Image

In-The-Wild & Disclosed CVEs
CVE-2019-1053
An issue where Windows Shell fails to properly validate folder shortcuts could lead to sandbox escape. The attacker would require the ability to execute code on the system to exploit this vulnerability. This appears to be the SandboxEscaper IE 11 Sandbox Escape documented by Bleeping Computer. Microsoft has rated this as a 1 (Exploitation More Likely) on the Exploitability Index.CVE-2019-1064
An attacker who is logged into a system could take advantage of a flaw in the Windows AppX Deployment Service (AppXSVC) to gain control of an impacted system. This flaw exists due to AppXSVC failing to properly handle hard links. This appears to be part of the SandboxEscaper zero-day releases documented by Bleeping Computer. Microsoft has rated this as a 1 (Exploitation More Likely) on the Exploitability Index.CVE-2019-1069
A file operation validation flaw in the Task Schedule Service can lead to elevated privileges on a system. This appears to be part of the SandboxEscaper zero-day releases documented by Bleeping Computer. Microsoft has rated this as a 1 (Exploitation More Likely) on the Exploitability Index.CVE-2019-0973
This vulnerability allows privilege escalation because the Windows Installer can insecurely load libraries due to a failure to properly sanitize input. Successful exploitation would lead to a full compromise of the system. This appears to be part of the SandboxEscaper zero-day releases documented by Bleeping Computer. Microsoft has rated this as a 2 (Exploitation Less Likely) on the Exploitability Index.CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.
Tag |
CVE Count |
CVEs |
Team Foundation Server |
1 |
CVE-2019-0996 |
Windows NTLM |
1 |
CVE-2019-1019 |
Windows Hyper-V |
1 |
CVE-2019-0620 |
Microsoft JET Database Engine |
7 |
CVE-2019-0904, CVE-2019-0905, CVE-2019-0906, CVE-2019-0907, CVE-2019-0908, CVE-2019-0909, CVE-2019-0974 |
VBScript |
1 |
CVE-2019-1005 |
Microsoft Windows |
17 |
CVE-2019-0888, CVE-2019-0943, CVE-2019-0948, CVE-2019-0959, CVE-2019-0984, CVE-2019-0709, CVE-2019-0710, CVE-2019-0711, CVE-2019-0713, CVE-2019-0722, CVE-2019-0983, CVE-2019-0998, CVE-2019-1025, CVE-2019-1043, CVE-2019-1045, CVE-2019-1064, CVE-2019-1069 |
Kerberos |
1 |
CVE-2019-0972 |
Microsoft Edge |
1 |
CVE-2019-1054 |
Microsoft Graphics Component |
17 |
CVE-2019-1009, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1018, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050, CVE-2019-0960, CVE-2019-0968, CVE-2019-0977, CVE-2019-0985 |
Microsoft Browsers |
2 |
CVE-2019-1038, CVE-2019-1081 |
Windows IIS |
1 |
CVE-2019-0941 |
Windows Installer |
1 |
CVE-2019-0973 |
Windows Kernel |
6 |
CVE-2019-1014, CVE-2019-1017, CVE-2019-1039, CVE-2019-1041, CVE-2019-1044, CVE-2019-1065 |
Windows Media |
6 |
CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028 |
Windows Authentication Methods |
1 |
CVE-2019-1040 |
Skype for Business and Microsoft Lync |
1 |
CVE-2019-1029 |
Windows Shell |
2 |
CVE-2019-0986, CVE-2019-1053 |
Microsoft Office |
2 |
CVE-2019-1034, CVE-2019-1035 |
Microsoft Scripting Engine |
15 |
CVE-2019-0988, CVE-2019-0989, CVE-2019-1055, CVE-2019-0920, CVE-2019-0990, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1023, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052, CVE-2019-1080 |
Microsoft Office SharePoint |
4 |
CVE-2019-1036, CVE-2019-1031, CVE-2019-1032, CVE-2019-1033 |