Today’s VERT Alert addresses Microsoft’s March 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-821 on Wednesday, March 13th. 

In-The-Wild & Disclosed CVEs

CVE-2019-0754

This CVE describes a Denial of Service vulnerability that could cause a target system to stop responding when code is executed on the local system.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the Exploitability Index.

CVE-2019-0757

This CVE describes a vulnerability in the NuGet Package Manager on Linux and macOS. The NuGet Package Manager is the package manager for .NET. An authenticated attacker can modify a package’s folder structure allowing the modification of files and folders during the unpackaging process.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the Exploitability Index.

CVE-2019-0797

A vulnerability in Win32k could allow an attacker to execute code in kernel mode. Exploitation of this vulnerability has been detected with Windows 7, Server 2008, and Server 2008 R2.

Microsoft has rated this as a 0 (Exploitation Detected) on the Exploitability Index for older software releases and a 3 (Exploitation Unlikely) for the latest software releases.

CVE-2019-0808

A vulnerability in Win32k could allow an attacker to execute code in kernel mode. Exploitation of this vulnerability has been detected with Windows 7, Server 2008, and Server 2008 R2.

Microsoft has rated this as a 0 (Exploitation Detected) on the Exploitability Index for older software releases and a 4 (Not affected) for the latest software releases.

CVE-2019-0683

Microsoft Active Directory allows an attacker in the trust forest to request delegation of a ticket-granting ticket (TGT) from another identity within the trusted forest. Exploitation requires that an attacker has compromised a server with unconstrained Kerberos delegation. The attacker then waits for incoming service connections. The attacker can then request TGT (Read more...)