Home > Cyber News > Actively Exploited CVE-2019-0797, CVE-2019-0808 Fixed in March 2019 Patch Tuesday

Actively Exploited CVE-2019-0797, CVE-2019-0808 Fixed in March 2019 Patch Tuesday

March 2019 Patch Tuesday is here, addressing 64 vulnerabilities in Windows, 17 of which are critical, 45 important, oe moderate and another one low-severity in rating. Two of these vulnerabilities, CVE-2019-0797 and CVE-2019-0808, have been exploited in the wild.

This month’s Patch Tuesday addressed flaws in .NET Framework, Microsoft Edge, Exchange, Internet Explorer, Microsoft Office, Office Services and Web Apps, NuGet, Team Foundation Server, and Windows. It’s important to note that seven of the vulnerabilities were disclosed via Trend Micro’s Zero Day Initiative.

More about CVE-2019-0797 and CVE-2019-0808

CVE-2019-0797 and CVE-2019-0808 are described as Win32k elevation of privilege vulnerabilities which are nearly identical.

As explained by Trend Micro’s Zero Day Initiative, one was reported by Kaspersky Labs while the other was reported by the Google Threat Analysis Group, which implies both of these have been spotted in targeted malware. The vulnerabilities could allow an attacker to elevate privileges and take over a system after access to this system is already obtained.

Related: [wplinkpreview url=”https://sensorstechforum.com/facebook-server-rce-vulnerability/”] Facebook Server RCE Vulnerability Disclosed

While flaws in Win32k are rated Important due to the access requirement, the impact of successful attacks shows why they shouldn’t be ignored, the researchers said.

As for the rest of the vulnerabilities addressed through this month’s share of patches, nearly all of the critical flaws could lead remote execution attacks, where different versions of Windows 10 and Server editions could be impacted. Most of these vulnerabilities are located in Chakra Scripting Engine, VBScript Engine, DHCP Client, and IE.

The rest of the flaws could be exploited in information disclosure and denial-of-service attacks.

As for users who may experience issues with updates, Microsoft just introduced a new safety feature which is designed to improve the way updates are installed and removed on Windows 10. The new feature will automatically uninstall problematic software updates whenever Windows 10 detects a startup failure. From now on, Microsoft will be removing [wplinkpreview url=”https://sensorstechforum.com/buggy-windows-10-updates-uninstalled-automatically/”] recently installed updates which turned out buggy.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree