Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
June 2, 2023
Severity High Analysis Summary Shuckworm APT – aka Actinium, Armageddon, Primitive Bear, Gamaredon, and Trident Ursa – is a Russia-backed advanced persistent threat (APT) that has […]June 2, 2023Severity High Analysis Summary StormKitty information stealer is designed to compromise sensitive data from infected systems, such as login credentials, passwords, cryptocurrency wallets, and other valuable […]June 2, 2023Severity High Analysis Summary Tofsee malware has been around since 2016. Once installed on a compromised computer, it can be used to send spam emails and […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
June 2, 2023Severity High Analysis Summary Shuckworm APT – aka Actinium, Armageddon, Primitive Bear, Gamaredon, and Trident Ursa – is a Russia-backed advanced persistent threat (APT) that has […]June 2, 2023Severity High Analysis Summary StormKitty information stealer is designed to compromise sensitive data from infected systems, such as login credentials, passwords, cryptocurrency wallets, and other valuable […]June 2, 2023Severity High Analysis Summary Tofsee malware has been around since 2016. Once installed on a compromised computer, it can be used to send spam emails and […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Advisory – Microsoft Windows Server 2012 / Windows RT 8.1 / 8.1 Multiple Vulnerabilities
March 18, 2019Rewterz Threat Advisory – Microsoft SharePoint Foundation 2013 Multiple Vulnerabilities
March 18, 2019
Severity
High
Analysis Summary
CVE-2019-0636
An information vulnerability exists when Windows improperly discloses file information, aka ‘Windows Information Disclosure Vulnerability’.
CVE-2019-0618
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka ‘GDI+ Remote Code Execution Vulnerability’.
CVE-2019-0619
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’.
CVE-2019-0595
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’.
CVE-2019-0600
An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka ‘HID Information Disclosure Vulnerability’.
CVE-2019-0663
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka ‘Windows Kernel Information Disclosure Vulnerability’.
CVE-2019-0664
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’.
CVE-2019-0662
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka ‘GDI+ Remote Code Execution Vulnerability’.
CVE-2019-0661
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka ‘Windows Kernel Information Disclosure Vulnerability’.
CVE-2019-0602
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’.
CVE-2019-0630
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka ‘Windows SMB Remote Code Execution Vulnerability’.
CVE-2019-0635
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka ‘Windows Hyper-V Information Disclosure Vulnerability’.
CVE-2019-0626
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka ‘Windows DHCP Server Remote Code Execution Vulnerability’.
CVE-2019-0625
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’.
CVE-2019-0616
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’.
CVE-2019-0597
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’.
CVE-2019-0628
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka ‘Win32k Information Disclosure Vulnerability’.
CVE-2019-0660
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’.
CVE-2019-0596
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’.
CVE-2019-0623
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’.
CVE-2019-0599
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’.
CVE-2019-0615
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’.
CVE-2019-0601
An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka ‘HID Information Disclosure Vulnerability’.
CVE-2019-0598
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’.
CVE-2019-0621
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka ‘Windows Kernel Information Disclosure Vulnerability’.
Affected Products
Microsoft Windows Server 2008
Microsoft Windows 7
Remediation
Vendor has released updates for the following product
Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB4489880):
https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4489880
Windows Server 2008 for x64-based Systems Service Pack 2 (KB4489880):
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) (KB4489880):
https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4489880
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) (KB4489880):
Windows Server 2008 for 32-bit Systems Service Pack 2 (KB4489880):
https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4489880
Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB4489876):
https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4489876
Windows Server 2008 for x64-based Systems Service Pack 2 (KB4489876):
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) (KB4489876):
https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4489876