Sunday, June 21, 2026

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Creators Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
    • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » VERT Threat Alert: January 2019 Patch Tuesday Analysis

SBN

VERT Threat Alert: January 2019 Patch Tuesday Analysis

Avatar photo by Tyler Reguly on January 8, 2019

Today’s VERT Alert addresses Microsoft’s January 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-812 on Wednesday, January 9th. 

In-The-Wild & Disclosed CVEs

CVE-2019-0579

The Windows Jet Database Engine improperly handles objects in memory and, if an attacker can convince a victim to open a malicious file, exploitation of this vulnerability could lead to code execution.

Microsoft has rated this as a 3 on the Exploitability Index (Exploitation Unlikely).

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

 

Tag
CVE Count
CVEs
Windows Hyper-V
2
CVE-2019-0550, CVE-2019-0551
Microsoft Edge
2
CVE-2019-0565, CVE-2019-0566
Windows Subsystem for Linux
11
CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584
ASP.NET
2
CVE-2019-0548, CVE-2019-0564
Microsoft Windows
6
CVE-2019-0543, CVE-2019-0570, CVE-2019-0571, CVE-2019-0572, CVE-2019-0573, CVE-2019-0574
.NET Framework
1
CVE-2019-0545
Windows COM
1
CVE-2019-0552
Visual Studio
2
CVE-2019-0537, CVE-2019-0546
Windows Kernel
4
CVE-2019-0536, CVE-2019-0549, CVE-2019-0554, CVE-2019-0569
Windows DHCP Client
1
CVE-2019-0547
Microsoft Exchange Server
2
CVE-2019-0586, CVE-2019-0588
Internet Explorer
1
CVE-2019-0541
Microsoft XML
1
CVE-2019-0555
Android App
1
CVE-2019-0622
Microsoft Office
4
CVE-2019-0585, CVE-2019-0559, CVE-2019-0560, CVE-2019-0561
Microsoft Scripting Engine
3
CVE-2019-0539, CVE-2019-0567, CVE-2019-0568
Microsoft Office SharePoint
4
CVE-2019-0556, CVE-2019-0557, CVE-2019-0558, CVE-2019-0562

 

Other Information

In addition to the Microsoft vulnerabilities included in the January Security Guidance, a pair of Adobe bulletins are available today.

January 2019 Adobe Flash Update [ADV190001]

Microsoft released an update for Adobe Flash. This corresponds with Adobe Update APSB19-01. This is a non-security update and includes no new CVEs.

Security Bulletin for Adobe Acrobat and Reader [APSB19-02]

Adobe has released security updates for Adobe Acrobat and Reader. This includes fixes for 2 CVEs: CVE-2018-16011 and CVE-2018-16-18.


Recent Articles By Author
  • Why We’ll Never Patch Everything, and That’s Okay 
  • VERT Threat Alert: October 2022 Patch Tuesday Analysis
  • Turning a Pico into a Human Interface Device (HID)
Avatar photo More from Tyler Reguly

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tyler Reguly. Read the original post at: https://www.tripwire.com/state-of-security/vert/vert-alert-january-2019-patch-tuesday/

January 8, 2019January 8, 2019 Tyler Reguly Patch Tuesday, VERT
  • ← ZeroNights 2018, Junyu Zhou’s, Wenxu Wu’s ‘Attack Surfaces Against GIT Web Servers Used By Thousands Of Developers’
  • Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending →
Avatar photo

Tyler Reguly

Tyler Reguly is Associate Director, Security R&D at Fortra, responsible for overseeing a team of researchers that provide the security expertise for the company’s integrity and compliance monitoring solution. Tyler joined Fortra in 2022 when the company acquired Tripwire, where Tyler had been a part of the research team for more than fifteen years. In addition to security research, Tyler has worked closely with Fanshawe College, from which he graduated with a diploma in Computer Systems Technology, developing five courses including subjects like Advanced Hacker Techniques & Tactics, Hacking and Exploits, Malware Research, Evolving Technologies and Threats, and Python Programming. He has also taught all five courses that he developed on multiple occasions.

