The Cyber Source blog

Cyber Security and NOC Knowhow™, in plain English

Threat Intel September 2019: 79 vulnerabilities including 17 critical

Threat Intelligence.

September 2019 Threat Intelligence (CRITICAL ALERT)

This month, Microsoft have patched 79 vulnerabilities; 17 of which are ranked critical and 61 marked as important.

Additionally, Microsoft have released 2 advisories and updates for the 79 vulnerabilities, so we recommend all users install these security updates to protect from further security risks.

Full information on this months patches can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance


Important fixes

In the August security release, a Google researcher discovered multiple Windows CTF vulnerabilities that would allow hackers with low access to launch programs with elevated privileges.

During August Patch Tuesday, Microsoft also fixed a related vulnerability (CVE-2019-1162), but indicated that other vulnerabilities will be fixed in later updates.

As part of September's security updates, Microsoft has released another fix for these flaws titled "CVE-2019-1235 - Windows Text Service Framework Elevation of Privilege Vulnerability".

"An attacker who successfully exploited this vulnerability could inject commands or read input sent through a malicious Input Method Editor (IME). This only affects systems that have installed an IME.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system."

Let's not forget the Remote Desktop vulnerabilities 

Patch Tuesday would not be complete without Remote Desktop vulnerabilities.

Microsoft has fixed 4 vulnerabilities with IDs:

These can allow remote code execution if connecting to a malicious server. 

An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The publicly released vulnerabilities

  • CVE-2019-1235 - Windows Text Service Framework Elevation of Privilege Vulnerability
  • CVE-2019-1253 - Windows Elevation of Privilege Vulnerability
  • CVE-2019-1294 - Windows Secure Boot Security Feature Bypass Vulnerability

Two advisories have been released 

As well as the security updates, Microsoft released two advisories that eliminate two critical vulnerabilities in Adobe Flash and a new updates for Windows 10.

  • ADV190022 - September 2019 Adobe Flash Security Update

  • ADV990001 - Latest update for Windows 10

Patching is important...

Security vulnerabilities are the 'low hanging fruit' for hackers. Patching is essential to keep your information safe. It is also good practice to back up your system or at least your data before you apply any updates.

Customers are advised to follow these security tips:

  • Install vendor patches immediately when available.
  • Run all software with least privileges while still maintaining functionality.
  • Do not handle files from questionable sources.
  • Avoid visiting sites with unknown integrity.
  • Block external access at the network perimeter to all key systems unless access is necessary.

CIO-Expert-Step-by-Step-Guide-to-Cyber-Security-Improvement


Related articles:



About Comtact Ltd.

Comtact Ltd. is a government-approved Cyber Security and IT Managed Service Provider, supporting clients 24/7 from our ISO27001-accredited UK Security Operations Centre (SOC).

Located at the heart of a high security, controlled-access Tier 3 data centre, Comtact's state-of-the-art UK Cyber Defence Centre (SOC) targets, hunts & disrupts hacker behaviour, as part of a multi-layered security defence, to help secure some of the UK's leading organisations.

Explore our 24/7 Security Operations Centre (SOC)

SHARE THIS STORY | |

Sign-up for weekly updates

Recent Posts

Recent Posts