Microsoft has published today 80 security fixes across 15 products and services, as part of the company’s monthly batch of security updates, known as Patch Tuesday.

Of the 80 vulnerabilities patched today, two are so-called zero-days — security flaws that had been exploited  before fixes are released.

The two zero-days are CVE-2019-1214 and CVE-2019-1215.

Both are elevation of privilege (EoP) vulnerabilities.

EoP vulnerabilities are usually exploited by malware to gain the ability to run malicious code with administrator privileges on (previously) infected hosts.

As usual, Microsoft didn’t reveal any details of how the two bugs were being exploited in the wild, only acknowledging a security researcher from Qihoo 360 Vulcan Team with discovering the first.

According to Microsoft, the September ecurity release consists of security updates for the following software:

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge (EdgeHTML-based)
  • ChakraCore
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Adobe Flash Player
  • Microsoft Lync
  • Visual Studio
  • Microsoft Exchange Server
  • .NET Framework
  • Microsoft Yammer
  • .NET Core
  • Team Foundation Server
  • Project Rome

For futher information please refer to official Microsoft Release Notes on September 2019 Security Updates.

How is your state of IT?

Call Us: (201) 493-1414

Related Articles

Microsoft is delaying ending support for older versions of Windows 10 due to Coronavirus
BYOD and Federal Wage Laws
Human Resources Issues You Never Considered with BYOD
Why choose psWorkplace for secure collaboration?
6 Phases to Guide Your Small Business Through COVID-19 Planning and Response
Benefits of letting your employees work from home
Increase in Business Productivity Phishing Scams
The cost of downtime for small business
Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution industry awards
Scroll to Top