The Microsoft September security updates have been released and consist of 80 CVEs and 2 advisories. Of these 80 CVEs, 17 are rated Critical, 62 are rated Important and 1 is rated Moderate in severity. Two are listed as publicly known and two others are listed as under active attack at the time of release.
The updates address Elevation of Privilege, Remote Code Execution, Information Disclosure, Denial of Service, Spoofing and Security Feature Bypass. They apply to the following: Microsoft Windows, Internet Explorer, Microsoft Edge (EdgeHTML-based), ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, Adobe Flash Player, Microsoft Lync, Visual Studio, Microsoft Exchange Server, .NET Framework, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Serverk and Project Rome.
Known Issues: See the Known Issues and accompanying work-around in the KB Articles for your version of Windows in the Update History:
Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative — The September 2019 Security Update Review.
The updates address Elevation of Privilege, Remote Code Execution, Information Disclosure, Denial of Service, Spoofing and Security Feature Bypass. They apply to the following: Microsoft Windows, Internet Explorer, Microsoft Edge (EdgeHTML-based), ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, Adobe Flash Player, Microsoft Lync, Visual Studio, Microsoft Exchange Server, .NET Framework, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Serverk and Project Rome.
Known Issues: See the Known Issues and accompanying work-around in the KB Articles for your version of Windows in the Update History:
Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative — The September 2019 Security Update Review.
Last edited: