CVE-2019-1468
published 2019-12-10CVE-2019-1468: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.
Affected
68 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1903_for_32-bit_systems | — | — |
GHSA
GHSA-38wm-mhwf-wxxg: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics R
ghsa_unreviewed·2022-05-24
CVE-2019-1468 [HIGH] GHSA-38wm-mhwf-wxxg: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics R
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.
Project0
TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln - Project Zero
project_zero·2020-04-01·CVSS 7.8
CVE-2016-7255 [HIGH] TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln - Project Zero
Posted by Maddie Stone, Project Zero
INTRODUCTION
I’m really interested in 0-days exploited in the wild and what we, the security community, can learn about them to make 0-day hard. I explained some of Project Zero’s ideas and goals around in-the-wild 0-days in a November blog post.
On December’s Patch Tuesday, I was immediately intrigued by CVE-2019-1458, a Win32k Escalation of Privilege (EoP), said to be exploited in the wild and discovered by Anton Ivanov and Alexey Kulaev of Kaspersky Lab. Later that day, Kaspersky published a blog post on the exploit. The blog post included details about the exploit, but only included partial details on the vulnerability. My end goal was to do variant analysis on the vulnerability, but without full and accurate details about the vulnerability, I n
Microsoft
Win32k Graphics Remote Code Execution Vulnerability
vendor_msrc·2019-12-10·CVSS 8.4
CVE-2019-1468 [HIGH] Win32k Graphics Remote Code Execution Vulnerability
Win32k Graphics Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
There are multiple ways an attacker could exploit this vulnerability.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view
No detection rules found.
No public exploits indexed.
Krebs
Patch Tuesday, December 2019 Edition
blogs_krebs·2019-12-12·CVSS 7.8
CVE-2019-1458 [HIGH] Patch Tuesday, December 2019 Edition
Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks.
CVE-2019-1458 is what’s known as a “privilege escalation” flaw, meaning an attacker would need to previously have compromised the system using another vulnerability. Handy in that respect is CVE-2019-1468, a similarly widespread critical issue in the Windows font library that could be exploited just by getting the user to visit a hacked or malicious Web site.
Chris Goettl, director of security at Ivanti
Krebs
Patch Tuesday, December 2019 Edition
blogs_krebs·2019-12-11·CVSS 7.8
CVE-2019-1458 [HIGH] Patch Tuesday, December 2019 Edition
Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks.
By nearly all accounts, the chief bugaboo this month is CVE-2019-1458 , a vulnerability in a core Windows component (Win32k) that is present in Windows 7 through 10 and Windows Server 2008-2019. This bug is already being exploited in the wild, and according to Recorded Future the exploit available for it is similar to CVE-2019-0859 , a Windows flaw reported in April that was found being sold in undergrou
Qualys
December 2019 Patch Tuesday – 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns
blogs_qualys·2019-12-10·CVSS 8.8
CVE-2019-1468 [HIGH] December 2019 Patch Tuesday – 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns
This month’s Patch Tuesday is rather light and addresses 36 vulnerabilities, with only 7 labeled as Critical. Five of the seven Critical vulns are in Git for Visual Studio. The others are for Hyper-V and Win32k. Also, there is one actively attacked “Important” vuln in Win32k. Adobe released patches today covering Acrobat/Reader, ColdFusion, Photoshop, and Brackets.
## Workstation Patches
Win32k patches ( CVE-2019-1468 and CVE-2019-1458 ) should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.
Though listed as Important, Microsoft has disclosed that CVE-2019-1458 is actively attacked in the wild.
## Hyper-V Hypervisor Escapes
A remo
Talos
Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
blogs_talos·2019-12-10·CVSS 7.8
[HIGH] Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
## Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 25 vulnerabilities, two of which are considered critical.
This month’s security update covers security issues in a variety of Microsoft services and software, including Remote Desktop Protocol, Hyper-V and multiple Microsoft Office products.
Talos also released a new set of SNORTⓇ rules that provide coverage for some of these vulnerabilities. For more, check out the Snort blog post here .
## Critical vulnerabilities Microsoft disclosed two critical vulnerabilities this month, both of which we will highlight b
Tenable
Microsoft's December 2019 Patch Tuesday Includes Fix for Zero Day Exploited in the Wild (CVE-2019-1458)
blogs_tenable·2019-12-10·CVSS 7.8
[HIGH] Microsoft's December 2019 Patch Tuesday Includes Fix for Zero Day Exploited in the Wild (CVE-2019-1458)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Qualys
December 2019 Patch Tuesday - 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns | Qualys
blogs_qualys·2019-12-10·CVSS 8.8
CVE-2019-1468 [HIGH] December 2019 Patch Tuesday - 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns | Qualys
This month’s Patch Tuesday is rather light and addresses 36 vulnerabilities, with only 7 labeled as Critical. Five of the seven Critical vulns are in Git for Visual Studio. The others are for Hyper-V and Win32k. Also, there is one actively attacked “Important” vuln in Win32k. Adobe released patches today covering Acrobat/Reader, ColdFusion, Photoshop, and Brackets.
### Workstation Patches
Win32k patches (CVE-2019-1468 and CVE-2019-1458) should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.
Though listed as Important, Microsoft has disclosed that CVE-2019-1458 is actively attacked in the wild.
### Hyper-V Hypervisor Escapes
A remo
Talos
Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
blogs_talos·2019-12-10·CVSS 7.8
[HIGH] Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 25 vulnerabilities, two of which are considered critical.
This month’s security update covers security issues in a variety of Microsoft services and software, including Remote Desktop Protocol, Hyper-V and multiple Microsoft Office products.
Talos also released a new set of SNORTⓇ rules that provide coverage for some of these vulnerabilities. For more, check out the Snort blog post here.
### Critical vulnerabilities Microsoft disclosed two critical vulnerabilities this month, both of which we will highlight below.
CVE-2019-1468 is a remote code execution vulnerability in the Windows font libr
2019-12-10
Published