-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2019.0257
    Multiple vulnerabilities have been identified in Microsoft Windows
                             11 September 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Microsoft Windows
Operating System:     Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Administrator Compromise        -- Existing Account            
                      Increased Privileges            -- Existing Account            
                      Access Privileged Data          -- Existing Account            
                      Overwrite Arbitrary Files       -- Existing Account            
                      Cross-site Scripting            -- Existing Account            
                      Denial of Service               -- Existing Account            
                      Access Confidential Data        -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2019-1303 CVE-2019-1294 CVE-2019-1293
                      CVE-2019-1292 CVE-2019-1291 CVE-2019-1290
                      CVE-2019-1289 CVE-2019-1287 CVE-2019-1286
                      CVE-2019-1285 CVE-2019-1284 CVE-2019-1283
                      CVE-2019-1282 CVE-2019-1280 CVE-2019-1278
                      CVE-2019-1277 CVE-2019-1274 CVE-2019-1273
                      CVE-2019-1272 CVE-2019-1271 CVE-2019-1270
                      CVE-2019-1269 CVE-2019-1268 CVE-2019-1267
                      CVE-2019-1256 CVE-2019-1254 CVE-2019-1253
                      CVE-2019-1252 CVE-2019-1251 CVE-2019-1250
                      CVE-2019-1249 CVE-2019-1248 CVE-2019-1247
                      CVE-2019-1246 CVE-2019-1245 CVE-2019-1244
                      CVE-2019-1243 CVE-2019-1242 CVE-2019-1241
                      CVE-2019-1240 CVE-2019-1235 CVE-2019-1232
                      CVE-2019-1219 CVE-2019-1216 CVE-2019-1215
                      CVE-2019-1214 CVE-2019-0928 CVE-2019-0788
                      CVE-2019-0787  
Member content until: Friday, October 11 2019

OVERVIEW

        Microsoft has released its monthly security patch update for the month of September 2019. [1]
        
        This update resolves 49 vulnerabilities across the following products: 
        
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1703 for 32-bit Systems
         Windows 10 Version 1703 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for 64-based Systems
         Windows 10 Version 1709 for ARM64-based Systems
         Windows 10 Version 1803 for 32-bit Systems
         Windows 10 Version 1803 for ARM64-based Systems
         Windows 10 Version 1803 for x64-based Systems
         Windows 10 Version 1809 for 32-bit Systems
         Windows 10 Version 1809 for ARM64-based Systems
         Windows 10 Version 1809 for x64-based Systems
         Windows 10 Version 1903 for 32-bit Systems
         Windows 10 Version 1903 for ARM64-based Systems
         Windows 10 Version 1903 for x64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for Itanium-Based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)
         Windows Server 2019
         Windows Server 2019  (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2019-0787
          Remote Code Execution    Critical
         CVE-2019-0788
          Remote Code Execution    Critical
         CVE-2019-0928
          Denial of Service        Important
         CVE-2019-1214
          Elevation of Privilege   Important
         CVE-2019-1215
          Elevation of Privilege   Important
         CVE-2019-1216
          Information Disclosure   Important
         CVE-2019-1219
          Information Disclosure   Important
         CVE-2019-1232
          Elevation of Privilege   Important
         CVE-2019-1235
          Elevation of Privilege   Important
         CVE-2019-1240
          Remote Code Execution    Important
         CVE-2019-1241
          Remote Code Execution    Important
         CVE-2019-1242
          Remote Code Execution    Important
         CVE-2019-1243
          Remote Code Execution    Important
         CVE-2019-1244
          Information Disclosure   Important
         CVE-2019-1245
          Information Disclosure   Important
         CVE-2019-1246
          Remote Code Execution    Important
         CVE-2019-1247
          Remote Code Execution    Important
         CVE-2019-1248
          Remote Code Execution    Important
         CVE-2019-1249
          Remote Code Execution    Important
         CVE-2019-1250
          Remote Code Execution    Important
         CVE-2019-1251
          Information Disclosure   Important
         CVE-2019-1252
          Information Disclosure   Important
         CVE-2019-1253
          Elevation of Privilege   Important
         CVE-2019-1254
          Information Disclosure   Important
         CVE-2019-1256
          Elevation of Privilege   Important
         CVE-2019-1267
          Elevation of Privilege   Important
         CVE-2019-1268
          Elevation of Privilege   Important
         CVE-2019-1269
          Elevation of Privilege   Important
         CVE-2019-1270
          Elevation of Privilege   Important
         CVE-2019-1271
          Elevation of Privilege   Important
         CVE-2019-1272
          Elevation of Privilege   Important
         CVE-2019-1273
          Spoofing                 Important
         CVE-2019-1274
          Information Disclosure   Important
         CVE-2019-1277
          Elevation of Privilege   Important
         CVE-2019-1278
          Elevation of Privilege   Important
         CVE-2019-1280
          Remote Code Execution    Critical
         CVE-2019-1282
          Information Disclosure   Important
         CVE-2019-1283
          Information Disclosure   Important
         CVE-2019-1284
          Elevation of Privilege   Important
         CVE-2019-1285
          Elevation of Privilege   Important
         CVE-2019-1286
          Information Disclosure   Important
         CVE-2019-1287
          Elevation of Privilege   Important
         CVE-2019-1289
          Elevation of Privilege   Important
         CVE-2019-1290
          Remote Code Execution    Critical
         CVE-2019-1291
          Remote Code Execution    Critical
         CVE-2019-1292
          Denial of Service        Important
         CVE-2019-1293
          Information Disclosure   Important
         CVE-2019-1294
          Security Feature Bypass  Important
         CVE-2019-1303
          Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version made available on the Microsoft Update Cataloge for the following Knowledge Base articles. [1]
        
        
         KB4516068, KB4516066, KB4516044, KB4516026, KB4516058
         KB4516051, KB4512578, KB4516033, KB4516064, KB4516065
         KB4515384, KB4516067, KB4516062, KB4516070, KB4516055


REFERENCES

        [1] Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXXhCBWaOgq3Tt24GAQieSw//VVtBzjm/jxV6fXoT1dQsf/bxTvUro8KE
7UedUuNHX202cRCYkAqew8gkP63Qt1c1yqz0u4MDpAOQnJKryL/xkB9nWIAQiidU
ef6r5HpwdRJmW4Kv0vvR9txdlQ9qVxQ05ClWlnmcJPfX3CoeUOQ1JufNjin4FZ6T
l/IpPTSGz4gd4JUC0sYJ8dGPsCs5lAtmiFFLuCK1/uA9nvigtu7Ifcqj/P1lBs5c
XnEu3Y2de75DHPYESL1NvVbK7MGHo5NAm14HnLtjVBVa4FIcTPV5MoVNzIF59hah
nZK2BsDciIr0S5VUPEVSEKb4EkKvvbQwqEUVr6wL1x1XsQDD6YBXck4hzFcrlogw
vvEtIUNifJfMLLwzUvHmhLzITrRk/I3JmdQenACNx1K6WdXUMzvUPXqRh4/ZGyUc
p7aIaUS/ioGoxJnF6ygOt64gjAU00tnXQ+ZfPf/SxFFlYTrMuYSxQ9tY55CI0iam
66icBW+prCKlsOhgr6U9ZosdyNUNzUU73WLNrzlo5JtOxkzU4QvxlUZCQ3wtByk3
Xh0q4rP9cY0wIsnBnZlS5vpTX0hR2rilU+wqebygVGUt1lf1lNKiCUBwz32QqHx/
4E7OHmLkCMymIXFXOW0XqbcRi/xk3rA8QxX64c7NaqVfArIk0FigRUrGVAgzgatd
Gk/dUYW+6CU=
=qHtm
-----END PGP SIGNATURE-----