Microsoft September Patches

Walden Systems Geeks Corner New Microsoft September Patches Rutherford NJ New Jersey NYC New York City North Bergen County
CielView-Server minimizes redundancy in computing resources while allowing users remote desktop access to virtualized user Desktops. CielView-Desktop provides customized solutions to each user in an organization

Microsoft's September Patch Tuesday fixes two elevation-of-privilege ( EoP ) bugs that have been exploited. The two elevation of privilege vulnerabilities consist of CVE-2019-1214, which exists in the Windows Common Log File System ( CLFS ) Driver; and CVE-2019-1215, which affects the Winsock IFS Driver ( ws2ifsl.sys ). Both flaws exist due to improper handling of objects in memory by the respective drivers.

Elevation-of-privilege vulnerabilities are utilized by attackers post-compromise, once they’ve managed to gain access to a system in order to execute code on their target systems with elevated privileges. A hacker who exploits this vulnerability could go from user level to administrator level access. Microsoft reports this is being actively used against both newer and older OSes. Interestingly, The flaw has been targeted by malware in the past, with some going back to 2007. Malware often targets low-level Windows services.


The other flaw has only been seen in older operating systems, according to Microsoft. Microsoft patched 79 CVEs in September. A full 17 are listed as critical in severity, 62 are listed as important, and one is listed as moderate in severity. Four critical vulnerabilities in the Microsoft Remote Desktop Client have been patches also. These were identified by Microsoft's internal research team, including BlueKeep and DejaBlue, which also affect Remote Desktop Client.

According to security experts, CVE-2019-1215 should be at the top of administrators' patch list. Microsoft also issued a a service stack update for all operating systems, which it could start enforcing as soon as October. Usually these are released for one or a couple of Windows editions, so for all Windows OSs to be affected by this one is extraordinary. They are a separate update that needs to be installed outside of the normal, cumulative or security only bundle. This is a critical update to Microsoft's update system within the OS. This means some updates that are coming in the futureu cannot update the Windows updates on the system if the Servicing Stack update is not applied.