Friday, June 12, 2026

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Creators Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
    • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network Vulnerabilities 

Home » Cybersecurity » Threats & Breaches » Vulnerabilities » VERT Threat Alert: April 2019 Patch Tuesday Analysis

SBN

VERT Threat Alert: April 2019 Patch Tuesday Analysis

Avatar photo by Tyler Reguly on April 9, 2019

Today’s VERT Alert addresses Microsoft’s April 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-825 on Wednesday, April 10th.

In-The-Wild & Disclosed CVEs 

CVE-2019-0803

This CVE describes a privilege escalation vulnerability in Win32k that could allow an attacker to execute code in kernel mode, giving them full control over the system.

Microsoft has rated this as a 1 (Exploitation More Likely) on the Exploitability Index for their latest software release and a 0 (Exploitation Detected) on older software releases.

CVE-2019-0859

This CVE describes a privilege escalation vulnerability in Win32k that could allow an attacker to execute code in kernel mode, giving them full control over the system.

Microsoft has rated this as a 1 (Exploitation More Likely) on the Exploitability Index for their latest software release and a 0 (Exploitation Detected) on older software releases.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

 

Tag
CVE Count
CVEs
Team Foundation Server
9
CVE-2019-0857, CVE-2019-0866, CVE-2019-0867, CVE-2019-0868, CVE-2019-0869, CVE-2019-0870, CVE-2019-0871, CVE-2019-0874, CVE-2019-0875
CSRSS
1
CVE-2019-0735
Open Source Software
1
CVE-2019-0876
Microsoft JET Database Engine
5
CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0877, CVE-2019-0879
Windows SMB Server
1
CVE-2019-0786
Microsoft Windows
18
CVE-2019-0794, CVE-2019-0805, CVE-2019-0838, CVE-2019-0839, CVE-2019-0840, CVE-2019-0841, CVE-2019-0842, CVE-2019-0845, CVE-2019-0848, CVE-2019-0685, CVE-2019-0688, CVE-2019-0730, CVE-2019-0731, CVE-2019-0732, CVE-2019-0796, CVE-2019-0814, CVE-2019-0836, CVE-2019-0837
Microsoft Edge
1
CVE-2019-0833
Microsoft Graphics Component
4
CVE-2019-0802, CVE-2019-0803, CVE-2019-0849, CVE-2019-0853
Microsoft Scripting Engine
11
CVE-2019-0739, CVE-2019-0812, CVE-2019-0829, CVE-2019-0752, CVE-2019-0753, CVE-2019-0806, CVE-2019-0810, CVE-2019-0835, CVE-2019-0860, CVE-2019-0861, CVE-2019-0862
Microsoft Browsers
1
CVE-2019-0764
Windows Kernel
3
CVE-2019-0844, CVE-2019-0856, CVE-2019-0859
Windows Admin Center
1
CVE-2019-0813
Microsoft Exchange Server
2
CVE-2019-0858, CVE-2019-0817
Microsoft XML
5
CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0793, CVE-2019-0795
Microsoft Office
8
CVE-2019-0822, CVE-2019-0823, CVE-2019-0824, (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tyler Reguly. Read the original post at: https://www.tripwire.com/state-of-security/vulnerability-management/vert-april-2019-patch-tuesday/

April 9, 2019April 9, 2019 Tyler Reguly Vulnerability Management
  • ← The Joy of Tech®, ‘Everyone Hates Social Media’
  • Patch Tuesday Lowdown, April 2019 Edition →
Avatar photo

Tyler Reguly

Tyler Reguly is Associate Director, Security R&D at Fortra, responsible for overseeing a team of researchers that provide the security expertise for the company’s integrity and compliance monitoring solution. Tyler joined Fortra in 2022 when the company acquired Tripwire, where Tyler had been a part of the research team for more than fifteen years. In addition to security research, Tyler has worked closely with Fanshawe College, from which he graduated with a diploma in Computer Systems Technology, developing five courses including subjects like Advanced Hacker Techniques & Tactics, Hacking and Exploits, Malware Research, Evolving Technologies and Threats, and Python Programming. He has also taught all five courses that he developed on multiple occasions.

