This month we got patches for 79 vulnerabilities total. Two of them (CVE-2019-1214 and CVE-2019-1215) are being exploited, and three were previously disclosed (CVE-2019-1253, CVE-2019-1235, and CVE-2019-1294). 

The exploited vulnerabilities (CVE-2019-1214 and CVE-2019-1215) affects Windows Common Log File System (CLFS) driver and ws2ifsl.sys (Winsock), respectively. Both are privilege escalation vulnerabilities and may allow a local attacker to run processes in elevated privileges.

Amongst critical vulnerabilities, it’s worth mentioning the LNK Remote Code Execution Vulnerability (CVE-2019-1280). It could allow remote code execution if an .LNK file is processed. An attacker may exploit this vulnerability by presenting the user a removable drive or a remote share containing a malicious.LNK file associated with a malicious binary. Once the user opens the drive (removable or shared), the malicious binary will execute on the user’s system. Notice that the user doesn’t need to execute the LNK file. It is enough to have the malicious .LNK parsed by Windows Explorer or any other application that parses .LNK files.

See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Core Denial of Service Vulnerability
%%cve:2019-1301%% No No Less Likely Less Likely Important    
.NET Framework Elevation of Privilege Vulnerability
%%cve:2019-1142%% No No Less Likely Less Likely Important    
ASP.NET Core Elevation Of Privilege Vulnerability
%%cve:2019-1302%% No No Less Likely Less Likely Important    
Active Directory Federation Services XSS Vulnerability
%%cve:2019-1273%% No No Less Likely Less Likely Important 8.2 7.4
Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability
%%cve:2019-1306%% No No Less Likely Less Likely Critical    
Chakra Scripting Engine Memory Corruption Vulnerability
%%cve:2019-1138%% No No Critical 4.2 3.8
%%cve:2019-1217%% No No Critical 4.2 3.8
%%cve:2019-1237%% No No Less Likely Less Likely Critical 4.2 3.8
%%cve:2019-1298%% No No Critical 4.2 3.8
%%cve:2019-1300%% No No Critical 4.2 3.8
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
%%cve:2019-1232%% No No Less Likely Less Likely Important 7.8 7.0
DirectWrite Information Disclosure Vulnerability
%%cve:2019-1244%% No No Less Likely Less Likely Important 6.5 5.9
%%cve:2019-1245%% No No Less Likely Less Likely Important 6.5 5.9
%%cve:2019-1251%% No No Less Likely Less Likely Important 5.5 5.0
DirectX Elevation of Privilege Vulnerability
%%cve:2019-1284%% No No Important 7.8 7.0
DirectX Information Disclosure Vulnerability
%%cve:2019-1216%% No No Important 5.5 5.1
Jet Database Engine Remote Code Execution Vulnerability
%%cve:2019-1240%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1241%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1242%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1243%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1246%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1247%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1248%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1249%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1250%% No No Less Likely Less Likely Important 7.8 7.0
LNK Remote Code Execution Vulnerability
%%cve:2019-1280%% No No Less Likely Less Likely Critical 7.3 6.6
Latest Servicing Stack Updates
ADV990001 No No Critical    
Lync 2013 Information Disclosure Vulnerability
%%cve:2019-1209%% No No Important    
Microsoft Browser Security Feature Bypass Vulnerability
%%cve:2019-1220%% No No Less Likely Less Likely Important 2.4 2.2
Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability
%%cve:2019-1267%% No No Less Likely Less Likely Important 7.3 6.6
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
%%cve:2019-1299%% No No Important 4.3 3.9
Microsoft Excel Information Disclosure Vulnerability
%%cve:2019-1263%% No No Less Likely Less Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2019-1297%% No No Less Likely Less Likely Important    
Microsoft Exchange Denial of Service Vulnerability
%%cve:2019-1233%% No No Less Likely Less Likely Important    
Microsoft Exchange Spoofing Vulnerability
%%cve:2019-1266%% No No Less Likely Less Likely Important    
Microsoft Graphics Components Information Disclosure Vulnerability
%%cve:2019-1283%% No No Important 5.5 5.0
Microsoft Office Security Feature Bypass Vulnerability
%%cve:2019-1264%% No No Important    
Microsoft Office SharePoint XSS Vulnerability
%%cve:2019-1262%% No No Important    
