Microsoft Security Bulletin Coverage for March 2019

March 12, 2019

SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of March 2019. A list of issues reported, along with SonicWall coverage information are as follows:

CVE-2019-0592 Chakra Scripting Engine Memory Corruption Vulnerability
IPS14081:Chakra Scripting Engine Memory Corruption Vulnerability (Mar 19)
CVE-2019-0603 Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0609 Scripting Engine Memory Corruption Vulnerability
IPS14083:Scripting Engine Memory Corruption Vulnerability (Mar 19) 4
CVE-2019-0611 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-0612 Microsoft Edge Security Feature Bypass Vulnerability
IPS14084:Microsoft Edge Security Feature Bypass Vulnerability (Mar 19)
CVE-2019-0614 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0617 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0639 Scripting Engine Memory Corruption Vulnerability
IPS14085:Scripting Engine Memory Corruption Vulnerability (Mar 19) 5
CVE-2019-0665 Windows VBScript Engine Remote Code Execution Vulnerability
IPS14086:Windows VBScript Engine Remote Code Execution Vulnerability (Mar 19) 1
CVE-2019-0666 Windows VBScript Engine Remote Code Execution Vulnerability
IPS14087:Windows VBScript Engine Remote Code Execution Vulnerability (Mar 19) 2
CVE-2019-0667 Windows VBScript Engine Remote Code Execution Vulnerability
IPS14088:Windows VBScript Engine Remote Code Execution Vulnerability (Mar 19) 3
CVE-2019-0678 Microsoft Edge Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0680 Scripting Engine Memory Corruption Vulnerability
IPS14078:Scripting Engine Memory Corruption Vulnerability (MAR 19) 4
CVE-2019-0682 Windows Subsystem for Linux Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0683 Active Directory Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0689 Windows Subsystem for Linux Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0690 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-0692 Windows Subsystem for Linux Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0693 Windows Subsystem for Linux Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0694 Windows Subsystem for Linux Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0695 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-0696 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0697 Windows DHCP Client Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0698 Windows DHCP Client Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0701 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-0702 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0703 Windows SMB Information Disclosure Vulnerability
IPS14082:Windows SMB Information Disclosure (MAR 19) 1
CVE-2019-0704 Windows SMB Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0726 Windows DHCP Client Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0746 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-0748 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0754 Windows Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2019-0755 Windows Kernel Information Disclosure Vulnerability
ASPY5429:Malformed-File exe.MP.59
CVE-2019-0756 MS XML Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0757 NuGet Package Manager Tampering Vulnerability
There are no known exploits in the wild.
CVE-2019-0759 Windows Print Spooler Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0761 Internet Explorer Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0762 Microsoft Browsers Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0763 Internet Explorer Memory Corruption Vulnerability
IPS14080:Internet Explorer Memory Corruption Vulnerability (MAR 19) 1
CVE-2019-0765 Comctl32 Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0766 Microsoft Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2019-0767 Windows Kernel Information Disclosure Vulnerability
ASPY5430:Malformed-File exe.MP.60
CVE-2019-0768 Internet Explorer Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0769 Scripting Engine Memory Corruption Vulnerability
IPS14079:Scripting Engine Memory Corruption Vulnerability (MAR 19) 5
CVE-2019-0770 Scripting Engine Memory Corruption Vulnerability
IPS14075:Scripting Engine Memory Corruption Vulnerability (Mar 19) 1
CVE-2019-0771 Scripting Engine Memory Corruption Vulnerability
IPS14076:Scripting Engine Memory Corruption Vulnerability (Mar 19) 2
CVE-2019-0772 Windows VBScript Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0773 Scripting Engine Memory Corruption Vulnerability
IPS14077:Scripting Engine Memory Corruption Vulnerability (Mar 19) 3
CVE-2019-0774 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0775 Windows Kernel Information Disclosure Vulnerability
ASPY5431:Malformed-File exe.MP.61
CVE-2019-0776 Win32k Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0777 Team Foundation Server Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2019-0778 Microsoft Office SharePoint XSS Vulnerability
There are no known exploits in the wild.
CVE-2019-0779 Microsoft Edge Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-0780 Microsoft Browser Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-0782 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2019-0783 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2019-0784 Windows ActiveX Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0797 Win32k Elevation of Privilege Vulnerability
ASPY5432:Malformed-File exe.MP.62
CVE-2019-0798 Skype for Business and Lync Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2019-0808 Win32k Elevation of Privilege Vulnerability
ASPY5433:Malformed-File dll.MP.3
CVE-2019-0809 Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2019-0816 Azure SSH Keypairs Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2019-0821 Windows SMB Information Disclosure Vulnerability
There are no known exploits in the wild.