March 2019 Patch Tuesday has seen Microsoft issue fixes for 64 vulnerabilities, two of which are being actively exploited in the wild.
The two actively exploited flaws are being tracked as CVE-2019-0808 and CVE-2019-0797. The first is a zero-day vulnerability in the Win32k component of Windows that could be exploited by an authenticated user to elevate privileges and execute arbitrary code. The flaw was identified by Google’s Threat Analysis Group earlier in March and affects Windows 7 32-bit systems and Windows Server 2008. The flaw was being exploited in combination with a vulnerability in Google Chrome (CVE-2019-5786) that has now been fixed.
The second zero-day vulnerability being actively exploited is also in Win32k and is another privilege escalation vulnerability that could allow remote code execution. The flaw was discovered by security researchers at Kaspersky Lab. In contrast to CVE-2019-0808, this vulnerability affects recent Windows versions: Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2016, and Windows Server 2019.
Out of the 64 vulnerabilities that have been fixed on March 2019 Patch Tuesday, 17 have been rated critical:
Internet Explorer (CVE-2019-0763), Microsoft Scripting Engine (CVE-2019-0592, CVE-2019-0609, CVE-2019-0639, CVE-2019-0666, CVE-2019-0667, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773), Microsoft Windows (CVE-2019-0603, CVE-2019-0784), Microsoft XML (CVE-2019-0756), Windows DHCP Client (CVE-2019-0726, CVE-2019-0697, CVE-2019-0698).
The three DHCP flaws are remote code execution vulnerabilities and have a CVSS v3 rating of 9.8 and require no user interaction to exploit.
Four vulnerabilities have been rated important, although publicly known exploits exist for these vulnerabilities (CVE-2019-0683, CVE-2019-0754, CVE-2019-0757 and CVE-2019-0809).
Two patches have been released by Adobe to correct critical flaws in Photoshop CC and Digital Editions.