{"id":11225,"date":"2019-09-24T00:39:18","date_gmt":"2019-09-23T22:39:18","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=11225"},"modified":"2023-02-14T15:36:41","modified_gmt":"2023-02-14T14:36:41","slug":"windows-schwachstellen-in-ie-und-defender-23-9-2019","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/09\/24\/windows-schwachstellen-in-ie-und-defender-23-9-2019\/","title":{"rendered":"Windows: Vulnerabilities in IE and Defender (09\/23\/2019)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline; border-width: 0px;\" title=\"Update\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/02\/Update.jpg\" alt=\"Windows Update\" width=\"54\" height=\"54\" align=\"left\" border=\"0\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2019\/09\/24\/windows-schwachstellen-in-ie-und-defender-23-9-2019\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]On September 23, 2019, Microsoft unexpectedly released unscheduled security updates for Windows Defender, Microsoft Security Essentials, other security products, and Internet Explorer, which is expected to close vulnerabilities.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg06.met.vgwort.de\/na\/b6c60101a94b48c98276bd7c1aee8b59\" alt=\"\" width=\"1\" height=\"1\" \/>The information about the vulnerability was provided via Twitter, as Bleeping Computer found out <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-issues-windows-security-update-for-0day-vulnerability\/\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Out of band security vulnerability fixes CVE-2019-1367 and CVE-2019-1255 have been released today. For more information please see <a href=\"https:\/\/t.co\/QMUM53m8so\">https:\/\/t.co\/QMUM53m8so<\/a> and <a href=\"https:\/\/t.co\/vy3d0wXWng\">https:\/\/t.co\/vy3d0wXWng<\/a>.<\/p>\n<p>\u2014 Security Response (@msftsecresponse) <a href=\"https:\/\/twitter.com\/msftsecresponse\/status\/1176181336131784705?ref_src=twsrc%5Etfw\">September 23, 2019<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong>Addendum:<\/strong> Meanwhile I also received a mail from Microsoft with information about CVE-2019-1367\u00a0 and \u00a0<a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/CVE-2019-1255\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2019-1255<\/a>. Below I explain which updates are available.<\/p>\n<h2>Defender vulnerability CVE-2019-1255<\/h2>\n<p>Vulnerability <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-1255\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2019-1255<\/a> addresses a Denial of Service vulnerability in Microsoft Defender. This vulnerability exists if Microsoft Defender handles files improperly. An attacker could exploit the vulnerability to prevent legitimate accounts from running legitimate system binaries.<\/p>\n<p>To exploit the vulnerability, an attacker would first have to execute the exploit code on the affected system. Microsoft classifies the vulnerability as Important, but not as Critical. The security update fixes the vulnerability by ensuring that Microsoft Defender processes files properly. However, Microsoft does not yet provide any downloads to close the vulnerability. The following Microsoft security products are affected:<\/p>\n<ul>\n<li>Microsoft Forefront Endpoint Protection 2010<\/li>\n<li>Microsoft System Center Endpoint Protection<\/li>\n<li>Microsoft System Center 2012 Endpoint Protection<\/li>\n<li>Microsoft System Center 2012 R2 Endpoint Protection<\/li>\n<li>Microsoft Security Essentials<\/li>\n<li>Windows Defender<\/li>\n<\/ul>\n<p>The security issue basically affects all supported Windows versions with the Microsoft Malware Protection Engine version 1.1.16300.1. The Microsoft Malware Protection Engine version 1.1.16400.2 addresses the vulnerability. The update should be performed automatically by the relevant Microsoft security products (however, the update does not appear to be ready yet).<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/i.imgur.com\/JsHBWp7.jpg\" \/><\/p>\n<p><strong>Addendum:<\/strong> On Sept. 24, 2019 at about 8:00 a.m. (MEZ) a new update search under Windows 7 SP1 found the update KB2310138, which raised the module version of the antimalware engine to 1.1.16400.2 for the Microsoft Security Essentials. I assume that Windows 8.1 and Windows 10 and the other security products have also received this update.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/i.imgur.com\/VuDVwaQ.jpg\" \/><\/p>\n<p>How to find out the module versions is described in the blog post <a href=\"https:\/\/borncity.com\/win\/2019\/09\/18\/defender-antimalware-version-4-18-1908-7-released\/\">Defender Antimalware Version 4.18.1908.7 with sfc-Fix?<\/a><\/p>\n<h2>IE-Updates for Windows<\/h2>\n<p>Microsoft has also released a number of security updates for Internet Explorer. However, Microsoft does not explain why IE is vulnerable in the KB articles. This information can be found in CVE-2019-1367: This is a memory corruption vulnerability in IE's scripting engine. This depends on how the scripting engine handles objects in memory in Internet Explorer. The vulnerability could damage memory to such an extent that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could obtain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs, view, modify, or delete data, or create new accounts with full user privileges. Microsoft has released the following security updates for the various versions of Windows 10 to close the Internet Explorer vulnerability.<\/p>\n<ul>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4522016\" target=\"_blank\" rel=\"noopener noreferrer\">KB4522016<\/a>: Windows 10 Version 1903, Windows Server Version 1903<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4522015\" target=\"_blank\" rel=\"noopener noreferrer\">KB4522015<\/a>:\u00a0 Windows 10 Version 1809, Windows Server Version 1809, Windows Server 2019<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4522014\" target=\"_blank\" rel=\"noopener noreferrer\">KB4522014<\/a>: Windows 10 Version 1803<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4522012\/windows-10-update-kb4522012\" target=\"_blank\" rel=\"noopener noreferrer\">KB4522012<\/a>: Windows 10 Version 1709<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4522011\/windows-10-update-kb4522011\" target=\"_blank\" rel=\"noopener noreferrer\">KB4522011<\/a>: Windows 10 Version 1703<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4522010\/windows-10-update-kb4522010\" target=\"_blank\" rel=\"noopener noreferrer\">KB4522010<\/a>: Windows 10 Version 1607, Windows Server 2016<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4522009\/windows-10-update-kb4522009\">KB4522009<\/a>: Windows 10 Version 1507<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4522007\/cumulative-security-update-for-internet-explorer\" target=\"_blank\" rel=\"noopener noreferrer\">KB4522007<\/a>: Windows Server 2008 R2 SP1, Windows Server 2012 R2, Windows Server 2012, Windows 8.1, Windows 7 SP1 f\u00fcr den IE 9 &#8211; 10<\/li>\n<\/ul>\n<p>According to KB articles, the security updates are only available for manual download in the Microsoft Update Catalog and must be installed manually. Bleeping Computer has compiled some more information <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-issues-windows-security-update-for-0day-vulnerability\/\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/p>\n<p><strong>Similar articles:<\/strong><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/09\/18\/defender-antimalware-version-4-18-1908-7-released\/\">Defender Antimalware Version 4.18.1908.7 with sfc-Fix?<\/a><br \/>\n<a href=\"https:\/\/www.borncity.com\/blog\/2019\/09\/18\/scan-probleme-mit-defender-antimalware-version-4-18-1908-7\/\">Scan issues with MSD\/Defender Antimalware version 4.18.1908.7<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]On September 23, 2019, Microsoft unexpectedly released unscheduled security updates for Windows Defender, Microsoft Security Essentials, other security products, and Internet Explorer, which is expected to close vulnerabilities.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[872,580,22,2],"tags":[773,69,195,76],"class_list":["post-11225","post","type-post","status-publish","format-standard","hentry","category-browser","category-security","category-update","category-windows","tag-defender","tag-security","tag-update","tag-windows-10"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=11225"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11225\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=11225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=11225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=11225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}