Microsoft Patch Tuesday Audit – September 2019

Microsoft-Patch-Tuesday

TL;DR - Go Straight to the September Patch Tuesday Audit Report.

Microsoft released its September Patch Tuesday 2019 software updates and two advisories to address a total of 79 vulnerabilities in its Windows operating systems and other products. Including 17 rated as critical.

Microsoft resolved a total of 79 unique CVEs this month, including two actively exploited and three publicly disclosed vulnerabilities, all of which affect the Windows operating systems.

Actively Exploited:

  • CVE-2019-1214 - Windows Common Log File System Driver Elevation of Privilege Vulnerability
  • CVE-2019-1215 - Windows Elevation of Privilege Vulnerability

Publicly Disclosed:

  • CVE-2019-1235 - Windows Text Service Framework Elevation of Privilege Vulnerability
  • CVE-2019-1253 - Windows Elevation of Privilege Vulnerability
  • CVE-2019-1294 - Windows Secure Boot Security Feature Bypass Vulnerability

With the September updates, Microsoft has also fixed 4 vulnerabilities with IDs CVE-2019-0787, CVE-2019-0788, CVE-2019-1290, CVE-2019-1291 that can allow remote code execution if connecting to a malicious server.

Microsoft Fixes Windows 10 High CPU Usage in Cortana

As part of September's Patch Tuesday, Microsoft has released the Windows 10 KB4515384 cumulative update which fixes the high CPU usage issue in Cortana's SearchUI.exe process that was reported earlier. The issue was being caused if users had disabled searching the web from Windows Search.

Run the September Patch Tuesday Audit Report

Similar to previous months, we've created an audit report which checks if the assets in your network are on the latest Microsoft patch update. It's color-coded to give you an easy and quick overview which assets are already on the latest Windows update, and which ones still need to be patched. All admins are advised to install these security updates as soon as possible to protect Windows from security risks.

September Patch Tuesday Audit Report - Click to Enlarge

If you haven't already, start your free trial of Lansweeper to run the Microsoft Patch Tuesday Report. Make sure to subscribe via the form below if you want to receive the latest Microsoft Patch reports and bonus network reports.

Receive the Latest Patch Tuesday Report for FREE Every Month

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​
FREE WHITE PAPER
Why centralized IT Asset Discovery is more crucial than ever.