Tech

Microsoft's June 2019 Patch Tuesday fixes many of SandboxEscaper's zero-days

Microsoft patches four of five zero-days published by SandboxEscaper.

Written by Catalin Cimpanu, Contributor June 11, 2019 at 12:41 p.m. PT

Microsoft has published today its monthly roll-up of security updates, known as Patch Tuesday. This month, the OS maker has patched 88 vulnerabilities, among which 21 received a rating of "Critical," the company's highest severity ranking.

Furthermore, the June 2019 Patch Tuesday also included fixes for four of the five zero-days that a security researcher and exploit seller by the name of SandboxEscaper published online over the course of the last month.

Security patches are available for:

Zero-day name	CVE	Description
BearLPE	CVE-2019-1069	LPE exploit in the Windows Task Scheduler process
SandboxEscape	CVE-2019-1053	Sandbox escape for Internet Explorer 11
CVE-2019-0841-BYPASS	CVE-2019-1064	Bypass of the CVE-2019-0841 patch
InstallerBypass	CVE-2019-0973	LPE targeting the Windows Installer folder

Fixes for a fifth zero-day weren't ready in time, as SandboxEscaper published details about this bug only last week, on Friday, June 7, leaving Microsoft no time to put together and test a patch.

The good news is that despite details and proof-of-concept demo exploit code being available for all these four zero-days, none of them were incorporated in malware campaigns.

Furthermore, of all the 88 vulnerabilities patched this month, none was exploited in the wild either.

Other important fixes

But besides patches for Windows and Office products, Microsoft also issued a security advisory about separate firmware updates for HoloLens devices.

This month, Microsoft patched four remote code execution (RCE) flaws that affect the Broadcom wireless chipset included in Microsoft HoloLens devices.

The four RCEs are CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.

And since RCEs are about the worse bugs around, we'll also highlight that Microsoft also patched nine RCEs in the Chakra Scripting Engine (included with Edge), four RCEs in the Microsoft Scripting Engine, three RCEs in the Microsoft Hyper-V hypervisor, an RCE in the Microsoft Speech API, and an RCE impacting both Edge and Internet Explorer.

Faulty BLE security keys won't work anymore

Last, but not least, Microsoft also warned that some Bluetooth-based security keys would stop working on Windows after applying today's patches.

More specifically, Microsoft is referring to Feitian and Google Titan security keys, which contain a misconfiguration in the Bluetooth pairing protocols that allows an attacker to interact with the key.

"Microsoft has blocked the pairing of these Bluetooth Low Energy (BLE) keys with the pairing misconfiguration," the OS maker said.

Users of these devices are advised to look into requesting a free replacement, which both Google and Feitian are providing for free.

Additional info

Since the Microsoft Patch Tuesday is also the day when other vendors also release security patches, it's also worth mentioning that Adobe and SAP have also published their respective security updates earlier today.

More in-depth information on today's Patch Tuesday updates is available on Microsoft's official Security Update Guide portal. You can also consult the table embedded below or this Patch Tuesday report generated by ZDNet.

Tag	CVE ID	CVE Title
Servicing Stack Updates	ADV990001	Latest Servicing Stack Updates
Adobe Flash Player	ADV190015	June 2019 Adobe Flash Security Update
Microsoft Devices	ADV190016	Bluetooth Low Energy Advisory
Microsoft Devices	ADV190017	Microsoft HoloLens Remote Code Execution Vulnerabilities
Microsoft Exchange Server	ADV190018	Microsoft Exchange Server Defense in Depth Update
Kerberos	CVE-2019-0972	Local Security Authority Subsystem Service Denial of Service Vulnerability
Microsoft Browsers	CVE-2019-1081	Microsoft Browser Information Disclosure Vulnerability
Microsoft Browsers	CVE-2019-1038	Microsoft Browser Memory Corruption Vulnerability
Microsoft Edge	CVE-2019-1054	Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Graphics Component	CVE-2019-1018	DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component	CVE-2019-1047	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1046	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1013	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1015	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1016	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1048	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-0977	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-0960	Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component	CVE-2019-0968	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1049	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1050	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-0985	Microsoft Speech API Remote Code Execution Vulnerability
Microsoft Graphics Component	CVE-2019-1010	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1009	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1011	Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component	CVE-2019-1012	Windows GDI Information Disclosure Vulnerability
Microsoft JET Database Engine	CVE-2019-0905	Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine	CVE-2019-0974	Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine	CVE-2019-0904	Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine	CVE-2019-0906	Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine	CVE-2019-0908	Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine	CVE-2019-0909	Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine	CVE-2019-0907	Jet Database Engine Remote Code Execution Vulnerability
Microsoft Office	CVE-2019-1035	Microsoft Word Remote Code Execution Vulnerability
Microsoft Office	CVE-2019-1034	Microsoft Word Remote Code Execution Vulnerability
Microsoft Office SharePoint	CVE-2019-1032	Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint	CVE-2019-1036	Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint	CVE-2019-1031	Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint	CVE-2019-1033	Microsoft Office SharePoint XSS Vulnerability
Microsoft Scripting Engine	CVE-2019-1002	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-0991	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1080	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1023	Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine	CVE-2019-0993	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-0992	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1024	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-0990	Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine	CVE-2019-0988	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-0989	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1055	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1052	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1051	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-0920	Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine	CVE-2019-1003	Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows	CVE-2019-1069	Task Scheduler Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-1064	Windows Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-0888	ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
Microsoft Windows	CVE-2019-1025	Windows Denial of Service Vulnerability
Microsoft Windows	CVE-2019-1045	Windows Network File System Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-1043	Comctl32 Remote Code Execution Vulnerability
Microsoft Windows	CVE-2019-0710	Windows Hyper-V Denial of Service Vulnerability
Microsoft Windows	CVE-2019-0709	Windows Hyper-V Remote Code Execution Vulnerability
Microsoft Windows	CVE-2019-0722	Windows Hyper-V Remote Code Execution Vulnerability
Microsoft Windows	CVE-2019-0943	Windows ALPC Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-0713	Windows Hyper-V Denial of Service Vulnerability
Microsoft Windows	CVE-2019-0983	Windows Storage Service Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-0984	Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-0711	Windows Hyper-V Denial of Service Vulnerability
Microsoft Windows	CVE-2019-0948	Windows Event Viewer Information Disclosure Vulnerability
Microsoft Windows	CVE-2019-0959	Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Windows	CVE-2019-0998	Windows Storage Service Elevation of Privilege Vulnerability
Skype for Business and Microsoft Lync	CVE-2019-1029	Skype for Business and Lync Server Denial of Service Vulnerability
Team Foundation Server	CVE-2019-0996	Azure DevOps Server Spoofing Vulnerability
VBScript	CVE-2019-1005	Scripting Engine Memory Corruption Vulnerability
Windows Authentication Methods	CVE-2019-1040	Windows NTLM Tampering Vulnerability
Windows Hyper-V	CVE-2019-0620	Windows Hyper-V Remote Code Execution Vulnerability
Windows IIS	CVE-2019-0941	Microsoft IIS Server Denial of Service Vulnerability
Windows Installer	CVE-2019-0973	Windows Installer Elevation of Privilege Vulnerability
Windows Kernel	CVE-2019-1044	Windows Secure Kernel Mode Security Feature Bypass Vulnerability
Windows Kernel	CVE-2019-1014	Win32k Elevation of Privilege Vulnerability
Windows Kernel	CVE-2019-1017	Win32k Elevation of Privilege Vulnerability
Windows Kernel	CVE-2019-1065	Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel	CVE-2019-1041	Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel	CVE-2019-1039	Windows Kernel Information Disclosure Vulnerability
Windows Media	CVE-2019-1026	Windows Audio Service Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1007	Windows Audio Service Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1027	Windows Audio Service Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1022	Windows Audio Service Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1021	Windows Audio Service Elevation of Privilege Vulnerability
Windows Media	CVE-2019-1028	Windows Audio Service Elevation of Privilege Vulnerability
Windows NTLM	CVE-2019-1019	Microsoft Windows Security Feature Bypass Vulnerability
Windows Shell	CVE-2019-0986	Windows User Profile Service Elevation of Privilege Vulnerability
Windows Shell	CVE-2019-1053	Windows Shell Elevation of Privilege Vulnerability

More vulnerability reports:

Editorial standards

Show Comments

Microsoft's June 2019 Patch Tuesday fixes many of SandboxEscaper's zero-days

Other important fixes

Faulty BLE security keys won't work anymore

Additional info

More vulnerability reports:

Related

Microsoft at 50: Its incredible rise, 15 lost years, and stunning comeback - in 4 charts

Why delaying software updates is a terrible idea

Look, no patches! Why Chainguard OS might be the most secure Linux ever