Security
Microsoft has published today 80 security fixes across 15 products and services, as part of the company's monthly batch of security updates, known as Patch Tuesday.
Of the 80 vulnerabilities patched today, two are so-called zero-days -- security flaws that had been exploited in the wild before Microsoft released fixes.
Two zero-days
The two zero-days are CVE-2019-1214 and CVE-2019-1215. Both are elevation of privilege (EoP) vulnerabilities. These types of vulnerabilities are usually exploited by malware to gain the ability to run malicious code with administrator privileges on (previously) infected hosts.
The first bug, CVE-2019-1214, is an EoP in the Windows Common Log File System (CLFS) driver. The second, CVE-2019-1215, impacts the ws2ifsl.sys (Winsock) service.
As usual, Microsoft didn't reveal any details of how the two bugs were being exploited in the wild, only acknowledging a security researcher from Qihoo 360 Vulcan Team with discovering the first.
New RDP vulnerabilities
All in all, this month's Patch Tuesday is as bulky as all the Patch Tuesday releases have been in recent months, which have regularly ballooned at over 70 fixed bugs on a regular basis.
Also just like in recent months, Microsoft patched remote code execution bugs in the Remote Desktop Protocol. This month, there have been only two -- CVE-2019-1290 and CVE-2019-1291.
Both bugs were discovered by Microsoft's internal team, and unlike the BlueKeep and DejaBlue vulnerabilities disclosed in May and August, Microsoft didn't say if these two could be abused to create self-spreading wormable malware/exploits.
Non-Microsoft security updates
Since the Microsoft Patch Tuesday is also the day when other vendors release security patches, system administrators may also want to install patches released today by Adobe and SAP.
More in-depth information on today's Patch Tuesday updates is available on Microsoft's official Security Update Guide portal. Readers can also check out the table embedded below, this Patch Tuesday report generated by ZDNet, or this one, put together by Trend Micro.
| Tag | CVE ID | CVE Title |
|---|---|---|
| Adobe Flash Player | ADV190022 | September 2019 Adobe Flash Security Update |
| Servicing Stack Updates | ADV990001 | Latest Servicing Stack Updates |
| .NET Core | CVE-2019-1301 | .NET Core Denial of Service Vulnerability |
| .NET Framework | CVE-2019-1142 | .NET Framework Elevation of Privilege Vulnerability |
| Active Directory | CVE-2019-1273 | Active Directory Federation Services XSS Vulnerability |
| ASP.NET | CVE-2019-1302 | ASP.NET Core Elevation Of Privilege Vulnerability |
| Common Log File System Driver | CVE-2019-1282 | Windows Common Log File System Driver Information Disclosure Vulnerability |
| Common Log File System Driver | CVE-2019-1214 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Microsoft Browsers | CVE-2019-1220 | Microsoft Browser Security Feature Bypass Vulnerability |
| Microsoft Edge | CVE-2019-1299 | Microsoft Edge based on Edge HTML Information Disclosure Vulnerability |
| Microsoft Exchange Server | CVE-2019-1233 | Microsoft Exchange Denial of Service Vulnerability |
| Microsoft Exchange Server | CVE-2019-1266 | Microsoft Exchange Spoofing Vulnerability |
| Microsoft Graphics Component | CVE-2019-1245 | DirectWrite Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2019-1252 | Windows GDI Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2019-1284 | DirectX Elevation of Privilege Vulnerability |
| Microsoft Graphics Component | CVE-2019-1283 | Microsoft Graphics Components Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2019-1216 | DirectX Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2019-1286 | Windows GDI Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2019-1244 | DirectWrite Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2019-1251 | DirectWrite Information Disclosure Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1248 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1246 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1243 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1247 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1241 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1240 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1250 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1249 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2019-1242 | Jet Database Engine Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2019-1264 | Microsoft Office Security Feature Bypass Vulnerability |
| Microsoft Office | CVE-2019-1263 | Microsoft Excel Information Disclosure Vulnerability |
| Microsoft Office | CVE-2019-1297 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office SharePoint | CVE-2019-1259 | Microsoft SharePoint Spoofing Vulnerability |
| Microsoft Office SharePoint | CVE-2019-1260 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office SharePoint | CVE-2019-1295 | Microsoft SharePoint Remote Code Execution Vulnerability |
| Microsoft Office SharePoint | CVE-2019-1257 | Microsoft SharePoint Remote Code Execution Vulnerability |
| Microsoft Office SharePoint | CVE-2019-1296 | Microsoft SharePoint Remote Code Execution Vulnerability |
| Microsoft Office SharePoint | CVE-2019-1262 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Office SharePoint | CVE-2019-1261 | Microsoft SharePoint Spoofing Vulnerability |
| Microsoft Scripting Engine | CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2019-1208 | VBScript Remote Code Execution Vulnerability |
| Microsoft Scripting Engine | CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2019-1221 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2019-1236 | VBScript Remote Code Execution Vulnerability |
| Microsoft Windows | CVE-2019-1219 | Windows Transaction Manager Information Disclosure Vulnerability |
| Microsoft Windows | CVE-2019-1280 | LNK Remote Code Execution Vulnerability |
| Microsoft Windows | CVE-2019-1277 | Windows Audio Service Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1278 | Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1215 | Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1289 | Windows Update Delivery Optimization Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1292 | Windows Denial of Service Vulnerability |
| Microsoft Windows | CVE-2019-1294 | Windows Secure Boot Security Feature Bypass Vulnerability |
| Microsoft Windows | CVE-2019-1287 | Windows Network Connectivity Assistant Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1270 | Microsoft Windows Store Installer Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1235 | Windows Text Service Framework Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1271 | Windows Media Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1303 | Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1272 | Windows ALPC Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1269 | Windows ALPC Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1253 | Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1267 | Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2019-1268 | Winlogon Elevation of Privilege Vulnerability |
| Microsoft Yammer | CVE-2019-1265 | Microsoft Yammer Security Feature Bypass Vulnerability |
| Project Rome | CVE-2019-1231 | Rome SDK Information Disclosure Vulnerability |
| Skype for Business and Microsoft Lync | CVE-2019-1209 | Lync 2013 Information Disclosure Vulnerability |
| Team Foundation Server | CVE-2019-1305 | Team Foundation Server Cross-site Scripting Vulnerability |
| Team Foundation Server | CVE-2019-1306 | Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability |
| Visual Studio | CVE-2019-1232 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability |
| Windows Hyper-V | CVE-2019-0928 | Windows Hyper-V Denial of Service Vulnerability |
| Windows Hyper-V | CVE-2019-1254 | Windows Hyper-V Information Disclosure Vulnerability |
| Windows Kernel | CVE-2019-1274 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2019-1293 | Windows SMB Client Driver Information Disclosure Vulnerability |
| Windows Kernel | CVE-2019-1285 | Win32k Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2019-1256 | Win32k Elevation of Privilege Vulnerability |
| Windows RDP | CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability |
| Windows RDP | CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability |
| Windows RDP | CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability |
| Windows RDP | CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability |