14 DAY TRIAL // The April 2019 Patch Tuesday rollout includes updates for a total of 74 different vulnerabilities in Microsoft products, including for two flaws that are already being exploited in the wild.
Out of the 74 security holes, no less than 16 of them are rated as Critical, with scripting engines and browsers (Internet Explorer and Microsoft Edge) accounting for 8 of them.
First and foremost, IT admins should prioritize the deployment of patches for CVE-2019-0803 and CVE-2019-0859, the two Win32k vulnerabilities allowing for privilege escalation. Microsoft says the flaws are already being exploited and explains that a successful attack allows a malicious actor to get full control of a compromised host.
However, it’s worth knowing that an attacker would first have to log on to the system before exploiting this flaw.
All Windows versions are impacted, including the Windows 10 October 2018 Update, which is the most recent stable release at this point.
Windows 10-specific flaw
Additionally, Microsoft says there’s also a privilege escalation vulnerability in the Windows Appx Deployment Service (AppXSVC) which is being used for installing Microsoft Store apps. This flaw is detailed in CVE-2019-0841, and Microsoft says Windows 10 version 1703 and newer, as well as Windows Server 2019 and Windows Server version 1709 and 1803, are impacted.
“An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data,” the software giant notes.
Microsoft also resolves two different remote code execution (RCE) flaws in GDI+ and IOleCvt, and in both cases, an attacker would be able to get full control of the affected system. All Windows versions are affected as well.
The April 2019 Patch Tuesday updates are available now from Windows Update, and at the time of writing this article, there are no reports of failed installs or issues experienced after the update.