Today Microsoft released fixes for 79 separate security flaws, affecting products across much of their portfolio. Two of these have been seen exploited in the wild: CVE-2019-1214 and CVE-2019-1215 are both privilege elevation vulnerabilities affecting all supported versions of Windows, one in the log file driver and the other in the WinSock Installable File System (IFS) driver. Three other vulnerabilities had been publicly disclosed before today. Two of them (CVE-2019-1235 and CVE-2019-1253) also allow privilege elevation on Windows systems, and CVE-2019-1294 is a secure boot bypass on Windows 10 and Server 2019 systems. An attacker able to gain physical access to a system could exploit certain debugging functionality and access protected kernel memory.
Remote Desktop Protocol (RDP) vulnerabilities have been top of mind for many security practitioners lately, with a public exploit for the "wormable" BlueKeep vulnerability from May (CVE-2019-0708) released late last week and seven other RDP flaws patched with August's updates. This month, four new RDP vulnerabilities, all allowing Remote Code Execution (RCE) and considered Critical, were patched. In a slight twist, these are all client-side ..
Support the originator by clicking the read the rest link below.
