Category: Microsoft|Sep 16, 2019 | Author: Admin

Microsoft September Patch Tuesday Addresses Two Actively Exploited Zero-Day Bugs

Share on

This Tuesday, Microsoft has rolled-out its scheduled monthly updates for 80 different bugs. Notably, the September Patch Tuesday update bundle from Microsoft brings fixes for two zero-day bugs under active exploit.

Patches For Actively Exploited Zero-Day Vulnerabilities The most noteworthy fixes in Microsoft September Patch Tuesday bundle includes ones for two zero-day bugs under active exploit. These two zero-days precisely are privilege escalation bugs. While both of these attained important severity rating, they became a problem owing to their active exploitation in the wild. The first of these is an EoP in the Windows Common Log File System Driver (CVE-2019-1214). The bug existed due to improper object handling in the memory by Windows CLFS. Upon an exploit, the flaw could let an attacker execute processes with elevated user privileges. Regarding the exploit condition, Microsoft stated in their advisory,

To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control of the affected system.

Whereas, the other EoP existed in the ws2ifsl.sys (Winsock) owing to improper object handling in memory. Regarding this Windows vulnerability (CVE-2019-1215), Microsoft explained in the advisory,

An attacker who successfully exploited the vulnerability could execute code with elevated privileges. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

Other Microsoft September Patch Tuesday Updates Apart from the two zero-days, Microsoft has also patched 79 other bugs with this update bundle. These include 17 critical vulnerabilities that could allow remote code execution upon an exploit. Of these, 4 existed in the Remote Desktop Client, 5 in the Chakra Scripting Engine, 2 in VBScript, 3 in Microsoft SharePoint, and 1 RCE bug each in Scripting Engine, .LNK file processing, and Azure DevOps Server (ADO) and Team Foundation Server (TFS). Microsoft also fixed 60 other important severity bugs in various products. These bugs, upon exploit, could result in information disclosure, spoofing, the elevation of privileges, or even remote code execution. In addition, Microsoft also patched a moderate severity spoofing vulnerability (CVE-2019-1259), in Microsoft SharePoint. In August, Microsoft addressed 93 vulnerabilities with its Patch Tuesday bundle, more than the ones addressed this month. However, the previous month’s patches did not include any actively exploited bugs. Make sure to update your systems at the earliest to stay protected from potential attacks.

Sponsored Ads:

Comments:


Microsoft says having a TPM is "non-negotiable" for Windows 11

Category: Microsoft|Dec 5, 2024 | Author: Admin

Japan warns of IO-Data zero-day router flaws exploited in attacks

Category: IT|Dec 4, 2024 | Author: Admin

Korea arrests CEO for adding DDoS feature to satellite receivers

Category: IT|Dec 3, 2024 | Author: Admin

Google Chrome’s AI feature lets you quickly check website trustworthiness

Category: Google|Dec 2, 2024 | Author: Admin

Novel phising campaign uses corrupted Word documents to evade security

Category: IT|Dec 1, 2024 | Author: Admin

SpyLoan Android malware on Google play installed 8 million times

Category: Google|Nov 30, 2024 | Author: Admin

New Windows Server 2012 zero-day gets free, unofficial patches

Category: Microsoft|Nov 29, 2024 | Author: Admin

Microsoft re-releases Exchange updates after fixing mail delivery

Category: Microsoft|Nov 28, 2024 | Author: Admin

Cloudflare says it lost 55% of logs pushed to customers for 3.5 hours

Category: IT|Nov 27, 2024 | Author: Admin

Hackers exploit critical bug in Array Networks SSL VPN products

Category: IT|Nov 26, 2024 | Author: Admin

Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint

Category: Microsoft|Nov 25, 2024 | Author: Admin

Meta removes over 2 million accounts pushing pig butchering scams

Category: IT|Nov 24, 2024 | Author: Admin

Hackers abuse Avast anti-rootkit driver to disable defenses

Category: IT|Nov 23, 2024 | Author: Admin

Windows 11 KB5046740 update released with 14 changes and fixes

Category: Microsoft|Nov 22, 2024 | Author: Admin

Fortinet VPN design flaw hides successful brute-force attacks

Category: IT|Nov 21, 2024 | Author: Admin
more