Wed. Nov 13th, 2019

Microsoft September Patch Tuesday fix 64 security issues

3 min read

Microsoft released the September Patch Tuesday, fixing 64 security issues ranging from simple spoofing attacks to remote code execution, involving more than 20 products.

Vulnerability Overview

The products involved are as follows:

.NET Core, .NET Framework, Adobe Flash Player, Azure, Device Guard, Internet Explorer, Microsoft Edge, Microsoft Graphics Component, Microsoft Identity Services, Microsoft JET Database Engine, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows, Microsoft XML Core Services , Windows Hyper-V, Windows Kernel, Windows Media, Windows Shell, Windows SMB Server, and Windows Subsystem for Linux.

Related information is as follows:

Product CVE number CVE title
.NET Core CVE-2018-8409 System.IO.Pipelines Denial of Service
.NET Framework CVE-2018-8421 .NET Framework Remote Code Execution Vulnerability
Adobe Flash Player ADV180023 September 2018 Adobe Flash Security Update
Azure CVE-2018-8479 Azure IoT SDK Spoofing Vulnerability
Device Guard CVE-2018-8449 Device Guard Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8461 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2018-8447 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2018-8470 Internet Explorer Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8425 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2018-8366 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8463 Microsoft Edge privilege elevation vulnerability
Microsoft Edge CVE-2018-8464 Microsoft Edge PDF Remote Code Execution Vulnerability
Microsoft Edge CVE-2018-8469 Microsoft Edge privilege elevation vulnerability
Microsoft Graphics Component CVE-2018-8422 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8424 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8433 Microsoft Graphics Component Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8462 DirectX Graphics Kernel Privilege Escalation Vulnerability
Microsoft Graphics Component CVE-2018-8475 Windows Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8332 Win32k Graphics Remote Code Execution Vulnerability
Microsoft Identity Services CVE-2018-8269 OData Denial of Service Vulnerability
Microsoft JET Database Engine CVE-2018-8392 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2018-8393 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8426 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office CVE-2018-8428 Microsoft SharePoint privilege elevation vulnerability
Microsoft Office CVE-2018-8429 Microsoft Excel Information Disclosure Vulnerability
Microsoft Office CVE-2018-8430 Word PDF Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8431 Microsoft SharePoint privilege elevation vulnerability
Microsoft Office CVE-2018-8331 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8474 Lync for Mac 2011 Security Feature Bypass Vulnerability
Microsoft Scripting Engine CVE-2018-8315 Microsoft Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2018-8367 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8354 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8391 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8452 Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2018-8456 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8457 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8459 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8465 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8466 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8467 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2018-8271 Windows Information Disclosure Vulnerability
Microsoft Windows CVE-2018-8410 Windows Registry privilege elevation vulnerability
Microsoft Windows ADV180022 Windows Denial of Service Vulnerability
Microsoft Windows CVE-2018-8438 Windows Hyper-V Denial of Service Vulnerability
Microsoft Windows CVE-2018-8440 Windows ALPC Privilege Escalation Vulnerability
Microsoft XML Core Services CVE-2018-8420 MS XML Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-0965 Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-8434 Windows Hyper-V Information Disclosure Vulnerability
Windows Hyper-V CVE-2018-8435 Windows Hyper-V Security Feature Bypass Vulnerability
Windows Hyper-V CVE-2018-8436 Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V CVE-2018-8437 Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V CVE-2018-8439 Windows Hyper-V Remote Code Execution Vulnerability
Windows Kernel CVE-2018-8336 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8442 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8443 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8445 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8446 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8455 Windows Kernel Privilege Escalation Vulnerability
Windows Media CVE-2018-8419 Windows Kernel Information Disclosure Vulnerability
Windows Shell CVE-2018-8468 Windows privilege elevation vulnerability
Windows SMB Server CVE-2018-8335 Windows SMB Denial of Service Vulnerability
Windows SMB Server CVE-2018-8444 Windows SMB Information Disclosure Vulnerability
Windows Subsystem for Linux CVE-2018-8337 Windows Subsystem for Linux Security Feature Bypass Vulnerability
Windows Subsystem for Linux CVE-2018-8441 Windows Subsystem for Linux Privilege Escalation Vulnerability

Microsoft officially has released an update patch, please update your system.