tyler-reguly has 119 posts and counting.See all posts by tyler-reguly

Techstrong TV

Click full-screen to enable volume control
Watch latest episodes and shows

Tech Field Day Events

Upcoming Webinars

True Agentic SecOps at Lakehouse Scale
Agentic Software Delivery in 2026: How To Bridge The Gap Between AI Ambition and Delivery Confidence
Untangling the EU Cyber Resilience Act
The Software Supply Chain Just Got Harder to See
Building a Resilient Security Culture in the AI Era with AWS & Datadog

Podcast

Listen to all of our podcasts

Secure by Design

2 weeks ago | Jack Poller

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

4 weeks ago | Jack Poller

NIST’s Nine: The PQC Signature Race Moves to Round Three

4 weeks ago | Jack Poller

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

1 month ago | Jack Poller

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

1 month ago | Jack Poller

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

Most Read on the Boulevard

Databricks Acquires Cybersecurity Startup Panther Labs to Fortify AI Defense
SailPoint Acquires Entro to Continuously Detect and Monitor Non-Human Identities
MSG Breach: Knicks Take the NBA Championship, ShinyHunters Takes the Data 
Malwarebytes Finds Ad Scams Hidden in 40+ World Cup Streaming Sites
F5 Embeds Neural Network in WAF Platform to Continuously Assess Risks
FortiBleed Leak Exposes VPN Credentials for Nearly 74,000 Fortinet Devices
CVE-2026-35273: Active Exploitation of Oracle PeopleSoft Zero-Day Vulnerability
Kodak Confirms Data Breach Claimed by ShinyHunters Extortion Gang
Microsoft Defender Zero-Day Privilege Escalation Vulnerability (RoguePlanet)
GitHub Locks Down npm: What the New Install Defaults Mean for Your Supply Chain

Industry Spotlight

NYC Sewers Crawling With Rats and Potential Bad Actors 
Cybersecurity Featured Industry Spotlight Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches 

NYC Sewers Crawling With Rats and Potential Bad Actors 

June 18, 2026 Teri Robinson | 2 days ago 0
Anthropic Mythos AI Model Strikes Fear in Trump Administration, U.S. Banks
Cloud Security Cybersecurity Data Privacy Data Security Featured Incident Response Industry Spotlight Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches Vulnerabilities 

Anthropic Mythos AI Model Strikes Fear in Trump Administration, U.S. Banks

April 12, 2026 Jeffrey Burt | Apr 12 Comments Off on Anthropic Mythos AI Model Strikes Fear in Trump Administration, U.S. Banks
The Day the Security Music Died
AI and Machine Learning in Security Cybersecurity Featured Industry Spotlight Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

The Day the Security Music Died

April 8, 2026 Alan Shimel | Apr 08 Comments Off on The Day the Security Music Died

Top Stories

Job Seekers Make for Vulnerable Targets
Cybersecurity Data Privacy Data Security Featured News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

Job Seekers Make for Vulnerable Targets

June 19, 2026 Teri Robinson | 1 day ago 0
MSG Breach: Knicks Take the NBA Championship, ShinyHunters Takes the Data 
Cybersecurity Data Security Featured News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

MSG Breach: Knicks Take the NBA Championship, ShinyHunters Takes the Data 

June 18, 2026 Teri Robinson | 2 days ago 0
Trying to Control AI is Like Holding Sand
AI and Machine Learning in Security Cybersecurity Featured News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

Trying to Control AI is Like Holding Sand

June 17, 2026 Alan Shimel | 3 days ago 0

Security Humor

Fortinet® Follies

Fortinet® Follies

Download Free eBook

[su_panel border="0px solid #ddd" radius="0" text_align="center" padding-top="0px" padding-bottom="0px"]
Managing the AppSec Toolstack
[/su_panel]

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Creators Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2026 Techstrong Group Inc. All rights reserved.
×

Insert/edit link

Enter the destination URL

Or link to existing content

    No search term specified. Showing recent items. Search or use up and down arrow keys to select an item.