Today’s VERT Alert addresses Microsoft’s September 2019 Security Updates
. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-849 on Wednesday, September 11th.In-The-Wild & Disclosed CVEsCVE-2019-1214
An elevation of privilege vulnerability in the Windows Common Log File System (CLFS) driver can allow an attacker to run processes in an elevated context. Microsoft has reported this as being exploited and credited the Qihoo 360 Vulcan Team with reporting the vulnerability.Microsoft has rated this as a 3 (Exploitation Unlikely) on the latest software release and as a 1 (Exploitation More Likely) on older software releases on the Exploitability Index
An elevation of privilege vulnerability in Winsock (ws2ifsl.sys) can allow an attacker to execute code in an elevated context. Microsoft has also reported this as being exploited but there’s no official acknowledgement for the discovery / reporting of the vulnerability.Microsoft has rated this as a 1 (Exploitation More Likely) on the Exploitability Index
On systems that have installed an Input Method Editor (IME), attackers can inject commands and read input via a malicious IME because the Windows Text Service Framework (TSF) server ..