Microsoft Security Update Fixed 36 Bugs Including Win32k Zero-day That Allow Hackers to Run Arbitrary Code Remotely

Microsoft Security Update Fixed 36 Bugs Including Win32k Zero-day That Allow Hackers to Run Arbitrary Code Remotely

Microsoft security updates

Microsoft released a security update under patch Tuesday for various Microsoft products and fixed more than 30 vulnerabilities including severe Windows Win32k zero-day.

Out of 36 vulnerabilities, 7 rated as Critical, 27 rated as Important, 1 fixed as Moderate, and one as Low.

The December patch Tuesday security release consists of security updates for the following software:

• Microsoft Windows
• Internet Explorer
• Microsoft Office and Microsoft Office Services and Web Apps
• SQL Server
• Visual Studio
• Skype for Business

Win32k Zero-day

Microsoft fixed a severe elevation privilege vulnerability that uncovered in Windows, and the vulnerability can be triggered when the Win32k component fails to properly handle objects in memory.

In order to exploit the vulnerability (CVE-2019-1458), an attacker needs to gain the system access and run the specially crafted application and take over the vulnerable system.

Hackers exploiting the Windows EoP 0-day exploit CVE-2019-1458 used in Operation called WizardOpium.

Once the attacker gains the successful access, the vulnerability could allow him to run an arbitrary code in kernel mode which enables an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.

Last month GBHackers reported that another vulnerability that was previously used to exploit the chrome browser, and it was actively exploited under the same WizardOpiu operation. 

Microsoft Security Update

Tag	CVE ID	CVE Title	Severity
	ADV190026	Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for Business	Unknown
End of Life Software	CVE-2019-1489	Remote Desktop Protocol Information Disclosure Vulnerability	Important
Microsoft Graphics Component	CVE-2019-1465	Windows GDI Information Disclosure Vulnerability	Important
Microsoft Graphics Component	CVE-2019-1468	Win32k Graphics Remote Code Execution Vulnerability	Critical
Microsoft Graphics Component	CVE-2019-1466	Windows GDI Information Disclosure Vulnerability	Important
Microsoft Graphics Component	CVE-2019-1467	Windows GDI Information Disclosure Vulnerability	Important
Microsoft Office	CVE-2019-1400	Microsoft Access Information Disclosure Vulnerability	Important
Microsoft Office	CVE-2019-1464	Microsoft Excel Information Disclosure Vulnerability	Important
Microsoft Office	CVE-2019-1461	Microsoft Word Denial of Service Vulnerability	Important
Microsoft Office	CVE-2019-1462	Microsoft PowerPoint Remote Code Execution Vulnerability	Important
Microsoft Office	CVE-2019-1463	Microsoft Access Information Disclosure Vulnerability	Important
Microsoft Scripting Engine	CVE-2019-1485	VBScript Remote Code Execution Vulnerability	Low
Microsoft Windows	CVE-2019-1453	Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability	Important
Microsoft Windows	CVE-2019-1476	Windows Elevation of Privilege Vulnerability	Important
Microsoft Windows	CVE-2019-1477	Windows Printer Service Elevation of Privilege Vulnerability	Important
Microsoft Windows	CVE-2019-1474	Windows Kernel Information Disclosure Vulnerability	Important
Microsoft Windows	CVE-2019-1478	Windows COM Server Elevation of Privilege Vulnerability	Important
Microsoft Windows	CVE-2019-1483	Windows Elevation of Privilege Vulnerability	Important
Microsoft Windows	CVE-2019-1488	Microsoft Defender Security Feature Bypass Vulnerability	Important
Open Source Software	CVE-2019-1487	Microsoft Authentication Library for Android Information Disclosure Vulnerability	Important
Servicing Stack Updates	ADV990001	Latest Servicing Stack Updates	Critical
Skype for Business	CVE-2019-1490	Skype for Business Server Spoofing Vulnerability	Important
SQL Server	CVE-2019-1332	Microsoft SQL Server Reporting Services XSS Vulnerability	Important
Visual Studio	CVE-2019-1350	Git for Visual Studio Remote Code Execution Vulnerability	Critical
Visual Studio	CVE-2019-1349	Git for Visual Studio Remote Code Execution Vulnerability	Critical
Visual Studio	CVE-2019-1486	Visual Studio Live Share Spoofing Vulnerability	Important
Visual Studio	CVE-2019-1387	Git for Visual Studio Remote Code Execution Vulnerability	Critical
Visual Studio	CVE-2019-1354	Git for Visual Studio Remote Code Execution Vulnerability	Critical
Visual Studio	CVE-2019-1351	Git for Visual Studio Tampering Vulnerability	Moderate
Visual Studio	CVE-2019-1352	Git for Visual Studio Remote Code Execution Vulnerability	Critical
Windows Hyper-V	CVE-2019-1471	Windows Hyper-V Remote Code Execution Vulnerability	Critical
Windows Hyper-V	CVE-2019-1470	Windows Hyper-V Information Disclosure Vulnerability	Important
Windows Kernel	CVE-2019-1472	Windows Kernel Information Disclosure Vulnerability	Important
Windows Kernel	CVE-2019-1458	Win32k Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2019-1469	Win32k Information Disclosure Vulnerability	Important
Windows Media Player	CVE-2019-1480	Windows Media Player Information Disclosure Vulnerability	Important
Windows Media Player	CVE-2019-1481	Windows Media Player Information Disclosure Vulnerability	Important
Windows OLE	CVE-2019-1484	Windows OLE Remote Code Execution Vulnerability	Important

Since the zero-day under active attack, Microsoft strongly recommended installing these security updates for all the windows users to avoid the security risk and protect your Windows.

You can refer the complete patch details for the full list of vulnerabilities resolved, advisories, in the November 2019 Patch here.

You can follow us on Linkedin, Instagram, Facebook for daily Cyber-security and hacking news updates

Thank's and Regards,

Shubham Yadav

( Cyber Security Expert )