tyler-reguly has 119 posts and counting.See all posts by tyler-reguly

Techstrong TV

Click full-screen to enable volume control
Watch latest episodes and shows

Tech Field Day Events

Upcoming Webinars

Building a Resilient Security Culture in the AI Era with AWS & Datadog
Toxic Flows: When Your Agent Skill Becomes a Supply Chain Attack
The Future of Agentic Software Delivery: Unifying Source & Binaries
35 Million Lines, Zero Build-Breakers: How Adyen Scaled DevSecOps
How to Conduct AI-Native Bug Discovery & Triage

Podcast

Listen to all of our podcasts

Secure by Design

1 week ago | Jack Poller

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

2 weeks ago | Jack Poller

NIST’s Nine: The PQC Signature Race Moves to Round Three

2 weeks ago | Jack Poller

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

4 weeks ago | Jack Poller

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

1 month ago | Jack Poller

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

Most Read on the Boulevard

Ex-IBM Exec Accuses Big Blue and AT&T of Covering Up Foreign Data Breaches
Google Patches 429 Chrome Vulnerabilities in Major Browser Update
Anthropic’s Mythos Can Serve Up N-Day Exploits in Minutes or Hours
Zscaler Launches Industry-First Zero Trust Security for Agentic AI
ShinyHunters Secret to Success: Breaking the Trust Barrier
8 Self-Evolving Skills Hermes Agent Writes on Its Own
8 Claude Code Alternatives Compared (2026)
9 Open-Source AI Coding Agents Worth Self-Hosting
Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507)
ServiceNow Breach Explained: API Exposure, Risks & Security

Industry Spotlight

Anthropic Mythos AI Model Strikes Fear in Trump Administration, U.S. Banks
Cloud Security Cybersecurity Data Privacy Data Security Featured Incident Response Industry Spotlight Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches Vulnerabilities 

Anthropic Mythos AI Model Strikes Fear in Trump Administration, U.S. Banks

April 12, 2026 Jeffrey Burt | Apr 12 Comments Off on Anthropic Mythos AI Model Strikes Fear in Trump Administration, U.S. Banks
The Day the Security Music Died
AI and Machine Learning in Security Cybersecurity Featured Industry Spotlight Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

The Day the Security Music Died

April 8, 2026 Alan Shimel | Apr 08 Comments Off on The Day the Security Music Died
The Lock, Not the Alarm: How Palo Alto’s Koi Acquisition Rewrites Endpoint Security
Featured Industry Spotlight Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Uncategorized 

The Lock, Not the Alarm: How Palo Alto’s Koi Acquisition Rewrites Endpoint Security

February 18, 2026 Jack Poller | Feb 18 Comments Off on The Lock, Not the Alarm: How Palo Alto’s Koi Acquisition Rewrites Endpoint Security

Top Stories

ServiceNow Fixes Flaw That Could Lead to Unauthorized Access to Instances
Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Incident Response Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Vulnerabilities 

ServiceNow Fixes Flaw That Could Lead to Unauthorized Access to Instances

June 11, 2026 Jeffrey Burt | Yesterday 0
Zscaler Launches Industry-First Zero Trust Security for Agentic AI
AI and ML in Security Cybersecurity Featured News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Zero-Trust 

Zscaler Launches Industry-First Zero Trust Security for Agentic AI

June 10, 2026 Jon Swartz | 1 day ago 0
Anthropic’s Mythos Can Serve Up N-Day Exploits in Minutes or Hours
Cloud Security Cybersecurity Data Privacy Data Security Featured Incident Response Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Vulnerabilities 

Anthropic’s Mythos Can Serve Up N-Day Exploits in Minutes or Hours

June 9, 2026 Jeffrey Burt | 2 days ago 0

Security Humor

Randall Munroe’s XKCD 'Husband and Wife'

Randall Munroe’s XKCD ‘Husband and Wife’

Download Free eBook

[su_panel border="0px solid #ddd" radius="0" text_align="center" padding-top="0px" padding-bottom="0px"]
7 Must-Read eBooks for Security Professionals
[/su_panel]

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Creators Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2026 Techstrong Group Inc. All rights reserved.
×

Insert/edit link

Enter the destination URL

Or link to existing content

    No search term specified. Showing recent items. Search or use up and down arrow keys to select an item.