Microsoft September Patch Tuesday fix 64 security issues
Microsoft released the September Patch Tuesday, fixing 64 security issues ranging from simple spoofing attacks to remote code execution, involving more than 20 products.
Vulnerability Overview
The products involved are as follows:
.NET Core, .NET Framework, Adobe Flash Player, Azure, Device Guard, Internet Explorer, Microsoft Edge, Microsoft Graphics Component, Microsoft Identity Services, Microsoft JET Database Engine, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows, Microsoft XML Core Services , Windows Hyper-V, Windows Kernel, Windows Media, Windows Shell, Windows SMB Server, and Windows Subsystem for Linux.
Related information is as follows:
Product | CVE number | CVE title |
.NET Core | CVE-2018-8409 | System.IO.Pipelines Denial of Service |
.NET Framework | CVE-2018-8421 | .NET Framework Remote Code Execution Vulnerability |
Adobe Flash Player | ADV180023 | September 2018 Adobe Flash Security Update |
Azure | CVE-2018-8479 | Azure IoT SDK Spoofing Vulnerability |
Device Guard | CVE-2018-8449 | Device Guard Security Feature Bypass Vulnerability |
Internet Explorer | CVE-2018-8461 | Internet Explorer Memory Corruption Vulnerability |
Internet Explorer | CVE-2018-8447 | Internet Explorer Memory Corruption Vulnerability |
Internet Explorer | CVE-2018-8470 | Internet Explorer Security Feature Bypass Vulnerability |
Microsoft Edge | CVE-2018-8425 | Microsoft Edge Spoofing Vulnerability |
Microsoft Edge | CVE-2018-8366 | Microsoft Edge Information Disclosure Vulnerability |
Microsoft Edge | CVE-2018-8463 | Microsoft Edge privilege elevation vulnerability |
Microsoft Edge | CVE-2018-8464 | Microsoft Edge PDF Remote Code Execution Vulnerability |
Microsoft Edge | CVE-2018-8469 | Microsoft Edge privilege elevation vulnerability |
Microsoft Graphics Component | CVE-2018-8422 | Windows GDI Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2018-8424 | Windows GDI Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2018-8433 | Microsoft Graphics Component Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2018-8462 | DirectX Graphics Kernel Privilege Escalation Vulnerability |
Microsoft Graphics Component | CVE-2018-8475 | Windows Remote Code Execution Vulnerability |
Microsoft Graphics Component | CVE-2018-8332 | Win32k Graphics Remote Code Execution Vulnerability |
Microsoft Identity Services | CVE-2018-8269 | OData Denial of Service Vulnerability |
Microsoft JET Database Engine | CVE-2018-8392 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
Microsoft JET Database Engine | CVE-2018-8393 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8426 | Microsoft Office SharePoint XSS Vulnerability |
Microsoft Office | CVE-2018-8428 | Microsoft SharePoint privilege elevation vulnerability |
Microsoft Office | CVE-2018-8429 | Microsoft Excel Information Disclosure Vulnerability |
Microsoft Office | CVE-2018-8430 | Word PDF Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8431 | Microsoft SharePoint privilege elevation vulnerability |
Microsoft Office | CVE-2018-8331 | Microsoft Excel Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8474 | Lync for Mac 2011 Security Feature Bypass Vulnerability |
Microsoft Scripting Engine | CVE-2018-8315 | Microsoft Scripting Engine Information Disclosure Vulnerability |
Microsoft Scripting Engine | CVE-2018-8367 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8354 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8391 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8452 | Scripting Engine Information Disclosure Vulnerability |
Microsoft Scripting Engine | CVE-2018-8456 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8457 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8459 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8465 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8466 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8467 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Windows | CVE-2018-8271 | Windows Information Disclosure Vulnerability |
Microsoft Windows | CVE-2018-8410 | Windows Registry privilege elevation vulnerability |
Microsoft Windows | ADV180022 | Windows Denial of Service Vulnerability |
Microsoft Windows | CVE-2018-8438 | Windows Hyper-V Denial of Service Vulnerability |
Microsoft Windows | CVE-2018-8440 | Windows ALPC Privilege Escalation Vulnerability |
Microsoft XML Core Services | CVE-2018-8420 | MS XML Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2018-0965 | Windows Hyper-V Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2018-8434 | Windows Hyper-V Information Disclosure Vulnerability |
Windows Hyper-V | CVE-2018-8435 | Windows Hyper-V Security Feature Bypass Vulnerability |
Windows Hyper-V | CVE-2018-8436 | Windows Hyper-V Denial of Service Vulnerability |
Windows Hyper-V | CVE-2018-8437 | Windows Hyper-V Denial of Service Vulnerability |
Windows Hyper-V | CVE-2018-8439 | Windows Hyper-V Remote Code Execution Vulnerability |
Windows Kernel | CVE-2018-8336 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8442 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8443 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8445 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8446 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8455 | Windows Kernel Privilege Escalation Vulnerability |
Windows Media | CVE-2018-8419 | Windows Kernel Information Disclosure Vulnerability |
Windows Shell | CVE-2018-8468 | Windows privilege elevation vulnerability |
Windows SMB Server | CVE-2018-8335 | Windows SMB Denial of Service Vulnerability |
Windows SMB Server | CVE-2018-8444 | Windows SMB Information Disclosure Vulnerability |
Windows Subsystem for Linux | CVE-2018-8337 | Windows Subsystem for Linux Security Feature Bypass Vulnerability |
Windows Subsystem for Linux | CVE-2018-8441 | Windows Subsystem for Linux Privilege Escalation Vulnerability |
Microsoft officially has released an update patch, please update your system.