ID KB4503284 Type mskb Reporter Microsoft Modified 2019-08-19T17:18:46
Description
<html><body><p>Learn more about update KB4503284, including improvements and fixes, any known issues, and how to get the update.</p><h2></h2><div class="alert-band"><div class="alert alert-info" role="alert"><div class="row"><div class="col-xs-24"><p><strong>Reminder: </strong>March 12 and April 9 will be the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our <a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426" managed-link="" target="_blank">blog</a>.</p></div></div></div></div><div class="alert-band"><div class="alert alert-info" role="alert"><div class="row"><div class="col-xs-24"><p><strong><span>Reminder:</span></strong><span> Windows 10, version 1709, will reach end of service on April 9, 2019 for devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions. These devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.</span></p></div></div></div></div><div class="alert-band"><div class="alert alert-info" role="alert"><div class="row"><div class="col-xs-24"><p><strong><span><span>IMPORTANT: </span></span></strong><span><span>Windows 10 Enterprise, Education, </span></span><span>and IoT Enterprise</span><span><span> editions will </span></span><span>continue to <span>receive </span>servicing for 12 months<span> at no cost</span></span> per the lifecycle announcement on October 2018.</p></div></div></div></div><h2>Improvements and fixes</h2><div><p>This update includes quality improvements. Key changes include:</p><ul><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, “Your Bluetooth device attempted to establish a debug connection….”, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id="" data-content-type="" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102" managed-link="" originalsrc="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102" shash="QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=" target="_blank">CVE-2019-2102</a> and <a data-content-id="4507623" data-content-type="article" href="" managed-link="" target="_blank">KB4507623</a>.</li><li>Addresses an issue that may prevent Internet Explorer 11 from opening if the <strong>Default Search Provider</strong> is not set or is malformed.</li><li>Security updates to Microsoft Edge, Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.</li></ul><p>If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.</p><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id="" data-content-type="" href="https://portal.msrc.microsoft.com/security-guidance" managed-link="" target="_blank">Security Update Guide</a>.</p></div><h2>Known issues in this update</h2><div><table class="table"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn’t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, "MMC has detected an error in a snap-in and will unload it." and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id="4503281" data-content-type="article" href="" managed-link="" target="_blank">KB4503281</a>.</p></td></tr><tr><td>Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the <strong>System </strong>log section of <strong>Event Viewer </strong>with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”</td><td>This issue is resolved in <a data-content-id="4509477" data-content-type="article" href="" managed-link="" target="_blank">KB4509477</a>.</td></tr><tr><td>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error "Status: 0xc0000001, Info: A required device isn't connected or can't be accessed" after installing this update on a WDS server.</td><td><p>This issue is resolved in <a data-content-id="4512494" data-content-type="article" href="" managed-link="" target="_blank">KB4512494</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p><strong>Before installing this update</strong></p><p>Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see <a data-content-id="" data-content-type="" href="https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date" managed-link="" target="_blank">Servicing stack updates</a>.</p><p>If you are using Windows Update, the latest SSU (<a data-content-id="4500641" data-content-type="article" href="" managed-link="" target="">KB4500641</a>) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the <a href="http://www.catalog.update.microsoft.com/home.aspx" target="_blank">Microsoft Update Catalog</a>.</p><p><strong>Install this update</strong></p><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the <a data-content-id="" data-content-type="" href="http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503284" managed-link="" target="_blank">Microsoft Update Catalog</a> website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the <a data-bi-name="content-anchor-link" data-content-id="" data-content-type="" href="http://download.microsoft.com/download/4/C/A/4CA512D5-877D-49BB-8279-45F555D610C8/4503284.csv" managed-link="" tabindex="0" target="_blank">file information for cumulative update 4503284</a>. </p></div></body></html>
{"id": "KB4503284", "bulletinFamily": "microsoft", "title": "June 11, 2019\u2014KB4503284 (OS Build 16299.1217)", "description": "<html><body><p>Learn more about update KB4503284, including improvements and fixes, any known issues, and how to get the update.</p><h2></h2><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong>Reminder:\u00a0</strong>March 12 and April 9\u00a0will be the last two Delta updates for Windows 10, version\u00a01709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426\" managed-link=\"\" target=\"_blank\">blog</a>.</p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong><span>Reminder:</span></strong><span> Windows 10, version 1709, will reach end of service on April 9, 2019 for devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions. These devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.</span></p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong><span><span>IMPORTANT: </span></span></strong><span><span>Windows 10 Enterprise, Education, </span></span><span>and IoT Enterprise</span><span><span> editions will </span></span><span>continue to <span>receive </span>servicing for 12 months<span> at no cost</span></span>\u00a0per the\u00a0lifecycle announcement on October 2018.</p></div></div></div></div><h2>Improvements and fixes</h2><div><p>This update includes quality improvements. Key changes include:</p><ul><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Addresses an issue that may prevent Internet Explorer 11 from opening if\u00a0the\u00a0<strong>Default Search Provider</strong> is not set or is malformed.</li><li>Security updates to Microsoft Edge, Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.</li></ul><p>If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.</p><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</p></div><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4503281\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503281</a>.</p></td></tr><tr><td>Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the <strong>System </strong>log section of <strong>Event Viewer </strong>with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d</td><td>This issue is resolved in <a data-content-id=\"4509477\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4509477</a>.</td></tr><tr><td>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td><p>This issue is resolved in <a data-content-id=\"4512494\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4512494</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p><strong>Before installing this update</strong></p><p>Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" managed-link=\"\" target=\"_blank\">Servicing stack updates</a>.</p><p>If you are using Windows Update, the latest SSU (<a data-content-id=\"4500641\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4500641</a>) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the <a href=\"http://www.catalog.update.microsoft.com/home.aspx\" target=\"_blank\">Microsoft Update Catalog</a>.