JPCERT-AT-2019-0036
JPCERT/CC
2019-09-11(Initial)
2019-09-13(Update)
Details on the vulnerabilities can be found at the following URL:
September 2019 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/24f46f0a-489c-e911-a994-000d3a33c573
[Vulnerabilities addressed (Including Security Update Programs rated as "critical")]
* Listing up Microsoft Knowledge Base (KB) that are rated as "critical"
ADV190022
September 2019 Adobe Flash Security Update
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190022
- KB4516115
CVE-2019-0787
Remote Desktop Client Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0787
- KB4512578, KB4515384, KB4516033, KB4516044, KB4516058, KB4516064
KB4516065, KB4516066, KB4516067, KB4516068, KB4516070
CVE-2019-0788
Remote Desktop Client Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0788
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516064, KB4516066
KB4516067, KB4516068, KB4516070
CVE-2019-1138
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1138
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516066, KB4516068
CVE-2019-1208
VBScript Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1208
- KB4512578, KB4515384, KB4516044, KB4516046, KB4516058, KB4516065
KB4516066, KB4516067, KB4516068, KB4516070
CVE-2019-1217
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1217
- KB4512578, KB4515384, KB4516058
CVE-2019-1221
Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1221
- KB4512578, KB4515384, KB4516044, KB4516046, KB4516058, KB4516065
KB4516066, KB4516067, KB4516068, KB4516070
CVE-2019-1236
VBScript Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1236
- KB4512578, KB4515384, KB4516044, KB4516046, KB4516058, KB4516065
KB4516066, KB4516067, KB4516068, KB4516070
CVE-2019-1237
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1237
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516066, KB4516068
CVE-2019-1257
Microsoft SharePoint Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1257
- KB4475590, KB4475596, KB4475605, KB4484098
CVE-2019-1280
LNK Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1280
- KB4512578, KB4515384, KB4516026, KB4516033, KB4516044, KB4516051
KB4516055, KB4516058, KB4516062, KB4516064, KB4516065, KB4516066
KB4516067, KB4516068, KB4516070
CVE-2019-1290
Remote Desktop Client Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1290
- KB4512578, KB4515384, KB4516033, KB4516044, KB4516055, KB4516058
KB4516062, KB4516064, KB4516065, KB4516066, KB4516067, KB4516068
KB4516070
CVE-2019-1291
Remote Desktop Client Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1291
- KB4512578, KB4515384, KB4516026, KB4516033, KB4516044, KB4516051
KB4516055, KB4516058, KB4516062, KB4516064, KB4516065, KB4516066
KB4516067, KB4516068, KB4516070
CVE-2019-1295
Microsoft SharePoint Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1295
- KB4475590, KB4475596, KB4475605, KB4484098
CVE-2019-1296
Microsoft SharePoint Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1296
- KB4475590, KB4475596, KB4484098
CVE-2019-1298
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1298
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516066, KB4516068
CVE-2019-1300
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1300
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516066, KB4516068
KB4516070
CVE-2019-1306
Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1306
- The KB number is not assigned
According to Microsoft, attacks leveraging the vulnerability CVE-2019-1214(Important) and CVE-2019-1215 (Important) have been observed in the wild.Please apply the security update programs as soon as possible.
Microsoft Update Catalog
https://www.catalog.update.microsoft.com/
Windows Update: FAQ
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Microsoft Corporation
September 2019 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/24f46f0a-489c-e911-a994-000d3a33c573
Microsoft Corporation
Microsoft Security Updates for September 2019 (Monthly) (Japanese)
https://msrc-blog.microsoft.com/2019/09/10/201909-security-updates/
Microsoft Corporation
Windows Update: FAQ
https://support.microsoft.com/en-us/help/12373/windows-update-faq
If you have any information regarding this alert, please contact JPCERT/CC.
2019-09-13 Updated "I. Overview"
JPCERT Coordination Center (JPCERT/CC)
MAIL: ew-info@jpcert.or.jp
TEL: +81-3-6271-8901 FAX: +81-3-6271-8908
https://www.jpcert.or.jp/english/
JPCERT/CC
2019-09-11(Initial)
2019-09-13(Update)
I. Overview
Microsoft has released September 2019 Security Updates. This contains updates that are rated as "Critical". Remote attackers leveraging these vulnerabilities may be able to execute arbitrary code.Details on the vulnerabilities can be found at the following URL:
September 2019 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/24f46f0a-489c-e911-a994-000d3a33c573
[Vulnerabilities addressed (Including Security Update Programs rated as "critical")]
* Listing up Microsoft Knowledge Base (KB) that are rated as "critical"
ADV190022
September 2019 Adobe Flash Security Update
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190022
- KB4516115
CVE-2019-0787
Remote Desktop Client Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0787
- KB4512578, KB4515384, KB4516033, KB4516044, KB4516058, KB4516064
KB4516065, KB4516066, KB4516067, KB4516068, KB4516070
CVE-2019-0788
Remote Desktop Client Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0788
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516064, KB4516066
KB4516067, KB4516068, KB4516070
CVE-2019-1138
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1138
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516066, KB4516068
CVE-2019-1208
VBScript Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1208
- KB4512578, KB4515384, KB4516044, KB4516046, KB4516058, KB4516065
KB4516066, KB4516067, KB4516068, KB4516070
CVE-2019-1217
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1217
- KB4512578, KB4515384, KB4516058
CVE-2019-1221
Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1221
- KB4512578, KB4515384, KB4516044, KB4516046, KB4516058, KB4516065
KB4516066, KB4516067, KB4516068, KB4516070
CVE-2019-1236
VBScript Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1236
- KB4512578, KB4515384, KB4516044, KB4516046, KB4516058, KB4516065
KB4516066, KB4516067, KB4516068, KB4516070
CVE-2019-1237
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1237
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516066, KB4516068
CVE-2019-1257
Microsoft SharePoint Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1257
- KB4475590, KB4475596, KB4475605, KB4484098
CVE-2019-1280
LNK Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1280
- KB4512578, KB4515384, KB4516026, KB4516033, KB4516044, KB4516051
KB4516055, KB4516058, KB4516062, KB4516064, KB4516065, KB4516066
KB4516067, KB4516068, KB4516070
CVE-2019-1290
Remote Desktop Client Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1290
- KB4512578, KB4515384, KB4516033, KB4516044, KB4516055, KB4516058
KB4516062, KB4516064, KB4516065, KB4516066, KB4516067, KB4516068
KB4516070
CVE-2019-1291
Remote Desktop Client Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1291
- KB4512578, KB4515384, KB4516026, KB4516033, KB4516044, KB4516051
KB4516055, KB4516058, KB4516062, KB4516064, KB4516065, KB4516066
KB4516067, KB4516068, KB4516070
CVE-2019-1295
Microsoft SharePoint Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1295
- KB4475590, KB4475596, KB4475605, KB4484098
CVE-2019-1296
Microsoft SharePoint Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1296
- KB4475590, KB4475596, KB4484098
CVE-2019-1298
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1298
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516066, KB4516068
CVE-2019-1300
Chakra Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1300
- KB4512578, KB4515384, KB4516044, KB4516058, KB4516066, KB4516068
KB4516070
CVE-2019-1306
Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1306
- The KB number is not assigned
According to Microsoft, attacks leveraging the vulnerability CVE-2019-1214(Important) and CVE-2019-1215 (Important) have been observed in the wild.Please apply the security update programs as soon as possible.
Update: September 13, 2019 Update
As of September 13, 2019, according to the information provided by Microsoft,the advisories for the vulnerability CVE-2019-1214 (Important) and CVE-2019-1215(Important) and stated that the vulnerabilities have not been exploited.
CVE-2019-1214
Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1214
CVE-2019-1215
Windows Elevation of Privilege Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1215
CVE-2019-1214
Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1214
CVE-2019-1215
Windows Elevation of Privilege Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1215
II. Solution
Please apply the security update programs through Microsoft Update,Windows Update, etc. as soon as possible.Microsoft Update Catalog
https://www.catalog.update.microsoft.com/
Windows Update: FAQ
https://support.microsoft.com/en-us/help/12373/windows-update-faq
III. References
Microsoft Corporation
September 2019 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/24f46f0a-489c-e911-a994-000d3a33c573
Microsoft Corporation
Microsoft Security Updates for September 2019 (Monthly) (Japanese)
https://msrc-blog.microsoft.com/2019/09/10/201909-security-updates/
Microsoft Corporation
Windows Update: FAQ
https://support.microsoft.com/en-us/help/12373/windows-update-faq
If you have any information regarding this alert, please contact JPCERT/CC.
Revision History
2019-09-11 First edition2019-09-13 Updated "I. Overview"
JPCERT Coordination Center (JPCERT/CC)
MAIL: ew-info@jpcert.or.jp
TEL: +81-3-6271-8901 FAX: +81-3-6271-8908
https://www.jpcert.or.jp/english/