Skip to main content

Microsoft Monthly Security Update (Jun 2019)

Last Update Date: 19 Sep 2024 Release Date: 12 Jun 2019 7232 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

[Updated on 2024-09-19]

Updated Risk Level, Description, Source and Related Links.

CVE-2019-1069 vulnerability is exploited in the wild. An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. Hence, the risk level is rated from Medium Risk to High Risk.

 

Microsoft has released monthly security update for their products:

 

Vulnerable ProductSeverityImpactsNotesDetails (including CVE)
BrowserModerately Critical Moderately CriticalSecurity Restriction Bypass
Remote Code Execution
Information Disclosure
 
Developer ToolsModerately Critical Moderately CriticalRemote Code Execution
Spoofing
Information Disclosure
 
Microsoft OfficeModerately Critical Moderately CriticalDenial of Service
Spoofing
Remote Code Execution
 
WindowsHigh Risk High RiskSecurity Restriction Bypass
Data Manipulation
Elevation of Privilege
Information Disclosure
Remote Code Execution
Denial of Service
CVE-2019-1069 is exploited in the wild. An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system.

 

Number of 'Extremely Critical' product(s): 0

Number of 'Highly Critical' product(s): 1

Number of 'Moderately Critical' product(s): 3

Evaluation of overall 'Criticality Level': Highly Critical


Impact

  • Denial of Service
  • Remote Code Execution
  • Elevation of Privilege
  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing

System / Technologies affected

  • Windows
  • Browser
  • Developer Tools
  • Microsoft Office

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued security updates for the products. Please refer to 'Details' column in the above table for details of individual product update or run software update.

Vulnerability Identifier


Source


Related Link