Windows 10: CVE-2019-1105 - Outlook for Android Spoofing Vulnerability

Discus and support CVE-2019-1105 - Outlook for Android Spoofing Vulnerability in Windows 10 News to solve the problem; A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker... Discussion in 'Windows 10 News' started by Brink, Jun 20, 2019.

  1. BRINK
    Brink Win User

    CVE-2019-1105 - Outlook for Android Spoofing Vulnerability


    Source: https://portal.msrc.microsoft.com/en.../CVE-2019-1105

    :)
     
    Brink, Jun 20, 2019
    #1
  2. BILL SMITHERS
    Bill Smithers Win User
    Bill Smithers, Jun 20, 2019
    #2
  3. TD47
    TD47 Win User
    SQLITE vulnerability CVE-2018-20346, CVE-2018-20505, CVE-2018-20506

    There is a reported vulnerability in older versions of SQLITE:

    See 21th Dec 2018 CVE ID has been assigned as CVE-2018-20346, CVE-2018-20505, CVE-2018-20506

    Magellan - Tencent Blade Team

    and

    Crash Chrome 70 with the SQLite Magellan bug

    However, I see that the Windows Update Installer Patch Cache uses sqlite.dll version 15.7.20033 (dated 2015):

    C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\sqlite.dll

    Since this is 3 years old, does anyone know if this is vulnerable?
     
    TD47, Jun 20, 2019
    #3
  4. NICK ADSL UK
    NICK ADSL UK Win User

    CVE-2019-1105 - Outlook for Android Spoofing Vulnerability

    Microsoft February 2019 Security Updates

    Release Notes

    February 2019 Security Updates

    Release Date: February 12, 2019

    The February security release consists of security updates for the following software:

    Adobe Flash Player

    Internet Explorer

    Microsoft Edge

    Microsoft Windows

    Microsoft Office and Microsoft Office Services and Web Apps

    ChakraCore

    .NET Framework

    Microsoft Exchange Server

    Microsoft Visual Studio

    Azure IoT SDK

    Microsoft Dynamics

    Team Foundation Server

    Visual Studio Code

    Please note the following information regarding the security updates:

    A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.

    Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.

    For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

    In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.

    ADV190003

    ADV190007 *

    ADV990001

    CVE-2019-0540 *

    CVE-2019-0600

    CVE-2019-0601

    CVE-2019-0602

    CVE-2019-0615

    CVE-2019-0616

    CVE-2019-0619

    CVE-2019-0621

    CVE-2019-0628

    CVE-2019-0635

    CVE-2019-0636

    CVE-2019-0643

    CVE-2019-0648

    CVE-2019-0658

    CVE-2019-0660

    CVE-2019-0661

    CVE-2019-0664

    CVE-2019-0669

    CVE-2019-0676

    CVE-2019-0686 *

    CVE-2019-0724 *

    CVE-2019-0741

    Known Issues

    44****2

    {{windowTitle}}
     
    NICK ADSL UK, Jun 20, 2019
    #4
Thema:

CVE-2019-1105 - Outlook for Android Spoofing Vulnerability

Loading...

  1. CVE-2019-1105 - Outlook for Android Spoofing Vulnerability - Similar Threads - CVE 2019 1105

  2. Vulnerability CVE-2021-36934

    in Windows 10 BSOD Crashes and Debugging
    Vulnerability CVE-2021-36934: I saw in the press that an additional vulnerability of Windows 10, known as CVE-2021-36934, can be remedied at list until a Microsoft patch is available by running as administrator Win 10 Powershell and then typing: icacls $env:windir\system32\config\*.*...

  3. CVE-2020-0601 Windows CryptoAPI Spoofing Vulnerability Security Vulnerability Published:...

    in Windows 10 Installation and Upgrade
    CVE-2020-0601 Windows CryptoAPI Spoofing Vulnerability Security Vulnerability Published:...: Having Windows 10 for some time now, I'm sure along with others, Microsoft continues seemingly monthly, at minimum to post update WARNINGS. WHY is such a company continually putting out updates for their customers with Windows 10 when they themselves don't take the proper...

  4. CVE-2019-1460 - Outlook for Android Spoofing Vulnerability

    in Windows 10 News
    CVE-2019-1460 - Outlook for Android Spoofing Vulnerability: MITRE CVE-2019-1460 A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim. The attacker...

  5. CVE-2019-1378 Windows 10 Update Assistant Vulnerability

    in Windows 10 News
    CVE-2019-1378 Windows 10 Update Assistant Vulnerability: Security Vulnerability Published: 10/08/2019 | Last Updated : 10/09/2019 MITRE CVE-2019-1378 An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions. A locally authenticated attacker could run arbitrary code with...

  6. CVE-2019-1255 Microsoft Defender Denial of Service Vulnerability

    in Windows 10 News
    CVE-2019-1255 Microsoft Defender Denial of Service Vulnerability: Security Vulnerability Published: 09/23/2019 MITRE CVE-2019-1255 A denial of service vulnerability exists when Microsoft Defender improperly handles files. An attacker could exploit the vulnerability to prevent legitimate accounts from executing legitimate system binaries....

  7. CVE-2019-1292 | Windows Elevation of Privilege Vulnerability

    in Windows 10 News
    CVE-2019-1292 | Windows Elevation of Privilege Vulnerability: MITRE CVE-2019-1292 An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and...

  8. CVE-2019-1215 | Windows Elevation of Privilege Vulnerability

    in Windows 10 News
    CVE-2019-1215 | Windows Elevation of Privilege Vulnerability: MITRE CVE-2019-1215 An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated privileges. To exploit the vulnerability, a locally...

  9. CVE-2019-1125 Windows Kernel Information Disclosure Vulnerability

    in Windows 10 News
    CVE-2019-1125 Windows Kernel Information Disclosure Vulnerability: MITRE CVE-2019-1125 An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this...

  10. CVE-2019-0627 - Windows Security Feature Bypass Vulnerability

    in Windows 10 News
    CVE-2019-0627 - Windows Security Feature Bypass Vulnerability: A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability,...

Users found this page by searching for:

  1. cve-2019-1105