Microsoft SharePoint Elevation of Privilege Vulnerability
%%cve:2019-1260%% No No Less Likely Less Likely Important    
Microsoft SharePoint Remote Code Execution Vulnerability
%%cve:2019-1257%% No No More Likely More Likely Critical    
%%cve:2019-1295%% No No More Likely More Likely Critical    
%%cve:2019-1296%% No No More Likely More Likely Critical    
Microsoft SharePoint Spoofing Vulnerability
%%cve:2019-1259%% No No Moderate    
%%cve:2019-1261%% No No Less Likely Less Likely Important    
Microsoft Windows Store Installer Elevation of Privilege Vulnerability
%%cve:2019-1270%% No No Less Likely Less Likely Important 6.3 5.7
Microsoft Yammer Security Feature Bypass Vulnerability
%%cve:2019-1265%% No No Less Likely Less Likely Important    
Remote Desktop Client Remote Code Execution Vulnerability
%%cve:2019-0787%% No No More Likely More Likely Critical 7.5 6.7
%%cve:2019-0788%% No No More Likely More Likely Critical 7.5 6.7
%%cve:2019-1290%% No No More Likely More Likely Critical 7.5 6.7
%%cve:2019-1291%% No No More Likely More Likely Critical 7.5 6.7
Rome SDK Information Disclosure Vulnerability
%%cve:2019-1231%% No No Less Likely Less Likely Important    
Scripting Engine Memory Corruption Vulnerability
%%cve:2019-1221%% No No Critical 6.4 5.8
September 2019 Adobe Flash Security Update
ADV190022 No No Less Likely Less Likely Critical    
Team Foundation Server Cross-site Scripting Vulnerability
%%cve:2019-1305%% No No Less Likely Less Likely Important    
VBScript Remote Code Execution Vulnerability
%%cve:2019-1208%% No No Less Likely Less Likely Critical 6.4 5.8
%%cve:2019-1236%% No No Less Likely Less Likely Critical 6.4 5.8
Win32k Elevation of Privilege Vulnerability
%%cve:2019-1256%% No No More Likely Unlikely Important 7.8 7.0
%%cve:2019-1285%% No No More Likely More Likely Important 7.8 7.0
Windows ALPC Elevation of Privilege Vulnerability
%%cve:2019-1269%% No No Less Likely Less Likely Important 6.3 5.7
%%cve:2019-1272%% No No Less Likely Less Likely Important 6.3 5.7
Windows Audio Service Elevation of Privilege Vulnerability
%%cve:2019-1277%% No No Less Likely Less Likely Important 7.8 7.0
Windows Common Log File System Driver Elevation of Privilege Vulnerability
%%cve:2019-1214%% No Yes More Likely Unlikely Important 7.8 7.0
Windows Common Log File System Driver Information Disclosure Vulnerability
%%cve:2019-1282%% No No Less Likely Less Likely Important 5.5 5.0
Windows Denial of Service Vulnerability
%%cve:2019-1292%% No No Less Likely Less Likely Important 5.8 5.2
Windows Elevation of Privilege Vulnerability
%%cve:2019-1215%% No Yes More Likely More Likely Important 7.8 7.0
%%cve:2019-1253%% Yes No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1278%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1303%% No No Less Likely Less Likely Important    
Windows GDI Information Disclosure Vulnerability
%%cve:2019-1252%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2019-1286%% No No Less Likely Less Likely Important 5.5 5.0
Windows Hyper-V Denial of Service Vulnerability
%%cve:2019-0928%% No No Important 5.4 4.9
Windows Hyper-V Information Disclosure Vulnerability
%%cve:2019-1254%% No No Less Likely Less Likely Important 5.5 5.0
Windows Kernel Information Disclosure Vulnerability
%%cve:2019-1274%% No No Less Likely Less Likely Important 6.3 5.7
Windows Media Elevation of Privilege Vulnerability
%%cve:2019-1271%% No No Less Likely Less Likely Important 7.0 6.3
Windows Network Connectivity Assistant Elevation of Privilege Vulnerability
%%cve:2019-1287%% No No Less Likely Less Likely Important 7.8 7.0
Windows SMB Client Driver Information Disclosure Vulnerability
%%cve:2019-1293%% No No Less Likely Less Likely Important 5.5 5.0
Windows Secure Boot Security Feature Bypass Vulnerability
%%cve:2019-1294%% Yes No Less Likely Less Likely Important 5.3 4.8
Windows Text Service Framework Elevation of Privilege Vulnerability
%%cve:2019-1235%% Yes No Less Likely Less Likely Important 7.8 7.0
Windows Transaction Manager Information Disclosure Vulnerability
%%cve:2019-1219%% No No More Likely More Likely Important 5.5 5.0
Windows Update Delivery Optimization Elevation of Privilege Vulnerability
%%cve:2019-1289%% No No Less Likely Less Likely Important 7.0 6.3
Winlogon Elevation of Privilege Vulnerability
%%cve:2019-1268%% No No Less Likely Less Likely Important 6.5 5.9

Total Vulnerabilities: 79


Renato Marinho
Morphus Labs| LinkedIn|Twitter

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

%d bloggers like this: