Microsoft has released a comprehensive security update release as of January 15, 2019. This describes update revisions for various products and is classified as important.
Here is the information from the Microsoft Security Update Releases
********************************************************************
Title: Microsoft Security Update Releases
Issued: January 15, 2019
********************************************************************
The following CVEs have undergone a major revision increment:
* CVE-2018-8416
* CVE-2019-0545
* CVE-2019-0546
* CVE-2019-0624
* CVE-2019-0646
* CVE-2019-0647
Revision Information:
=====================
– CVE-2018-8416 | .NET Core Tampering
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Revised the Security Updates table to
include PowerShell Core 6.1 and 6.2 because they are affected
by CVE-2018-8416. See
https://github.com/PowerShell/Announcements/issues/11 for more
information.
– Originally posted: November 13, 2018
– Updated: January 15, 2019
– Aggregate CVE Severity Rating: Moderate
– Version: 2.0
– CVE-2019-0545 | .NET Framework Information Disclosure
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Revised the Security Updates table to
include PowerShell Core 6.1 and 6.2 because they are affected
by CVE-2019-0545. See
https://github.com/PowerShell/Announcements/issues/10 for more
information.
– Originally posted: January 8, 2018
– Updated: January 15, 2019
– Aggregate CVE Severity Rating: Important
– Version: 2.0
– CVE-2019-0564 | ASP.NET Core Denial of Service Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Revised the Security Updates table to
include PowerShell Core 6.1 and 6.2 because they are affected
by CVE-2019-0564. See
https://github.com/PowerShell/Announcements/issues/12 for more
information.
– Originally posted: January 8, 2018
– Updated: January 15, 2019
– Aggregate CVE Severity Rating: Important
– Version: 2.0
– CVE-2019-0624 | Skype for Business 2015 Spoofing Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Information published.
– Originally posted: January 15, 2018
– Updated: N/A
– Aggregate CVE Severity Rating: Important
– Version: 1.0
– CVE-2019-0646 | Team Foundation Server Cross-site Scripting
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Information published.
– Originally posted: January 15, 2018
– Updated: N/A
– Aggregate CVE Severity Rating: Important
– Version: 1.0
– CVE-2019-0647 | Team Foundation Server Information Disclosure
Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Information published.
– Originally posted: January 15, 2018
– Updated: N/A
– Aggregate CVE Severity Rating: Moderate
