Microsoft April Patch Tuesday fixed 76 security vulnerabilities

Microsoft November Patch Tuesday

Microsoft released the April Patch Tuesday on April 9. This security update fixed many vulnerabilities which cover the code execution/privilege escalation vulnerability of Windows and several core components of Windows (Windows, win32k, LUAFV, CSRSS, MSXML, VSScript).

Microsoft November Patch Tuesday

Product CVE number CVE title Severity
.NET Core CVE-2019-0815 ASP.NET Core Denial of Service Vulnerability Important
Adobe Flash Player ADV190011 April 2019 Adobe Flash Security Update Critical
CSRSS CVE-2019-0735 Windows CSRSS Privilege Escalation Vulnerability Important
Microsoft Browsers CVE-2019-0764 Microsoft Browsers Tampering Vulnerability Low
Microsoft Edge CVE-2019-0833 Microsoft Edge Information Disclosure Vulnerability Important
Microsoft Exchange Server CVE-2019-0858 Microsoft Exchange Spoofing Vulnerability Important
Microsoft Exchange Server CVE-2019-0817 Microsoft Exchange Spoofing Vulnerability Important
Microsoft Graphics Component CVE-2019-0802 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-0803 Win32k Privilege Escalation Vulnerability Important
Microsoft Graphics Component CVE-2019-0849 Windows GDI Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2019-0853 GDI+ Remote Code Execution Vulnerability Critical
Microsoft JET Database Engine CVE-2019-0846 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0847 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0851 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0877 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft JET Database Engine CVE-2019-0879 Jet Database Engine Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-0822 Microsoft Graphics Components Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-0823 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-0824 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-0825 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-0826 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-0827 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-0801 Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2019-0828 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2019-0830 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Office SharePoint CVE-2019-0831 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Scripting Engine CVE-2019-0739 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0812 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0829 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0752 Scripting Engine Memory Corruption Vulnerability Important
Microsoft Scripting Engine CVE-2019-0753 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0806 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0810 Chakra Scripting Engine Memory Corruption Vulnerability Moderate
Microsoft Scripting Engine CVE-2019-0835 Microsoft Scripting Engine Information Disclosure Vulnerability Important
Microsoft Scripting Engine CVE-2019-0860 Chakra Scripting Engine Memory Corruption Vulnerability Moderate
Microsoft Scripting Engine CVE-2019-0861 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2019-0862 Scripting Engine Memory Corruption Vulnerability Important
Microsoft Windows CVE-2019-0794 OLE Automation Remote Code Execution Vulnerability Important
Microsoft Windows CVE-2019-0805 Windows privilege elevation vulnerability Important
Microsoft Windows CVE-2019-0838 Windows Information Disclosure Vulnerability Important
Microsoft Windows CVE-2019-0839 Windows Information Disclosure Vulnerability Important
Microsoft Windows CVE-2019-0840 Windows Kernel Information Disclosure Vulnerability Important
Microsoft Windows CVE-2019-0841 Windows privilege elevation vulnerability Important
Microsoft Windows CVE-2019-0842 Windows VBScript Engine Remote Code Execution Vulnerability Important
Microsoft Windows CVE-2019-0845 Windows IOleCvt Interface Remote Code Execution Vulnerability Critical
Microsoft Windows CVE-2019-0848 Win32k Information Disclosure Vulnerability Important
Microsoft Windows CVE-2019-0685 Win32k Privilege Escalation Vulnerability Important
Microsoft Windows CVE-2019-0688 Windows TCP/IP Information Disclosure Vulnerability Important
Microsoft Windows CVE-2019-0730 Windows privilege elevation vulnerability Important
Microsoft Windows CVE-2019-0731 Windows privilege elevation vulnerability Important
Microsoft Windows CVE-2019-0732 Windows Security Feature Bypass Vulnerability Important
Microsoft Windows CVE-2019-0796 Windows privilege elevation vulnerability Important
Microsoft Windows CVE-2019-0814 Win32k Information Disclosure Vulnerability Important
Microsoft Windows CVE-2019-0836 Windows privilege elevation vulnerability Important
Microsoft Windows CVE-2019-0837 DirectX Information Disclosure Vulnerability Important
Microsoft XML CVE-2019-0790 MS XML Remote Code Execution Vulnerability Critical
Microsoft XML CVE-2019-0791 MS XML Remote Code Execution Vulnerability Critical
Microsoft XML CVE-2019-0792 MS XML Remote Code Execution Vulnerability Critical
Microsoft XML CVE-2019-0793 MS XML Remote Code Execution Vulnerability Critical
Microsoft XML CVE-2019-0795 MS XML Remote Code Execution Vulnerability Critical
Open Source Software CVE-2019-0876 Open Enclave SDK Information Disclosure Vulnerability Important
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates Critical
Team Foundation Server CVE-2019-0857 Azure DevOps Server Spoofing Vulnerability Important
Team Foundation Server CVE-2019-0866 Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability Important
Team Foundation Server CVE-2019-0867 Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability Important
Team Foundation Server CVE-2019-0868 Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability Important
Team Foundation Server CVE-2019-0869 Azure DevOps Server HTML Injection Vulnerability Important
Team Foundation Server CVE-2019-0870 Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability Important
Team Foundation Server CVE-2019-0871 Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability Important
Team Foundation Server CVE-2019-0874 Azure DevOps Server Cross-site Scripting Vulnerability Important
Team Foundation Server CVE-2019-0875 Azure DevOps Server Privilege Escalation Vulnerability Important
Windows Admin Center CVE-2019-0813 Windows Admin Center Privilege Escalation Vulnerability Important
Windows Kernel CVE-2019-0844 Windows Kernel Information Disclosure Vulnerability Important
Windows Kernel CVE-2019-0856 Windows Remote Code Execution Vulnerability Important
Windows Kernel CVE-2019-0859 Win32k Privilege Escalation Vulnerability Important
Windows SMB Server CVE-2019-0786 SMB Server Privilege Escalation Vulnerability Critical

In view of the serious impact of the multiple vulnerabilities fixed this month, some PoC is published. So as not to be attacked by hackers and malware, we recommend that users repair as soon as possible.