</p><p><strong>Install this update</strong></p><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503284\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/4/C/A/4CA512D5-877D-49BB-8279-45F555D610C8/4503284.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for cumulative update 4503284</a>.\u00a0</p></div></body></html>", "published": "2019-06-11T00:00:00", "modified": "2019-08-19T17:18:46", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://support.microsoft.com/en-us/help/4503284/", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2019-2102"], "type": "mskb", "lastseen": "2021-01-01T22:36:16", "edition": 17, "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-2102"]}, {"type": "mscve", "idList": ["MS:ADV190016"]}, {"type": "mskb", "idList": ["KB4503286", "KB4503327", "KB4503263", "KB4503276", "KB4503267", "KB4503293", "KB4503290", "KB4503279", "KB4503285", "KB4503291"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:548A2D8484377A20A276BF58474488F7"]}, {"type": "threatpost", "idList": ["THREATPOST:040A4A9D0367AA2E807A97FB83D00240"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815086", "OPENVAS:1361412562310815206", "OPENVAS:1361412562310815088", "OPENVAS:1361412562310815087", "OPENVAS:1361412562310815205", "OPENVAS:1361412562310815085", "OPENVAS:1361412562310815210", "OPENVAS:1361412562310815207"]}, {"type": "apple", "idList": ["APPLE:HT210119", "APPLE:HT210118", "APPLE:HT210120"]}], "modified": "2021-01-01T22:36:16", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-01-01T22:36:16", "rev": 2}, "vulnersScore": 5.9}, "kb": "KB4503284", "msrc": "", "mscve": "", "msfamily": "", "msplatform": "", "msproducts": [], "supportAreaPaths": ["91ff007a-065b-95c3-efaf-e95d72db867e"], "supportAreaPathNodes": [{"id": "91ff007a-065b-95c3-efaf-e95d72db867e", "name": "Windows 10, version 1709, all editions", "parent": "6ae59d69-36fc-8e4d-23dd-631d98bf74a9", "tree": [], "type": "productversion"}], "primarySupportAreaPath": [{"id": "91ff007a-065b-95c3-efaf-e95d72db867e", "name": "Windows 10, version 1709, all editions", "parent": "6ae59d69-36fc-8e4d-23dd-631d98bf74a9", "tree": [], "type": "productversion"}, {"id": "1267d68d-d9f7-6020-0726-166b153ccbeb", "name": "Windows", "tree": [], "type": "productfamily"}, {"id": "6ae59d69-36fc-8e4d-23dd-631d98bf74a9", "name": "Windows 10", "parent": "1267d68d-d9f7-6020-0726-166b153ccbeb", "tree": [], "type": "productname"}], "superseeds": ["KB4462918", "KB4088776", "KB4048955", "KB4489886", "KB4471329", "KB4284819", "KB4499179", "KB4338825", "KB4093112", "KB4056892", "KB4480978", "KB4493441", "KB4103727", "KB4074588", "KB4457142", "KB4343897", "KB4483232", "KB4467686", "KB4486996", "KB4054517"], "parentseeds": ["KB4537789", "KB4534276", "KB4507455", "KB4512516", "KB4516066", "KB4524150", "KB4561602", "KB4580328", "KB4577041", "KB4571741", "KB4540681", "KB4530714", "KB4525241", "KB4556812", "KB4565508", "KB4520004", "KB4550927"], "msimpact": "", "msseverity": "", "scheme": null}
{"cve": [{"lastseen": "2020-10-03T13:38:52", "description": "In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128843052.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-06-07T20:29:00", "title": "CVE-2019-2102", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2102"], "modified": "2019-09-12T04:15:00", "cpe": ["cpe:/o:google:android:9.0", "cpe:/o:google:android:8.0", "cpe:/o:google:android:7.0", "cpe:/o:google:android:8.1", "cpe:/o:google:android:7.1.2", "cpe:/o:google:android:7.1.1"], "id": "CVE-2019-2102", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-2102", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*"]}], "mskb": [{"lastseen": "2021-01-01T22:52:45", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503291, including improvements and fixes, any known issues, and how to get the update.</p><h2>Improvements and fixes</h2><div><p>This update includes quality improvements. Key changes include:</p><ul><li>Addresses an issue to set the date separator properly in the Japanese short date format. For more information, see <a data-content-id=\"4469068\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4469068</a>.</li><li>Updates time zone information for Morocco.</li><li>Updates time zone information for the Palestinian territories.</li><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Addresses an issue with the HTTP and HTTPS string character limit for URLs when using Internet Explorer.</li><li>Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Cryptography, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, Windows SQL components, and the Microsoft JET Database Engine.</li></ul><p>If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.\u00a0</p><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</p><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><p class=\"alert-title\">Windows Update Improvements</p><div class=\"row\"><div class=\"col-xs-24\"><p>Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.</p></div></div></div></div></div><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4507458\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507458</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p><strong>Before installing this update</strong></p><p>Microsoft strongly recommends that you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes.\u00a0For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" managed-link=\"\" target=\"_blank\">Servicing stack updates</a>.</p><p>If you are using Windows Update, the latest SSU (<a data-content-id=\"4498353\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4498353</a>) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the <a data-content-id=\"\" data-content-type=\"\" href=\"http://www.catalog.update.microsoft.com/home.aspx\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>.</p><p><strong>Install this update</strong></p><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503291\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/4/4/A/44AABFC7-FF1C-43D8-90BA-EEEE6518C753/4503291.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for cumulative update 4503291</a>.\u00a0</p></div></body></html>", "edition": 16, "modified": "2019-07-09T17:55:19", "id": "KB4503291", "href": "https://support.microsoft.com/en-us/help/4503291/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503291 (OS Build 10240.18244)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:42:49", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503286, including improvements and fixes, any known issues, and how to get the update.</p><h2></h2><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p>The Windows 10 April 2018 Update will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running the\u00a0Windows 10\u00a0April 2018 Update\u00a0starting July 16, 2019\u00a0to help ensure that these devices\u00a0remain\u00a0in a serviced\u00a0and\u00a0secure state. For more information, see the Windows 10, version 1903 section of\u00a0the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"https://docs.microsoft.com/en-us/windows/release-information/status-windows-10-1903\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">release information dashboard</a>.</p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong>Note\u00a0</strong>Follow <a href=\"https://twitter.com/windowsupdate\" rel=\"noreferrer noopener\" tabindex=\"-1\" target=\"_blank\" title=\"https://twitter.com/windowsupdate\">@WindowsUpdate</a> to find out when new content is published to the release information dashboard.</p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong>Reminder:\u00a0</strong>March 12\u00a0and April 9\u00a0will be the last two Delta updates for Windows 10, version\u00a01803. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426\" managed-link=\"\" target=\"_blank\">blog</a>.