微软在昨日例行更新中发布了1月份的安全补丁,修复了51个安全漏洞。其中有7个漏洞被标记为关键漏洞。
此次并没有出现已在野利用的漏洞,仅有一个漏洞是此前已披露的,这个漏洞是CVE-2019-0579。在9月的时候ZDI曾公开披露过这个漏洞(因为微软超过120天未修复漏洞),微软接着在10月的补丁日修复了这个漏洞,但仍有可以绕过的方式,此次则再次尝试Patch掉这个漏洞。
此前推特上疯狂丢0day的作者披露的漏洞暂还未修复完成,恐怕还需花些时日。
两个相似的漏洞,虽然归类为远程代码执行,但实际上是需要Guest权限下操作。近日360安全研究员因Hyper-V漏洞收获百万奖金,可见此类漏洞影响力与重要性。这两个漏洞同时也是去年Pwn2Own中用到的漏洞,并获得了25万美金奖励。
上次见到影响稍广的DHCP客户端漏洞是Linux上的CVE-2018-1111,差不多半年后Windows上也出现了类似的问题。此漏洞危害、利用评级非常高,被多家安全企业列入应用补丁的第一梯队。根据微软描述只需向客户端发送特殊的响应包即可触发漏洞,可能会遭到大规模的利用。
微软此次并未将其归类为关键漏洞,但此漏洞根据描述利用场景还是较为容易的,发送特殊的邮件即可在Exchange服务器System用户权限下实现代码执行。
CVE | Title | Severity | Public | Exploit | XI – Latest | XI – Older | Type |
CVE-2019-0579 | Jet Database Engine Remote Code Execution Vulnerability | Important | Yes | No | 3 | 3 | RCE |
CVE-2019-0539 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No | 1 | N/A | RCE |
CVE-2019-0568 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No | 1 | N/A | RCE |
CVE-2019-0567 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No | 1 | N/A | RCE |
CVE-2019-0565 | Microsoft Edge Memory Corruption Vulnerability | Critical | No | No | 1 | N/A | RCE |
CVE-2019-0547 | Windows DHCP Client Remote Code Execution Vulnerability | Critical | No | No | 1 | N/A | RCE |
CVE-2019-0550 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2019-0551 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2019-0564 | ASP.NET Core Denial of Service Vulnerability | Important | No | No | 2 | 2 | DoS |
CVE-2019-0548 | ASP.NET Core Denial of Service Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2019-0566 | Microsoft Edge Elevation of Privilege Vulnerability | Important | No | No | 1 | N/A | EoP |
CVE-2019-0562 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2019-0543 | Microsoft Windows Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2019-0555 | Microsoft XmlDocument Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2019-0552 | Windows COM Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2019-0571 | Windows Data Sharing Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2019-0572 | Windows Data Sharing Service Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2019-0573 | Windows Data Sharing Service Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2019-0574 | Windows Data Sharing Service Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2019-0570 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2019-0545 | ASP.NET Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0560 | Microsoft Office Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0559 | Microsoft Outlook Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0537 | Microsoft Visual Studio Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0561 | Microsoft Word Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0536 | Windows Kernel Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0549 | Windows Kernel Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0554 | Windows Kernel Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0569 | Windows Kernel Information Disclosure Vulnerability | Important | No | No | 1 | 1 | Info |
CVE-2019-0553 | Windows Subsystem for Linux Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2019-0541 | Internet Explorer Remote Code Execution Vulnerability | Important | No | No | 1 | 1 | RCE |
CVE-2019-0538 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0575 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0576 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0577 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0578 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0580 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0581 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0582 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0583 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0584 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 3 | 3 | RCE |
CVE-2019-0588 | Microsoft Exchange Information Disclosure Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2019-0586 | Microsoft Exchange Memory Corruption Vulnerability | Important | No | No | 1 | 1 | RCE |
CVE-2019-0585 | Microsoft Word Remote Code Execution Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2019-0556 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2019-0557 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2019-0558 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2019-0622 | Skype for Android Elevation of Privilege Vulnerability | Moderate | No | No | N/A | N/A | EoP |
CVE-2019-0546 | Visual Studio Remote Code Execution Vulnerability | Moderate | No | No | 2 | 2 | RCE |
https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-january-2019
https://www.thezdi.com/blog/2019/1/8/the-january-2019-security-update-review
https://blog.talosintelligence.com/2019/01/microsoft-patch-tuesday-january-2019.html