********************************************************************
Title: Microsoft Security Update Releases
Issued: January 15, 2019
********************************************************************
Summary
=======
The following CVEs have undergone a major revision increment:
* CVE-2018-8416
* CVE-2019-0545
* CVE-2019-0546
* CVE-2019-0624
* CVE-2019-0646
* CVE-2019-0647
Revision Information:
=====================
- CVE-2018-8416 | .NET Core Tampering
Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: Revised the Security Updates table to
include PowerShell Core 6.1 and 6.2 because they are affected
by CVE-2018-8416. See
https://github.com/PowerShell/Announcements/issues/11 for more
information.
- Originally posted: November 13, 2018
- Updated: January 15, 2019
- Aggregate CVE Severity Rating: Moderate
- Version: 2.0
- CVE-2019-0545 | .NET Framework Information Disclosure
Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: Revised the Security Updates table to
include PowerShell Core 6.1 and 6.2 because they are affected
by CVE-2019-0545. See
https://github.com/PowerShell/Announcements/issues/10 for more
information.
- Originally posted: January 8, 2018
- Updated: January 15, 2019
- Aggregate CVE Severity Rating: Important
- Version: 2.0
- CVE-2019-0564 | ASP.NET Core Denial of Service Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: Revised the Security Updates table to
include PowerShell Core 6.1 and 6.2 because they are affected
by CVE-2019-0564. See
https://github.com/PowerShell/Announcements/issues/12 for more
information.
- Originally posted: January 8, 2018
- Updated: January 15, 2019
- Aggregate CVE Severity Rating: Important
- Version: 2.0
- CVE-2019-0624 | Skype for Business 2015 Spoofing Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: Information published.
- Originally posted: January 15, 2018
- Updated: N/A
- Aggregate CVE Severity Rating: Important
- Version: 1.0
- CVE-2019-0646 | Team Foundation Server Cross-site Scripting
Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: Information published.
- Originally posted: January 15, 2018
- Updated: N/A
- Aggregate CVE Severity Rating: Important
- Version: 1.0
- CVE-2019-0647 | Team Foundation Server Information Disclosure
Vulnerability
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: Information published.
- Originally posted: January 15, 2018
- Updated: N/A
- Aggregate CVE Severity Rating: Moderate
- Version: 1.0
'MS Security' 카테고리의 다른 글
| [2018-12-19] Microsoft Security Update Releases (0) | 2018.12.22 |
|---|---|
| [2018-12-11] Microsoft Security Update Releases (0) | 2018.12.12 |
| [2018-12-11] Microsoft Security Update Summary (2) | 2018.12.12 |
| [2018-12-11] Microsoft Security Advisory Notification (0) | 2018.12.12 |
| [2018-12-05] Microsoft Security Advisory Notification (0) | 2018.12.06 |