</p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p>Starting with update KB4499183, we are introducing functionality that allows you to decide when to install a feature update. You control when you get a feature update while simultaneously keeping your devices up to date. Feature updates that are available for eligible devices will appear in a separate module on the Windows Update page (<strong>Settings </strong>> <strong>Update & Security</strong> > <strong>Windows Update</strong>). If you would like to get an available update right away, select <strong>Download and install now</strong>. To find out more about this feature, please go to this <a href=\"https://blogs.windows.com/windowsexperience/?p=172316\" managed-link=\"\" target=\"_blank\">blog</a>.\u00a0</p><p><em>When Windows 10 devices are at, or within several months of reaching, end of service, Windows Update will begin to automatically initiate a feature update. This keeps those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.</em></p></div></div></div></div><h2>Improvements and fixes</h2><div><p>This update includes quality improvements. Key changes include:</p><ul><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.</li><li>Addresses an issue that may prevent Internet Explorer 11 from opening if\u00a0the\u00a0<strong>Default Search Provider</strong> is not set or is malformed.</li><li>Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Cryptography, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services Windows SQL components, and the Microsoft JET Database Engine .</li></ul><p>If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.</p><p><span><span><span><span>For more information about the resolved security vulnerabilities, please refer to the </span></span></span></span><span><span><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</span></span></span></p></div><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4503288\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503288</a>.</p></td></tr><tr><td>We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.</td><td><p>This issue is resolved in <a data-content-id=\"4519978\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4519978</a>.</p></td></tr><tr><td>Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the <strong>System </strong>log section of <strong>Event Viewer </strong>with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d</td><td>This issue is resolved in <a data-content-id=\"4509478\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4509478</a>.</td></tr><tr><td>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td><p>This issue is resolved in <a data-content-id=\"4512509\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4512509</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p><strong>Before installing this update</strong></p><p>Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU.\u00a0For more information, see\u00a0<a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">Servicing stack updates</a>.</p><p>If you are using Windows Update, the latest SSU\u00a0(<a data-content-id=\"4497398\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4497398</a>) will be offered to you automatically.\u00a0To get the standalone package for the latest\u00a0SSU, search for it in the\u00a0<a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" href=\"http://www.catalog.update.microsoft.com/home.aspx\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">Microsoft Update Catalog</a>.\u00a0</p><p><strong>Install this update</strong></p><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503286 \" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/6/3/3/63340BDE-2BDB-4688-A08C-75B5B452365B/4503286.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for cumulative update 4503286</a>.\u00a0</p></div></body></html>", "edition": 18, "modified": "2019-10-15T17:17:25", "id": "KB4503286", "href": "https://support.microsoft.com/en-us/help/4503286/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503286 (OS Build 17134.829)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:46:03", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503290, including improvements and fixes, any known issues, and how to get the update.</p><h2>Improvements and fixes</h2><div><p>This security update includes quality improvements. Key changes include:</p><ul><li>Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.</li><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.</li></ul><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</p></div><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td width=\"312\"><p><strong>Symptom</strong></p></td><td width=\"312\"><p><strong>Workaround</strong></p></td></tr><tr><td width=\"312\">Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td width=\"312\"><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td width=\"312\">When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td width=\"312\"><p>This issue is resolved in <a data-content-id=\"4508773\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4508773</a>.</p></td></tr><tr><td width=\"312\">Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td width=\"312\"><p>This issue is resolved in <a data-content-id=\"4512478\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4512478</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p>This update is now available for installation through WSUS. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503290\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/5/3/0/5305E74E-4D01-473A-B0FF-CAE084F7FC6F/4503290.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for update 4503290</a>.\u00a0</p></div></body></html>", "edition": 2, "modified": "2019-08-19T20:07:40", "id": "KB4503290", "href": "https://support.microsoft.com/en-us/help/4503290/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503290 (Security-only update)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:51:10", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503267, including improvements and fixes, any known issues, and how to get the update.</p><h2></h2><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong><span>Reminder:</span></strong><span> The additional servicing for Windows 10 Enterprise,\u00a0<span>Education, and\u00a0</span>IoT Enterprise editions ends on April 9, 2019 and doesn't extend beyond this date. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.</span></p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong>Reminder:\u00a0</strong>March 12 and April 9 will be the last two Delta updates for Windows 10, version\u00a01607. For Long-Term Servicing Branch (LTSB) customers, security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426\" managed-link=\"\" target=\"_blank\">blog</a>.</p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><span><em>Windows 10, version 1607, reached end of service on April 10, 2018. Devices running Windows 10 Home or Pro editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. </em><em>To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.</em></span></p><p><strong><span><span><span>IMPORTANT</span></span></span><span><span><span>:\u00a0</span></span></span></strong><span><span>Windows 10 Enterprise and Windows 10 Education editions will receive\u00a0 additional servicing at no cost until April 9, 2019. Devices on the Long-Term Servicing Channels (LTSC) will continue to receive updates until October 2026\u00a0per the <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/lifecycle/search?alpha=Windows%2010\" managed-link=\"\" target=\"\">Lifecycle Policy page</a>. Windows 10 Anniversary Update (v. 1607) devices running the Intel \u201cClovertrail\u201d chipset will continue to receive updates until January 2023 per the <a data-content-id=\"\" data-content-type=\"\" href=\"https://answers.microsoft.com/{lang-locale}/windows/forum/windows_10-windows_install/intel-clover-trail-processors-are-not-supported-on/ed1823d3-c82c-4d7f-ba9d-43ecbcf526e9?auth=1\" managed-link=\"\" target=\"_blank\">Microsoft Community blog</a>.