88 Vulnerabilities patched in Microsoft's June 2019 Patch last Tuesday

Published by


Blimey, you'd figure that Microsoft would have plugged the OS by now. Instead, we can state the obvious as no less than 88 Vulnerabilities are closed with the June 2019 Patch from last tuesday.

With the release of the June 2019 security updates, Microsoft has released 4 advisories, 1 servicing stack update, and updates for 88 vulnerabilities, with 21 being classified as Critical. Some of the advisories include updated drivers and software that fix vulnerabilities in 3rd-party hardware and software, such as Adobe Flash Player.  According to Microsoft, none of the publically disclosed zero-days, or other vulnerabilities, were found to be publically exploited in the wild. The company has advised all users to install the security updates immediately to protect Windows from these security risks.

The four publicly disclosed vulnerabilities patched in the security update appear to be those posted by SandboxEscaper to her GitHub page last month. These vulnerabilities are:

  • CVE-2019-1069: The bug, which affects Windows Task Scheduler in Windows 10, Server 2016 and later versions, has raised the most concern among security experts. It could allow elevation of privilege on affected systems, according to Microsoft.
  • CVE-2019-1064: Windows elevation of privilege vulnerability affecting Windows 10, Server 2016 and later.
  • CVE-2019-1053: Windows Shell elevation of privilege vulnerability affects all currently supported Windows operating systems. It could create elevation of privilege conditions on affected systems by escaping a sandbox.
  • CVE-2019-0973: Windows Installer vulnerability could enable elevation of privilege on the affected systems through wrong sanitisation of input from loaded libraries.

CVE-2019-1019 and CVE-2019-1040, were necessary to stop attackers remotely running malicious code on any Windows machine, or authenticating any web server supporting Windows Integrated Authentication. A wormable vulnerability, CVE-2019-0708, which existed in Remote Desktop Services and allowed remote code execution has been patched.

Yeah, if you do not auto-update, you might wanna hit that button manually. 

88 Vulnerabilities patched in Microsoft's June 2019 Patch last Tuesday

Share this content
Twitter Facebook Reddit WhatsApp Email Print