For April Microsoft released fifteen updates to resolve more than 70 unique security vulnerabilities in various versions of its Windows operating systems and supported software. These patches apply to Windows, Edge and Internet Explorer browsers, Office, SharePoint and Exchange. Updates are also available for Adobe Acrobat and Flash Player. The following updates have been released:
Technology |
Products Affected |
Severity |
Reference |
Workaround/ Exploited / Publicly Disclosed |
Vulnerability Info |
Internet Explorer |
IE 9,10,11 |
Critical |
CVE-2019-0752 |
Workaround: No |
Remote Code Execution |
Edge |
Edge |
Critical |
CVE-2019-0739 |
Workaround: No |
Remote Code Execution |
Windows |
Windows 7, 8.1, 8.1 RT, 10 Windows Admin Center Server 2008/2008 R2 Sever 2012, 2012 R2 Server 2016 Server 2019 |
Critical |
CVE-2019-0685 |
Workaround: No Exploited: Yes Public: No |
Information Disclosure Elevation of Privilege Remote Code Execution Security Feature Bypass |
Office |
Excel 2010, 2013, 2016 Office 2010, 2013, 2016, 2019 2016, 2019 for Mac Office 365 ProPlus |
Important |
CVE-2019-0801 |
Workaround: No Exploited: No Public: No |
Elevation of Privilege Remote Code Execution |
Exchange |
Server 2010 SP3 |
Important |
CVE-2019-0817 |
Workaround: No Exploited: No Public: No |
Spoofing |
SharePoint |
Enterprise Server 2013 SP1, 2016 |
Important |
CVE-2019-0830 |
Workaround: No Exploited: No Public: No |
Spoofing |
ChakraCore |
All |
Critical |
CVE-2019-0739 |
Workaround: No |
Remote Code Execution |
Team Foundation Server |
2015 Update 4.2 2017 Update 3.1 2018 Update 1.2, 3.2 |
Important |
CVE-2019-0866 |
Workaround: No |
Spoofing |
Adobe Flash Player |
All |
Critical |
ADV190011 |
Workaround: Yes |
Remote Code Execution |
ASP.NET |
Core 2.2 |
Important |
CVE-2019-0815 |
Workaround: No |
Denial of Service |
Azure |
DevOps Server 2019, Linux Guest Agent |
Important |
CVE-2019-0804 |
Workaround: No |
Spoofing |
Open Enclave SDK |
All |
Important |
CVE-2019-0876 |
Workaround: No |
Information Disclosure |