</span></span></p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><em><span>Windows Server 2016 Standard edition, Nano Server installation option and Windows Server 2016 Datacenter edition, Nano Server installation option </span></em><em><span><span>reached end of service on October 9, 2018</span></span></em><span><span>.<em> These editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.</em></span></span></p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><em><span><span><span>Windows 10 Mobile, version 1607, reached end of service on October 8, 2018. Devices running Windows 10 Mobile and Windows 10 Mobile Enterprise will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.</span></span></span></em></p></div></div></div></div><h2>Improvements and fixes</h2><div><p>This update includes quality improvements. Key changes include:</p><ul><li>Addresses an issue that may cause authentication to fail when using Windows Hello for Business on\u00a0Windows Server 2016 with the Server Core option installed.\u00a0</li><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.</li><li>Addresses an issue that may prevent Internet Explorer 11 from opening if\u00a0the\u00a0<strong>Default Search Provider</strong> is not set or is malformed.</li><li>Security updates to Microsoft Edge, Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.</li></ul><p>If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.</p><p><span><span><span><span>For more information about the resolved security vulnerabilities, please refer to the </span></span></span></span><span><span><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</span></span></span></p><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><p class=\"alert-title\">Windows Update Improvements</p><div class=\"row\"><div class=\"col-xs-24\"><p>Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't\u00a0apply to long-term servicing editions.</p></div></div></div></div></div><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td><p>For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.</p>Additionally, if you do not follow the <a data-content-id=\"\" data-content-type=\"\" href=\"https://techcommunity.microsoft.com/t5/System-Center-Blog/System-Center-Virtual-Machine-Manager-fails-to-enumerate-and/ba-p/360646\" managed-link=\"\" target=\"_blank\">best practices</a>, a stop error may occur in <strong>vfpext.sys</strong> on the hosts.</td><td><p>This issue is resolved in <a data-content-id=\"4507459\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507459</a>.</p><br/><br/>\u00a0</td></tr><tr><td>After installing <a data-content-id=\"4467684\" data-content-type=\"article\" href=\"\" managed-link=\"\">KB4467684</a>, the cluster service may fail to start with the error \u201c2245 (NERR_PasswordTooShort)\u201d if the group policy \u201cMinimum Password Length\u201d is configured with greater than 14 characters.</td><td><p>Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.</p><p>Microsoft is working on a resolution and will provide an update in an upcoming release.</p></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td><p>After installing this update and restarting, some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\".</p></td><td><p>This issue is resolved in <a data-content-id=\"4507460\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507460</a>.</p></td></tr><tr><td>Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) after installation of this update on the server. Applications that may exhibit this behavior use an <strong>IFRAME</strong> during non-interactive authentication requests and receive <strong>X-Frame Options</strong> set to DENY.</td><td><p>This issue is resolved in <a data-content-id=\"4507459\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507459</a>.</p></td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4503294\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503294</a>.</p></td></tr><tr><td>Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the <strong>System </strong>log section of <strong>Event Viewer </strong>with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d</td><td>This issue is resolved in <a data-content-id=\"4509475\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4509475</a>.</td></tr><tr><td>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td><p>This issue is resolved in <a data-content-id=\"4512495\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4512495</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p><strong>Before installing this update</strong></p><p>Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For more information, see\u00a0<a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">Servicing stack updates</a>.</p><p>If you are using Windows Update, the latest SSU\u00a0(<a data-content-id=\"4503537\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4503537</a>) will be offered to you automatically.\u00a0To get the standalone package for the latest\u00a0SSU, search for it in the\u00a0<a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://www.catalog.update.microsoft.com/home.aspx\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">Microsoft Update Catalog</a>.\u00a0</p><p><strong>Install this update</strong></p><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503267\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/7/A/E/7AE23660-A356-4069-8AA8-3242D711FED4/4503267.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for cumulative update 4503267</a>.\u00a0</p></div></body></html>", "edition": 17, "modified": "2019-08-19T17:36:55", "id": "KB4503267", "href": "https://support.microsoft.com/en-us/help/4503267/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503267 (OS Build 14393.3025)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:51:16", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503276, including improvements and fixes, any known issues, and how to get the update.</p><h2>Improvements and fixes</h2><p>This security update includes improvements and fixes that were a part of update <a data-content-id=\"4499182\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4499182 </a>(released May 23, 2019) and addresses the following issues:</p><ul><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.</li><li>Addresses an issue with the HTTP and HTTPS string character limit for URLs when using Internet Explorer.</li><li>Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.</li></ul><p>For more information about the resolved security vulnerabilities, please refer to the <a href=\"https://portal.msrc.microsoft.com/security-guidance\">Security Update Guide</a>.</p><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td width=\"312\"><p><strong>Symptom</strong></p></td><td width=\"312\"><p><strong>Workaround</strong></p></td></tr><tr><td width=\"312\">Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td width=\"312\"><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td width=\"312\">Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or\u00a0McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.</td><td width=\"312\"><p>This issue has been resolved. McAfee has released an automatic update to address this issue.</p><p>Guidance for McAfee customers can be found in the following McAfee support articles:</p><ul><li><a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"https://kc.mcafee.com/corporate/index?page=content&id=KB91465\" managed-link=\"\" originalsrc=\"https://community.sophos.com/kb/en-us/133945\" shash=\"AiRC2XKiBQBQGDmUATR5uuGFI9FV8g96wd/zNGX+TZ+C6sdXUq6XkNFlxAyegFAZVDXPvE0z97/wqABgDwvnUNiF+GeOzxcFkgCMn9xS8JMEAVbuTH+5d4C2Cd3+xs3GcQ03J8Q6l5wPgnJ7tmGDGaSKm8tNc/sbEsz772/1eYE=\" tabindex=\"0\" target=\"_blank\">McAfee Security (ENS) Threat Prevention 10.x</a></li><li><a href=\"https://kc.mcafee.com/corporate/index?page=content&id=KB91466\" managed-link=\"\" target=\"_blank\">McAfee Host Intrusion Prevention (Host IPS) 8.0</a></li><li><a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" href=\"https://kc.mcafee.com/corporate/index?page=content&id=KB91467\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">McAfee VirusScan Enterprise (VSE) 8.8</a></li></ul></td></tr><tr><td width=\"312\">Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.