Microsoft July 2019 Patch Tuesday fixes zero-day exploited by Russian hackers

Microsoft patches 77 security flaws, including 15 rated "critical."

Microsoft's plan to split Windows 10 from shell is happening Windows 10 preview shows signs of Windows OS separating from the shell in line with Microsoft's modular plans.

Earlier today, Microsoft published its monthly roll-up of security updates known as Patch Tuesday. This month, the Redmond-based company patched 77 vulnerabilities, including two zero-days -- security flaws that were being actively exploited in the wild.

The two zero-days are CVE-2019-0880 and CVE-2019-1132, and both are privilege escalation issues.

They don't allow hackers to take over users' computers remotely, but are used after the hacker has gained access to a system to elevate access rights to a high-privileged account.

The most important of the two zero-days patched today is CVE-2019-1132, a privilege escalation in the Win32k component. The zero-day was discovered by ESET as part of the attack chain of a group of Russian state-funded hackers. The company told ZDNet it plans to publish an in-depth blog post about these attacks and the zero-day tomorrow, July 10.

The second zero-day is CVE-2019-0880. This one is also a privilege escalation, but in splwow64.exe, another Windows core process. This vulnerability was discovered by Resecurity, and no other details about in-the-wild exploitation are currently available.

Besides these two highly critical flaws, Microsoft also patched six other vulnerabilities whose exploitation details became public and could have helped attackers; however, they were not exploited until today, when Microsoft shipped patches. These include:

On top of these, there are also 15 security flaws in the July 2018 Patch Tuesday that have a rating of "Critical," which is Microsoft's highest severity rating.

These include remote code execution and memory corruption flaws in the Windows DHCP server service and the Chakra scripting engine that's used with Microsoft Edge. These are privately reported vulnerabilities, but due to their nature, they will most likely be targeted for exploitation in the future, and patches will need to be applied.

Since the Microsoft Patch Tuesday is also the day when other vendors also release security patches, it's also worth mentioning that Adobe and SAP have also published their respective security updates earlier today.

More in-depth information on today's Patch Tuesday updates is available on Microsoft's official Security Update Guide portal. You can also consult the table embedded below, this Patch Tuesday report generated by ZDNet, or this one, put together by Trend Micro.

TagCVE IDCVE Title
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates
Microsoft Exchange Server ADV190021 Outlook on the web Cross-Site Scripting Vulnerability
.NET Framework CVE-2019-1083 .NET Denial of Service Vulnerability
.NET Framework CVE-2019-1113 .NET Framework Remote Code Execution Vulnerability
.NET Framework CVE-2019-1006 WCF/WIF SAML Token Authentication Bypass Vulnerability
ASP.NET CVE-2019-1075 ASP.NET Core Spoofing Vulnerability
Azure CVE-2019-0962 Azure Automation Elevation of Privilege Vulnerability
Azure DevOps CVE-2019-1076 Team Foundation Server Cross-site Scripting Vulnerability
Azure DevOps CVE-2019-1072 Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability
Internet Explorer CVE-2019-1063 Internet Explorer Memory Corruption Vulnerability
Microsoft Browsers CVE-2019-1104 Microsoft Browser Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2019-1136 Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server CVE-2019-1137 Microsoft Exchange Server Spoofing Vulnerability
Microsoft Graphics Component CVE-2019-1118 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1119 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1117 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1127 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1116 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-1120 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1124 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-0999 DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2019-1128 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1121 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1122 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1123 DirectWrite Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1097 DirectWrite Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-1096 Win32k Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-1101 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-1098 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-1095 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-1102 GDI+ Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2019-1100 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-1094 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2019-1093 DirectWrite Information Disclosure Vulnerability
Microsoft Office CVE-2019-1084 Microsoft Exchange Information Disclosure Vulnerability
Microsoft Office CVE-2019-1111 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2019-1110 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2019-1109 Microsoft Office Spoofing Vulnerability
Microsoft Office CVE-2019-1112 Microsoft Excel Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2019-1134 Microsoft Office SharePoint XSS Vulnerability
Microsoft Scripting Engine CVE-2019-1062 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-1004 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-1001 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-1059 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-1056 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-1106 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-1092 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-1103 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2019-1107 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2019-1067 Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-1074 Microsoft Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-1091 Microsoft unistore.dll Information Disclosure Vulnerability
Microsoft Windows CVE-2019-1082 Microsoft Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0975 ADFS Security Feature Bypass Vulnerability
Microsoft Windows CVE-2019-1130 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-1129 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-1037 Windows Error Reporting Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0880 Microsoft splwow64 Elevation of Privilege Vulnerability
Microsoft Windows CVE-2019-0865 SymCrypt Denial of Service Vulnerability
Microsoft Windows CVE-2019-0785 Windows DHCP Server Remote Code Execution Vulnerability
Microsoft Windows CVE-2019-0887 Remote Desktop Services Remote Code Execution Vulnerability
Microsoft Windows CVE-2019-0966 Windows Hyper-V Denial of Service Vulnerability
Microsoft Windows CVE-2019-1126 ADFS Security Feature Bypass Vulnerability
Microsoft Windows DNS CVE-2019-1090 Windows dnsrlvr.dll Elevation of Privilege Vulnerability
Microsoft Windows DNS CVE-2019-0811 Windows DNS Server Denial of Service Vulnerability
Open Source Software CVE-2018-15664 Docker Elevation of Privilege Vulnerability
SQL Server CVE-2019-1068 Microsoft SQL Server Remote Code Execution Vulnerability
Visual Studio CVE-2019-1077 Visual Studio Elevation of Privilege Vulnerability
Visual Studio CVE-2019-1079 Visual Studio Information Disclosure Vulnerability
Windows Kernel CVE-2019-1073 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2019-1132 Win32k Elevation of Privilege Vulnerability
Windows Kernel CVE-2019-1071 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2019-1089 Windows RPCSS Elevation of Privilege Vulnerability
Windows Media CVE-2019-1086 Windows Audio Service Elevation of Privilege Vulnerability
Windows Media CVE-2019-1088 Windows Audio Service Elevation of Privilege Vulnerability
Windows Media CVE-2019-1087 Windows Audio Service Elevation of Privilege Vulnerability
Windows Media CVE-2019-1085 Windows WLAN Service Elevation of Privilege Vulnerability
Windows RDP CVE-2019-1108 Remote Desktop Protocol Client Information Disclosure Vulnerability
Windows Shell CVE-2019-1099 Windows GDI Information Disclosure Vulnerability

More vulnerability reports: