September Patch Bulletin

September Patch Bulletin

This month there are 80 unique CVE’s, 2 exploited or disclosed and 3 public. The most pressing issues this month are CVE-2019-1214  and CVE-2019-1215. Both are elevation of privilege (EoP) vulnerabilities. These types of vulnerabilities are usually exploited by malware to gain the ability to run malicious code with administrator privileges on (previously) infected hosts. We also pay close attention to CVE-2019-1253  and CVE-2019-1235 – both are privilege escalation vulnerabilities .

CVE-2019-1214 

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.

The security update addresses the vulnerability by correcting how CLFS handles objects in memory.

CVE-2019-1215 

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated privileges.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring that ws2ifsl.sys properly handles objects in memory.

CVE-2019-1253

An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.

To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.

The security update addresses the vulnerability by correcting how AppX Deployment Server handles junctions.

CVE-2019-1235

An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives. An attacker who successfully exploited this vulnerability could inject commands or read input sent through a malicious Input Method Editor (IME). This only affects systems that have installed an IME.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The security update addresses this vulnerability by correcting how the TSF server and client validate input from each other.

For additional details, please find the information from Microsoft below:

 

Technology Products Affected SeverityReferenceWorkaround/Exploited/ Publicly Disclosed Vulnerability Info
Internet ExplorerIE 9,10,11 CriticalCVE-2019-1208
CVE-2019-1220
CVE-2019-1221
CVE-2019-1236
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Security Feature Bypass
EdgeAllCriticalCVE-2019-1138
CVE-2019-1217
CVE-2019-1220
CVE-2019-1237
CVE-2019-1298
CVE-2019-1299
CVE-2019-1300
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Information Disclosure
Security Feature Bypass
Windows Windows 7, 8.1, 8.1 RT, 10
Server 2008/2008 R2
Sever 2012, 2012 R2
Server 2016
Server 2019
Critical CVE-2019-1267
CVE-2019-1268
CVE-2019-1269
CVE-2019-1270
CVE-2019-0787
CVE-2019-0788
CVE-2019-0928
CVE-2019-1214
CVE-2019-1215
CVE-2019-1271
CVE-2019-1272
CVE-2019-1273
CVE-2019-1274
CVE-2019-1216
CVE-2019-1219
CVE-2019-1277
CVE-2019-1278
CVE-2019-1280
CVE-2019-1232
CVE-2019-1235
CVE-2019-1240
CVE-2019-1285
CVE-2019-1286
CVE-2019-1287
CVE-2019-1288
CVE-2019-1289
CVE-2019-1241
CVE-2019-1242
CVE-2019-1243
CVE-2019-1244
CVE-2019-1245
CVE-2019-1291
CVE-2019-1292
CVE-2019-1293
CVE-2019-1294
CVE-2019-1303
CVE-2019-1246
CVE-2019-1247
CVE-2019-1248
CVE-2019-1249
CVE-2019-1250
CVE-2019-1251
CVE-2019-1252
CVE-2019-1253
CVE-2019-1254
CVE-2019-1255
CVE-2019-1256
CVE-2019-1282
CVE-2019-1283
CVE-2019-1284
CVE-2019-1290
Workaround: Yes
Exploited: No
Public: No
Information Disclosure
Elevation of Privilege
Remote Code Execution
Security Feature Bypass
Denial of Service
Tampering
Office, Office Services, Office Web AppsOffice 365 ProPlus, SharePoint 2010, 2013, 2016, 2019 Project 2010, 2013, 2016 Office 2010, 2013, 2016, 2019 Lync 2013 Excel 2010, 2013, 2016 2016 for Mac, 2019 for MacCriticalCVE-2019-1209
CVE-2019-1246
CVE-2019-1257
CVE-2019-1259
CVE-2019-1260
CVE-2019-1261
CVE-2019-1262
CVE-2019-1263
CVE-2019-1264
CVE-2019-1295
CVE-2019-1296
CVE-2019-1297
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Spoofing
Elevation of Privilege
Information Disclosure
AdobeAdobe Flash PlayerCriticalADV190022Workaround: Yes
Exploited: No
Public: No
Remote Code Execution
ChakraCoreChakraCoreCriticalCVE-2019-1138
CVE-2019-1217
CVE-2019-1237
CVE-2019-1298
CVE-2019-1300
Workaround: No
Exploited: No
Public: No
Remote Code Execution
.NET Core.NET Core 2.1, 2.2ImportantCVE-2019-1301Workaround: No
Exploited: No
Public: No
Denial of Service
Visual Studio2015 Update 3, 2017 15.0, 2017 15.9, 2019 16.0,
2019 16.2
ImportantCVE-2019-1232Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Team Foundation Server2015 Update 4.2, 2017 Update 3.1, 2018 Update 1.2, 3.2CriticalCVE-2019-1305
CVE-2019-1306
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Spoofing
Microsoft Exchange Server2026 CU12, CU13
2019 CU1, CU2
ImportantCVE-2019-1233
CVE-2019-1266
Workaround: No
Exploited: No
Public: Yes
Spoofing
Denial of Service
.NET Framework3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8ImportantCVE-2019-1142Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Microsoft YammerYammer for AndroidImportantCVE-2019-1265Workaround: No
Exploited: No
Public: No
Security Feature Bypass
ASP.NETCore 2.1, 2.2, 3.0ImportantCVE-2019-1302Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Project RomeSDK 1.4.1ImportantCVE-2019-1231Workaround: No
Exploited: No
Public: No
Information Disclosure

In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.