</td><td width=\"312\"><p>This issue is resolved in <a data-content-id=\"4503283\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503283</a>.</p></td></tr><tr><td width=\"312\">When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td width=\"312\"><p>This issue is resolved in <a data-content-id=\"4503283\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503283</a>.</p></td></tr><tr><td width=\"312\">Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td width=\"312\"><p>This issue is resolved in <a data-content-id=\"4512478\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4512478</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503276\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/3/7/E/37EB53D3-836E-4087-86C4-1290B258345B/4503276.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for update 4503276</a>.\u00a0</p></div></body></html>", "edition": 16, "modified": "2019-08-19T20:05:13", "id": "KB4503276", "href": "https://support.microsoft.com/en-us/help/4503276/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503276 (Monthly Rollup)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:39:32", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503327, including improvements and fixes, any known issues, and how to get the update.</p><h2></h2><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong>Note\u00a0</strong>Follow <a href=\"https://twitter.com/windowsupdate\" rel=\"noreferrer noopener\" tabindex=\"-1\" target=\"_blank\" title=\"https://twitter.com/windowsupdate\">@WindowsUpdate</a> to find out when new content is published to the release information dashboard.</p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p>Starting with update KB4497934, we are introducing functionality that allows you to decide when to install a feature update. You control when you get a feature update while simultaneously keeping your devices up to date. Feature updates that are available for eligible devices will appear in a separate module on the Windows Update page (<strong>Settings </strong>> <strong>Update & Security</strong> > <strong>Windows Update</strong>). If you would like to get an available update right away, select <strong>Download and install now</strong>. To find out more about this feature, please go to this <a href=\"https://blogs.windows.com/windowsexperience/?p=172316\" managed-link=\"\" target=\"_blank\">blog</a>.\u00a0</p><p><em><span>When Windows 10 devices are at, or within several months of reaching, end of service, Windows Update will begin to automatically initiate a feature update. This keeps those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.</span></em></p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><p class=\"alert-title\">Note</p><div class=\"row\"><div class=\"col-xs-24\"><p><span>This release also contains updates for Microsoft HoloLens (OS Build 17763.557) released June 11, 2019.</span></p><p>Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.</p></div></div></div></div><h2>Improvements and fixes</h2><p>This update includes quality improvements. Key changes include:</p><ul><li>Addresses an issue that may prevent the Windows Mixed Reality keyboard from rendering correctly in some applications.</li><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.</li><li>Adds updated Broadcom Wi-Fi firmware to Microsoft HoloLens. For more information, see <a href=\"https://portal.msrc.microsoft.com/{lang-locale}/security-guidance/advisory/ADV190016\" managed-link=\"\" target=\"_blank\">Advisory 190016</a>.</li><li>Addresses an issue that may prevent Internet Explorer 11 from opening if\u00a0the\u00a0<strong>Default Search Provider</strong> is not set or is malformed.</li><li>Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Cryptography, Windows Datacenter Networking, Windows Storage and Filesystems, Windows SQL components, the Microsoft JET Database Engine, Windows Virtualization, Windows Kernel, and Internet Information Services.</li></ul><p>If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.</p><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</p><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><p class=\"alert-title\">Windows Update Improvements</p><div class=\"row\"><div class=\"col-xs-24\"><p>Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.</p></div></div></div></div><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td>When attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications, you may receive the error, \"Your printer has experienced an unexpected configuration problem. 0x80070007e.\"</td><td><p>This issue is resolved in <a data-content-id=\"4501371\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4501371</a>.</p></td></tr><tr><td>After installing <a data-content-id=\"4493509\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4493509</a>, devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"</td><td><ol><li>Uninstall and reinstall any recently added language packs. For instructions, see <a data-content-id=\"4496404\" data-content-type=\"article\" href=\"\" managed-link=\"\">Manage the input and display language settings in Windows 10</a>.</li><li>Select\u00a0<strong>Check for Updates</strong> and install the April 2019 Cumulative Update. For instructions, see <a data-content-id=\"4027667\" data-content-type=\"ia\" href=\"\" managed-link=\"\">Update Windows 10</a>.</li></ol><p><strong>Note</strong> If reinstalling the language pack does not mitigate the issue, reset your PC as follows:</p><ol><li>Go to the <strong>Settings </strong>app > <strong>Recovery</strong>.</li><li>Select <strong>Get Started</strong> under the <strong>Reset this PC</strong> recovery option.</li><li>Select <strong>Keep my Files</strong>.</li></ol><p>Microsoft is working on a resolution and will provide an update in an upcoming release.</p></td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4501371\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4501371</a>.</p></td></tr><tr><td>We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.</td><td><p>This issue is resolved in <a data-content-id=\"4520062\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4520062</a>.</p></td></tr><tr><td>Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the <strong>System </strong>log section of <strong>Event Viewer </strong>with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d</td><td>This issue is resolved in <a data-content-id=\"4509479\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4509479</a>.</td></tr><tr><td>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td><p>This issue is resolved in\u00a0<a data-content-id=\"4512534\" data-content-type=\"article\" href=\"\" managed-link=\"\">KB4512534</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><p><strong>Before installing this update</strong></p><p>Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For more information, see\u00a0<a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">Servicing stack updates</a>.</p><p>If you are using Windows Update, the latest SSU (<a data-content-id=\"4504369\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4504369</a>) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the <a data-content-id=\"\" data-content-type=\"\" href=\"http://www.catalog.update.microsoft.com/home.aspx\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>.</p><p><strong>Install this update</strong></p><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503327\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/C/9/4/C94AE967-AB0A-4175-8B31-03DD4AA56D17/4503327.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for cumulative update 4503327</a>.\u00a0</p></body></html>", "edition": 18, "modified": "2019-10-15T17:50:06", "id": "KB4503327", "href": "https://support.microsoft.com/en-us/help/4503327/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503327 (OS Build 17763.557)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:35:21", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503285, including improvements and fixes, any known issues, and how to get the update.</p><h2>Improvements and fixes</h2><div><p>This security update includes improvements and fixes that were a part of update <a data-content-id=\"4499145\" data-content-type=\"article\" href=\"\" managed-link=\"\">KB4499145</a> (released May 23, 2019) and addresses the following issues:</p><ul><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.\u00a0</li><li>Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.</li><li>Security updates to Adobe Flash Player, Windows App Platform and Frameworks, Windows Shell, Windows Input and Composition, Windows Authentication, Windows Server, Windows Cryptography, Windows Storage and Filesystems, Windows Datacenter Networking, Windows Virtualization, Internet Information Services, Windows Kernel, and the Microsoft JET Database Engine.</li></ul><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</p></div><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td>Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.</td><td><p>This issue is resolved in <a data-content-id=\"4503295\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503295</a>.</p></td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4503295\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503295</a>.</p></td></tr><tr><td><p><span>Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing this update when Secure Boot is enabled.</span></p></td><td><p>This issue is resolved in <a data-content-id=\"4503295\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503295</a>.</p></td></tr><tr><td>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td><p>This issue is resolved in <a data-content-id=\"4512512\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4512512</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503285\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/8/8/B/88B54663-54A0-4AA4-B127-5CC11B1C66F8/4503285.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for update 4503285</a>.\u00a0</p></div></body></html>", "edition": 16, "modified": "2019-08-19T19:18:50", "id": "KB4503285", "href": "https://support.microsoft.com/en-us/help/4503285/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503285 (Monthly Rollup)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:38:03", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503293, including improvements and fixes, any known issues, and how to get the update.</p><h2></h2><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong>Note\u00a0</strong>Follow <a href=\"https://twitter.com/windowsupdate\" rel=\"noreferrer noopener\" tabindex=\"-1\" target=\"_blank\" title=\"https://twitter.com/windowsupdate\">@WindowsUpdate</a> to find out when new content is published to the release information dashboard.</p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><p class=\"alert-title\">Note</p><div class=\"row\"><div class=\"col-xs-24\"><p><span>This release also contains updates for Microsoft HoloLens (OS Build 18362.1020) released June 11, 2019.</span></p><p>Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.</p></div></div></div></div><h2>Improvements and fixes</h2><div><p>This update includes quality improvements. Key changes include:</p><ul><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Security updates to Windows Virtualization, Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Cryptography, Windows Storage and Filesystems, Windows SQL Components, the Microsoft JET Database Engine, and Internet Information Services.</li></ul><p>If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.</p><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</p><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><p class=\"alert-title\">Windows Update Improvements</p><div class=\"row\"><div class=\"col-xs-24\"><p>Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.</p></div></div></div></div></div><h2>Known issues in this update</h2><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.</td><td><p><span><span><span><span><span>This issue is resolved in </span></span></span></span></span><a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" href=\"https://support.microsoft.com/help/4512941\" managed-link=\"\" target=\"_blank\"><span><span><span><span><span><span><span>KB4512941</span></span></span></span></span></span></span></a><span><span><span><span><span><span><span><span><span><span><span><span><span>.</span></span></span></span></span></span></span></span></span></span></span></span></span></p></td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4501375\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4501375</a>.</p></td></tr><tr><td><p>The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error \u201c0xc0000005\u201d on devices where the diagnostic data level is manually configured to the non-default setting of 0. You may also receive an error in the<strong>\u00a0Application section\u00a0</strong>of\u00a0<strong>Windows Logs</strong>\u00a0<strong>in Event Viewer\u00a0</strong>with Event ID 1000 referencing \u201csvchost.exe_RasMan\u201d and \u201crasman.dll\u201d.</p>This issue only occurs when a VPN profile is configured as an Always On VPN (AOVPN) connection with or without device tunnel. This does not affect manual only VPN profiles or connections.</td><td><p>This issue is resolved in <a data-content-id=\"4505903\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4505903</a>.</p></td></tr><tr><td>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td><p><span><span><span><span><span>This issue is resolved in </span></span></span></span></span><a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" href=\"https://support.microsoft.com/help/4512941\" managed-link=\"\" target=\"_blank\"><span><span><span><span><span><span><span>KB4512941</span></span></span></span></span></span></span></a><span><span><span><span><span><span><span><span><span><span><span><span><span>.</span></span></span></span></span></span></span></span></span></span></span></span></span></p></td></tr><tr><td><p>Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of this update. Devices that are domain controllers or domain members are both affected.</p><p>If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for \u201cDefine interoperable Kerberos v5 realm settings\u201d policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.</p></td><td><p><span><span><span><span><span>This issue is resolved in </span></span></span></span></span><a aria-live=\"assertive\" data-bi-name=\"content-anchor-link\" href=\"https://support.microsoft.com/help/4512941\" managed-link=\"\" target=\"_blank\"><span><span><span><span><span><span><span>KB4512941</span></span></span></span></span></span></span></a><span><span><span><span><span><span><span><span><span><span><span><span><span>.</span></span></span></span></span></span></span></span></span></span></span></span></span></p></td></tr></tbody></table><p>\u00a0</p><h2>How to get this update</h2><div><p><strong>Before installing this update</strong></p><p>Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU.\u00a0For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" managed-link=\"\" target=\"_blank\">Servicing stack updates</a>.</p><p>If you are using Windows Update, the latest SSU (<a data-content-id=\"4498523\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4498523</a>) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the <a data-content-id=\"\" data-content-type=\"\" href=\"http://www.catalog.update.microsoft.com/home.aspx\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>.</p><p><strong>Install this update</strong></p><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503293\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/4/C/8/4C8B188E-83B8-4867-9FE9-2215485FC1BB/4503293.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for cumulative update 4503293</a>.\u00a0</p></div></body></html>", "edition": 18, "modified": "2019-09-03T16:33:31", "id": "KB4503293", "href": "https://support.microsoft.com/en-us/help/4503293/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503293 (OS Build 18362.175)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:41:27", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503279, including improvements and fixes, any known issues, and how to get the update.</p><h2></h2><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><strong>Reminder:\u00a0</strong>March 12\u00a0and April 9\u00a0will be the last two Delta updates for Windows 10, version\u00a01703. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426\" managed-link=\"\" target=\"_blank\">blog</a>.</p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><span><em><span><span><span><span>Windows 10, version 1703, reached end of service on October 8, 2018</span></span></span></span></em><em><span><span><span>. Devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.</span></span></span></em></span></p><p><strong><span><span><span>IMPORTANT</span></span></span><span><span><span>: </span></span></span></strong><span><span><span>Windows 10 Enterprise and Windows 10 Education editions will receive one year of additional servicing at no cost.</span></span></span></p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><p class=\"alert-title\">Note</p><div class=\"row\"><div class=\"col-xs-24\"><p><span>This release also contains updates for Windows 10 Mobile (OS Build 15063.1868) released June 11, 2019.</span></p></div></div></div></div><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><div class=\"row\"><div class=\"col-xs-24\"><p><em>Windows 10 Mobile, version 1703, reached end of service on June 11, 2019. Devices running Windows 10 Mobile and Windows 10 Mobile Enterprise will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.</em></p></div></div></div></div><h2>Improvements and fixes</h2><div><p>This update includes quality improvements. Key changes include:</p><ul><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Addresses an issue that may prevent Internet Explorer 11 from opening if\u00a0the\u00a0<strong>Default Search Provider</strong> is not set or is malformed.</li><li>Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.</li></ul><p>If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.</p><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</p><div class=\"alert-band\"><div class=\"alert alert-info\" role=\"alert\"><p class=\"alert-title\">Windows Update Improvements</p><div class=\"row\"><div class=\"col-xs-24\"><p>Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.</p></div></div></div></div></div><h2>Known issues in this update</h2><div><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4503289\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4503289</a>.</p></td></tr><tr><td>Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing this update. You may also receive an error in the <strong>System </strong>log section of <strong>Event Viewer </strong>with Event ID 43 from iScsiPrt and a description of \u201cTarget failed to respond in time for a login request.\u201d</td><td>This issue is resolved in <a data-content-id=\"4509476\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4509476</a>.</td></tr><tr><td>After installing this update and restarting, some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\".</td><td><p>This issue is resolved in <a data-content-id=\"4507450\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507450</a>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p><strong>Before installing this update</strong></p><p>Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For more information, see\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" managed-link=\"\" target=\"_blank\">Servicing stack updates</a>.</p><p>If you are using Windows Update, the latest SSU\u00a0(<a data-content-id=\"4500640\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"\">KB4500640</a>) will be offered to you automatically.\u00a0To get the standalone package for the latest\u00a0SSU, search for it in the <a href=\"http://www.catalog.update.microsoft.com/home.aspx\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>.\u00a0</p><p><strong>Install this update</strong></p><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503279 \" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/5/E/A/5EA53689-645A-4EA5-81A6-0FF345776339/4503279.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for cumulative update 4503279</a>.\u00a0</p></div></body></html>", "edition": 17, "modified": "2019-07-09T17:43:59", "id": "KB4503279", "href": "https://support.microsoft.com/en-us/help/4503279/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503279 (OS Build 15063.1868)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:37:18", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "<html><body><p>Learn more about update KB4503263, including improvements and fixes, any known issues, and how to get the update.</p><h2>Improvements and fixes</h2><div><p>This security update includes quality improvements. Key changes include:</p><ul><li>Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.</li><li>Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, \u201cYour Bluetooth device attempted to establish a debug connection\u2026.\u201d, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see <a data-content-id=\"\" data-content-type=\"\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" managed-link=\"\" originalsrc=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102\" shash=\"QMFIeAEwFEAKAe5K5Eu9faR3H4kooMw2DjJ9REs/QKSoOMQ2c/ZINgaFG8VbgaSGsHm+uQdwtjSMoTTqzzNSOQlW4aWE8JU+6VJNBW2AynlqZnLh+SKbBhJCAbxxAB5HbwVb85jAPgjy7UfRIzD+Jx66ggTRxIO/Z0R8j7OUk4s=\" target=\"_blank\">CVE-2019-2102</a> and <a data-content-id=\"4507623\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4507623</a>.</li><li>Security updates to Adobe Flash Player, Windows App Platform and Frameworks, Windows Shell, Windows Input and Composition, Windows Authentication, Windows Server, Windows Cryptography, Windows Storage and Filesystems, Windows Datacenter Networking, Windows Virtualization, Internet Information Services, Windows Kernel, and the Microsoft JET Database Engine.</li></ul><p>For more information about the resolved security vulnerabilities, please refer to the <a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/security-guidance\" managed-link=\"\" target=\"_blank\">Security Update Guide</a>.</p></div><h2>Known issues in this update</h2><table class=\"table\"><tbody><tr><td><strong>Symptom</strong></td><td><strong>Workaround</strong></td></tr><tr><td>Certain operations, such as <strong>rename</strong>, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.</td><td><p>Do one of the following:</p><ul><li>Perform the operation from a process that has administrator privilege.</li><li>Perform the operation from a node that doesn\u2019t have CSV ownership.</li></ul>Microsoft is working on a resolution and will provide an update in an upcoming release.</td></tr><tr><td>When trying to expand, view, or create <strong>Custom Views </strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using <strong>Filter Current Log </strong>in the <strong>Action </strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</td><td><p>This issue is resolved in <a data-content-id=\"4508776\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4508776</a>.</p></td></tr><tr><td><p><span>Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing this update when Secure Boot is enabled.