Overview
Microsoft released the Spetember 2019 security patch on Tuesday that fixes 81 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Core, .NET Framework, Active Directory, Adobe Flash Player, ASP.NET, Common Log File System Driver, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft Yammer, Project Rome, Servicing Stack Updates, Skype for Business and Microsoft Lync, Team Foundation Server, Visual Studio, Windows Hyper-V, Windows Kernel, and Windows RDP.
Details can be found in the following table.
| Product | CVE ID | CVE Title | Severity Level |
| .NET Core | CVE-2019-1301 | .NET Core Denial-of-Service Vulnerability | Important |
| .NET Framework | CVE-2019-1142 | .NET Framework Privilege Escalation Vulnerability | Important |
| Active Directory | CVE-2019-1273 | Active Directory Federation Services XSS Vulnerability | Important |
| Adobe Flash Player | ADV190022 | September 2019 Adobe Flash Security Update | Critical |
| ASP.NET | CVE-2019-1302 | ASP.NET Core Elevation Of Privilege Vulnerability | Important |
| Common Log File System Driver | CVE-2019-1214 | Windows Common Log File System Driver Privilege Escalation Vulnerability | Important |
| Common Log File System Driver | CVE-2019-1282 | Windows Common Log File System Driver Information Disclosure Vulnerability | Important |
| Microsoft Browsers | CVE-2019-1220 | Microsoft Browser Security Feature Bypass Vulnerability | Important |
| Microsoft Edge | CVE-2019-1299 | Microsoft Edge based on Edge HTML Information Disclosure Vulnerability | Important |
| Microsoft Exchange Server | CVE-2019-1233 | Microsoft Exchange Denial-of-Service Vulnerability | Important |
| Microsoft Exchange Server | CVE-2019-1266 | Microsoft Exchange Spoofing Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1216 | DirectX Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1244 | DirectWrite Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1245 | DirectWrite Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1251 | DirectWrite Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1252 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1283 | Microsoft Graphics Components Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1284 | DirectX Privilege Escalation Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1286 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1240 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1241 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1242 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1243 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1246 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1247 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1248 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1249 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1250 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-1297 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-1263 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2019-1264 | Microsoft Office Security Feature Bypass Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-1257 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2019-1259 | Microsoft SharePoint Spoofing Vulnerability | Moderate |
| Microsoft Office SharePoint | CVE-2019-1260 | Microsoft SharePoint Privilege Escalation Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-1261 | Microsoft SharePoint Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-1262 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-1295 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2019-1296 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-1208 | VBScript Remote Code Execution Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1221 | Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1236 | VBScript Remote Code Execution Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Windows | CVE-2019-1215 | Windows Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1219 | Windows Transaction Manager Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-1267 | Microsoft Compatibility Appraiser Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1268 | Winlogon Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1269 | Windows ALPC Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1270 | Microsoft Windows Store Installer Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1271 | Windows Media Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1272 | Windows ALPC Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1235 | Windows Text Service Framework Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1253 | Windows Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1277 | Windows Audio Service Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1278 | Windows Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1280 | LNK Remote Code Execution Vulnerability | Critical |
| Microsoft Windows | CVE-2019-1287 | Windows Network Connectivity Assistant Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1289 | Windows Update Delivery Optimization Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1292 | Windows Denial-of-Service Vulnerability | Important |
| Microsoft Windows | CVE-2019-1294 | Windows Secure Boot Security Feature Bypass Vulnerability | Important |
| Microsoft Windows | CVE-2019-1303 | Windows Privilege Escalation Vulnerability | Important |
| Microsoft Yammer | CVE-2019-1265 | Microsoft Yammer Security Feature Bypass Vulnerability | Important |
| Project Rome | CVE-2019-1231 | Rome SDK Information Disclosure Vlunerability | Important |
| Servicing Stack Updates | ADV990001 | Latest Servicing Stack Updates | Critical |
| Skype for Business and Microsoft Lync | CVE-2019-1209 | Lync 2013 Information Disclosure Vlunerability | Important |
| Team Foundation Server | CVE-2019-1305 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Team Foundation Server | CVE-2019-1306 | Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability | Critical |
| Visual Studio | CVE-2019-1232 | Diagnostics Hub Standard Collector Service Privilege Escalation Vulnerability | Important |
| Windows Hyper-V | CVE-2019-0928 | Windows Hyper-V Denial-of-Service Vulnerability | Important |
| Windows Hyper-V | CVE-2019-1254 | Windows Hyper-V Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2019-1274 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2019-1256 | Win32k Privilege Escalation Vulnerability | Important |
| Windows Kernel | CVE-2019-1285 | Win32k Privilege Escalation Vulnerability | Important |
| Windows Kernel | CVE-2019-1293 | Windows SMB Client Driver Information Disclosure Vulnerability | Important |
| Windows RDP | CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Windows RDP | CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Windows RDP | CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Windows RDP | CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
Recommended Mitigation Measures
Microsoft has released security updates to fix these issues. Please download and install them as soon as possible.
Statement
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.
About NSFOCUS
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.
NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).
A wholly owned subsidiary of NSFOCUS Information Technology Co. Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.
Download: Microsoft Released September Patches to Fix 81 Security Vulnerabilities Threat Alert
