Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2019.0257
Multiple vulnerabilities have been identified in Microsoft Windows
11 September 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Windows
Operating System: Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Administrator Compromise -- Existing Account
Increased Privileges -- Existing Account
Access Privileged Data -- Existing Account
Overwrite Arbitrary Files -- Existing Account
Cross-site Scripting -- Existing Account
Denial of Service -- Existing Account
Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2019-1303 CVE-2019-1294 CVE-2019-1293
CVE-2019-1292 CVE-2019-1291 CVE-2019-1290
CVE-2019-1289 CVE-2019-1287 CVE-2019-1286
CVE-2019-1285 CVE-2019-1284 CVE-2019-1283
CVE-2019-1282 CVE-2019-1280 CVE-2019-1278
CVE-2019-1277 CVE-2019-1274 CVE-2019-1273
CVE-2019-1272 CVE-2019-1271 CVE-2019-1270
CVE-2019-1269 CVE-2019-1268 CVE-2019-1267
CVE-2019-1256 CVE-2019-1254 CVE-2019-1253
CVE-2019-1252 CVE-2019-1251 CVE-2019-1250
CVE-2019-1249 CVE-2019-1248 CVE-2019-1247
CVE-2019-1246 CVE-2019-1245 CVE-2019-1244
CVE-2019-1243 CVE-2019-1242 CVE-2019-1241
CVE-2019-1240 CVE-2019-1235 CVE-2019-1232
CVE-2019-1219 CVE-2019-1216 CVE-2019-1215
CVE-2019-1214 CVE-2019-0928 CVE-2019-0788
CVE-2019-0787
Member content until: Friday, October 11 2019
OVERVIEW
Microsoft has released its monthly security patch update for the month of September 2019. [1]
This update resolves 49 vulnerabilities across the following products:
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for 64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2019-0787
Remote Code Execution Critical
CVE-2019-0788
Remote Code Execution Critical
CVE-2019-0928
Denial of Service Important
CVE-2019-1214
Elevation of Privilege Important
CVE-2019-1215
Elevation of Privilege Important
CVE-2019-1216
Information Disclosure Important
CVE-2019-1219
Information Disclosure Important
CVE-2019-1232
Elevation of Privilege Important
CVE-2019-1235
Elevation of Privilege Important
CVE-2019-1240
Remote Code Execution Important
CVE-2019-1241
Remote Code Execution Important
CVE-2019-1242
Remote Code Execution Important
CVE-2019-1243
Remote Code Execution Important
CVE-2019-1244
Information Disclosure Important
CVE-2019-1245
Information Disclosure Important
CVE-2019-1246
Remote Code Execution Important
CVE-2019-1247
Remote Code Execution Important
CVE-2019-1248
Remote Code Execution Important
CVE-2019-1249
Remote Code Execution Important
CVE-2019-1250
Remote Code Execution Important
CVE-2019-1251
Information Disclosure Important
CVE-2019-1252
Information Disclosure Important
CVE-2019-1253
Elevation of Privilege Important
CVE-2019-1254
Information Disclosure Important
CVE-2019-1256
Elevation of Privilege Important
CVE-2019-1267
Elevation of Privilege Important
CVE-2019-1268
Elevation of Privilege Important
CVE-2019-1269
Elevation of Privilege Important
CVE-2019-1270
Elevation of Privilege Important
CVE-2019-1271
Elevation of Privilege Important
CVE-2019-1272
Elevation of Privilege Important
CVE-2019-1273
Spoofing Important
CVE-2019-1274
Information Disclosure Important
CVE-2019-1277
Elevation of Privilege Important
CVE-2019-1278
Elevation of Privilege Important
CVE-2019-1280
Remote Code Execution Critical
CVE-2019-1282
Information Disclosure Important
CVE-2019-1283
Information Disclosure Important
CVE-2019-1284
Elevation of Privilege Important
CVE-2019-1285
Elevation of Privilege Important
CVE-2019-1286
Information Disclosure Important
CVE-2019-1287
Elevation of Privilege Important
CVE-2019-1289
Elevation of Privilege Important
CVE-2019-1290
Remote Code Execution Critical
CVE-2019-1291
Remote Code Execution Critical
CVE-2019-1292
Denial of Service Important
CVE-2019-1293
Information Disclosure Important
CVE-2019-1294
Security Feature Bypass Important
CVE-2019-1303
Elevation of Privilege Important
MITIGATION
Microsoft recommends updating the software with the version made available on the Microsoft Update Cataloge for the following Knowledge Base articles. [1]
KB4516068, KB4516066, KB4516044, KB4516026, KB4516058
KB4516051, KB4512578, KB4516033, KB4516064, KB4516065
KB4515384, KB4516067, KB4516062, KB4516070, KB4516055
REFERENCES
[1] Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXXhCBWaOgq3Tt24GAQieSw//VVtBzjm/jxV6fXoT1dQsf/bxTvUro8KE
7UedUuNHX202cRCYkAqew8gkP63Qt1c1yqz0u4MDpAOQnJKryL/xkB9nWIAQiidU
ef6r5HpwdRJmW4Kv0vvR9txdlQ9qVxQ05ClWlnmcJPfX3CoeUOQ1JufNjin4FZ6T
l/IpPTSGz4gd4JUC0sYJ8dGPsCs5lAtmiFFLuCK1/uA9nvigtu7Ifcqj/P1lBs5c
XnEu3Y2de75DHPYESL1NvVbK7MGHo5NAm14HnLtjVBVa4FIcTPV5MoVNzIF59hah
nZK2BsDciIr0S5VUPEVSEKb4EkKvvbQwqEUVr6wL1x1XsQDD6YBXck4hzFcrlogw
vvEtIUNifJfMLLwzUvHmhLzITrRk/I3JmdQenACNx1K6WdXUMzvUPXqRh4/ZGyUc
p7aIaUS/ioGoxJnF6ygOt64gjAU00tnXQ+ZfPf/SxFFlYTrMuYSxQ9tY55CI0iam
66icBW+prCKlsOhgr6U9ZosdyNUNzUU73WLNrzlo5JtOxkzU4QvxlUZCQ3wtByk3
Xh0q4rP9cY0wIsnBnZlS5vpTX0hR2rilU+wqebygVGUt1lf1lNKiCUBwz32QqHx/
4E7OHmLkCMymIXFXOW0XqbcRi/xk3rA8QxX64c7NaqVfArIk0FigRUrGVAgzgatd
Gk/dUYW+6CU=
=qHtm
-----END PGP SIGNATURE-----