Microsoft Monthly Security Update (Jun 2019)

Last Update Date: 19 Sep 2024 Release Date: 12 Jun 2019 7059 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

[Updated on 2024-09-19]

Updated Risk Level, Description, Source and Related Links.

CVE-2019-1069 vulnerability is exploited in the wild. An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. Hence, the risk level is rated from Medium Risk to High Risk.

Microsoft has released monthly security update for their products:

Vulnerable Product	Severity	Impacts	Notes	Details (including CVE)
Browser	Moderately Critical	Security Restriction Bypass Remote Code Execution Information Disclosure		KB4503267 KB4503273 KB4503276 KB4503284 KB4503292 KB4503327 KB4503285 KB4503279 KB4503290 KB4503287 KB4503291 KB4503286 KB4503259 KB4503293
Developer Tools	Moderately Critical	Remote Code Execution Spoofing Information Disclosure		KB4503267 KB4503291 KB4503286 KB4503284 KB4503327 KB4503293 KB4503279
Microsoft Office	Moderately Critical	Denial of Service Spoofing Remote Code Execution		KB4464590 KB4464594 KB4464596 KB4461621 KB4475512 KB4464571 KB4475511 KB4092442 KB4461619 KB4461611 KB4464597 KB4462178 KB4464602 KB4506009
Windows	High Risk	Security Restriction Bypass Data Manipulation Elevation of Privilege Information Disclosure Remote Code Execution Denial of Service	CVE-2019-1069 is exploited in the wild. An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system.	KB4503273 KB4503327 KB4504369 KB4497398 KB4500641 KB4503287 KB4500640 KB4503286 KB3173424 KB4503267 KB4500109 KB4503276 KB3173426 KB4503269 KB4503279 KB4503292 KB4503285 KB4503284 KB4503290 KB4503291 KB4490628 KB4503263 KB4493730 KB4503537 KB4503293 KB4498353

Number of 'Extremely Critical' product(s): 0

Number of 'Highly Critical' product(s): 1

Number of 'Moderately Critical' product(s): 3

Evaluation of overall 'Criticality Level': Highly Critical

Impact

Denial of Service
Remote Code Execution
Elevation of Privilege
Security Restriction Bypass
Information Disclosure
Spoofing

System / Technologies affected

Windows
Browser
Developer Tools
Microsoft Office

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued security updates for the products. Please refer to 'Details' column in the above table for details of individual product update or run software update.

Vulnerability Identifier

https://www.cvedetails.com/vulnerability-list.php?vendor_id=26&year=2019&month=6