory Corruption Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2019-0861 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0862 | Scripting Engine Memory Corruption Vulnerability | Low |
| Microsoft Scripting Engine | CVE-2019-0860 | Chakra Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-0835 | Microsoft Scripting Engine Information Disclosure Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2019-0753 | Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-0806 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0739 | Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0810 | Chakra Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-0812 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-0829 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Windows | CVE-2019-0840 | Windows Kernel Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0838 | Windows Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0796 | Windows Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2019-0839 | Windows Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0836 | Windows Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2019-0837 | DirectX Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0794 | OLE Automation Remote Code Execution Vulnerability | Important |
| Microsoft Windows | CVE-2019-0814 | Win32k Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0805 | Windows Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2019-0848 | Win32k Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0730 | Windows Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2019-0688 | Windows TCP/IP Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability | Critical |
| Microsoft Windows | CVE-2019-0685 | Win32k Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2019-0842 | Windows VBScript Engine Remote Code Execution Vulnerability | Important |
| Microsoft Windows | CVE-2019-0841 | Windows Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2019-0731 | Windows Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2019-0732 | Windows Security Feature Bypass Vulnerability | Important |
| Microsoft XML | CVE-2019-0793 | MS XML Remote Code Execution Vulnerability | Critical |
| Microsoft XML | CVE-2019-0791 | MS XML Remote Code Execution Vulnerability | Critical |
| Microsoft XML | CVE-2019-0790 | MS XML Remote Code Execution Vulnerability | Critical |
| Microsoft XML | CVE-2019-0792 | MS XML Remote Code Execution Vulnerability | Critical |
| Microsoft XML | CVE-2019-0795 | MS XML Remote Code Execution Vulnerability | Critical |
| Open Source Software | CVE-2019-0876 | Open Enclave SDK Information Disclosure Vulnerability | Important |
| Servicing Stack Updates | ADV990001 | Latest Servicing Stack Updates | Critical |
| Team Foundation Server | CVE-2019-0870 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Team Foundation Server | CVE-2019-0869 | Team Foundation Server HTML Injection Vulnerability | Important |
| Team Foundation Server | CVE-2019-0868 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Team Foundation Server | CVE-2019-0874 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Team Foundation Server | CVE-2019-0871 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Team Foundation Server | CVE-2019-0875 | Azure DevOps Server Elevation of Privilege Vulnerability | Important |
| Team Foundation Server | CVE-2019-0867 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Team Foundation Server | CVE-2019-0857 | Team Foundation Server Spoofing Vulnerability | Important |
| Team Foundation Server | CVE-2019-0866 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Windows Admin Center | CVE-2019-0813 | Windows Admin Center Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2019-0856 | Windows Remote Code Execution Vulnerability | Important |
| Windows Kernel | CVE-2019-0859 | Win32k Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2019-0844 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows SMB Server | CVE-2019-0786 | SMB Server Elevation of Privilege Vulnerability | Critical |
