HKCert
HKCERT logo Hong Kong Computer Emergency Response Team Coordination Centre

HKCERT logo Hong Kong Computer Emergency Response Team Coordination Centre

  

Microsoft Monthly Security Update (Sep 2019)

Release Date: 11 / 09 / 2019
Last Update: 11 / 09 / 2019
Risk Level:  


Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
BrowserModerately Critical Medium RiskSecurity Restriction Bypass
Remote Code Execution
Information Disclosure
 
Developer ToolsModerately Critical Medium RiskElevation of Privilege
Denial of Service
Remote Code Execution
Information Disclosure
Spoofing
 
Exchange ServerModerately Critical Medium RiskDenial of Service
Spoofing
 
Microsoft OfficeModerately Critical Medium RiskSecurity Restriction Bypass
Remote Code Execution
Elevation of Privilege
Spoofing
Information Disclosure
 
WindowsModerately Critical Medium RiskRemote Code Execution
Security Restriction Bypass
Elevation of Privilege
Information Disclosure
Denial of Service
Spoofing

Exploited in the wild (Local Exploit):
CVE-2019-1214
CVE-2019-1215

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 5

Evaluation of overall 'Risk Level': Medium Risk

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing
  • Microsoft Office
  • Browser
  • Developer Tools
  • Exchange Server
  • Windows

 

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor.