VERT Threat Alert: February 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-817 on Wednesday, February 13th. 

In-The-Wild & Disclosed CVEs 

CVE-2019-0676

The first vulnerability in the list today is an Internet Explorer vulnerability that is already seeing active exploitation. A flaw in how IE handles objects in memory can disclose the presence of files on disk when targets visit a malicious website. In order to exploit this, the attacker would have to convince the target to visit the malicious website.

Microsoft has rated this as a 0 on the Exploitability Index (Exploitation Detected).

CVE-2019-0636

A vulnerability exists within Windows that could allow code executed on a system to read the contents of files on the disk that it should not be able to access. This vulnerability has been publicly disclosed but has not seen active exploitation.

Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely).

CVE-2019-0686

A vulnerability exists in the communication between Exchange Web Services clients and Exchange Severs that could allow a man-in-the-middle attacker to forward authentication requests to the Exchange Server and access the mailbox of other users. This vulnerability has been publicly disclosed but has not seen active exploitation.

Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely).

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.