</span></p></td><td><p>This issue is resolved in <a data-content-id=\"4508776\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4508776</a>.</p></td></tr><tr><td>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing this update on a WDS server.</td><td><p>This issue is resolved in <a data-content-id=\"4512512\" data-content-type=\"article\" href=\"\" managed-link=\"\" target=\"_blank\">KB4512512</a>.</p></td></tr></tbody></table><h2>How to get this update</h2><div><p>This update is now available for installation through WSUS. To get the standalone package for this update, go to the\u00a0<a data-content-id=\"\" data-content-type=\"\" href=\"http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4503263\" managed-link=\"\" target=\"_blank\">Microsoft Update Catalog</a>\u00a0website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the\u00a0<a data-bi-name=\"content-anchor-link\" data-content-id=\"\" data-content-type=\"\" href=\"http://download.microsoft.com/download/B/1/B/B1BE1E20-AA11-4AD4-9949-A73DB028EC12/4503263.csv\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">file information for update 4503263</a>.\u00a0</p></div></body></html>", "edition": 2, "modified": "2019-08-19T19:20:26", "id": "KB4503263", "href": "https://support.microsoft.com/en-us/help/4503263/", "published": "2019-06-11T00:00:00", "title": "June 11, 2019\u2014KB4503263 (Security-only update)", "type": "mskb", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2020-08-07T11:45:34", "bulletinFamily": "microsoft", "cvelist": ["CVE-2019-2102"], "description": "**Executive Summary**\n\nMicrosoft is aware of an issue that affects the Bluetooth Low Energy (BLE) version of FIDO Security Keys. Due to a misconfiguration in the Bluetooth pairing protocols, it is possible for an attacker who is physically close to a user at the moment he/she uses the security key to communicate with the security key, or communicate with the device to which the key is paired.\n\nGoogle has issued [CVE-2019-2102](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2102>) for this vulnerability.\n\nTo address this issue, Microsoft has blocked the pairing of these Bluetooth Low Energy (BLE) keys with the pairing misconfiguration.\n\n**Recommended Actions**\n\n 1. Microsoft recommends that customers install the June security update for Windows.\n 2. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review [Android\u2019s June Bulletins](<https://source.android.com/security/bulletin/2019-06-01.html>) and [Google\u2019s advisory](<https://security.googleblog.com/2019/05/titan-keys-update.html>) and take appropriate action.\n 3. Customers using the Feitian Multipass (Feitian CTAP1/U2F Security Key) should review [Feitian's Product Issue Notification website](<https://www.ftsafe.com/replacement/>) and take appropriate action.\n", "edition": 2, "modified": "2019-06-11T07:00:00", "id": "MS:ADV190016", "href": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190016", "published": "2019-06-11T07:00:00", "title": "Bluetooth Low Energy Advisory", "type": "mscve", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "qualysblog": [{"lastseen": "2019-06-15T08:21:08", "bulletinFamily": "blog", "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0722", "CVE-2019-0985", "CVE-2019-2102"], "description": "This month's Microsoft Patch Tuesday addresses 88 vulnerabilities with 21 of them labeled as Critical. Of the 21 Critical vulns, 17 are for scripting engines and browsers, and 3 are potential hypervisor escapes in Hyper-V. The remaining vulnerability is an RCE in the Microsoft Speech API. Microsoft also issued guidance on Bluetooth Low Energy FIDO keys, HoloLens, and Microsoft Exchange. Adobe issues patches today for Flash, ColdFusion, and Campaign.\n\n### Workstation Patches\n\nScripting Engine and Browser patches should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.\n\n### Hyper-V Hypervisor Escape\n\nThree remote code execution vulnerabilities ([CVE-2019-0620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0620>), [CVE-2019-0709](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0709>), and [CVE-2019-0722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0722>)) are patched in Hyper-V that would allow an authenticated user on a guest system to run arbitrary code on the host system. Microsoft notes that exploitation of this vulnerability is less likely, but these patches should still be prioritized for Hyper-V systems.\n\n### Microsoft Speech API RCE\n\nA remote code execution vulnerability ([CVE-2019-0985](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0985>)) exists in the Microsoft Speech API. This impacts Windows 7 and Server 2008 R2, and requires a user to open a malicious document in order to exploit.\n\n### Advisories\n\nMicrosoft also issued several advisories:\n\n * [ADV190016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190016>) Disables the ability to use certain Bluetooth Low Energy FIDO security keys, due to a [vulnerability](<https://nvd.nist.gov/vuln/detail/CVE-2019-2102>) that was disclosed in May. [Google](<https://security.googleblog.com/2019/05/titan-keys-update.html>) and [Feitian](<https://www.ftsafe.com/replacement/>) have issued advisories for customers of these keys.\n * [ADV190017](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190017>) fixes several vulnerabilities in HoloLens that could allow an unauthenticated attacker to DoS or compromise HoloLens devices if they are in close proximity.\n * [ADV190018](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190018>) refers to a \"Microsoft Exchange Server Defense in Depth Update,\" but there are no details provided around the update as of the time of this writing.\n\n### Adobe Patch Tuesday\n\nAdobe released updates today for Flash, ColdFusion, and Campaign. The [Flash update](<https://helpx.adobe.com/security/products/flash-player/apsb19-30.html>) fixes one critical CVE, and should be prioritized for workstations that have Flash installed. The [ColdFusion updates](<https://helpx.adobe.com/security/products/coldfusion/apsb19-27.html>) address three vulnerabilities of various types, all labeled as Critical. Anyone running a ColdFusion server should test and patch as soon as possible. The [Adobe Campaign patch](<https://helpx.adobe.com/security/products/campaign/apsb19-28.html>) addresses 7 different vulnerabilities, with one labeled as Critical.", "modified": "2019-06-11T18:18:29", "published": "2019-06-11T18:18:29", "id": "QUALYSBLOG:548A2D8484377A20A276BF58474488F7", "href": "https://blog.qualys.com/laws-of-vulnerabilities/2019/06/11/june-2019-patch-tuesday-88-vulns-21-critical-hyper-v-escape-adobe-vulns", "type": "qualysblog", "title": "June 2019 Patch Tuesday \u2013 88 Vulns, 21 Critical, Hyper-V Escape, Adobe Vulns", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2020-04-11T11:45:21", "bulletinFamily": "info", "cvelist": ["CVE-2019-0620", "CVE-2019-0709", "CVE-2019-0722", "CVE-2019-0973", "CVE-2019-1019", "CVE-2019-1031", "CVE-2019-1033", "CVE-2019-1034", "CVE-2019-1035", "CVE-2019-1036", "CVE-2019-1040", "CVE-2019-1053", "CVE-2019-1064", "CVE-2019-1069", "CVE-2019-2102"], "description": "Microsoft patched four Windows operating system bugs \u2013 all of which are already publicly known or have proof of concept exploits \u2013 as part of its June Patch Tuesday security bulletin. Each of the vulnerabilities are rated important and there are no reports of public exploitation for the flaws.\n\nThe four bugs are part of a total of 88 vulnerabilities that were patched by Microsoft this month, 21 of which are rated critical, 66 rated important and one moderate.\n\nRaising the most concern among security experts are the four bugs that are publicly known. One of those bugs ([CVE-2019-1069](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1069>)) is a Windows Task Scheduler vulnerability affecting Windows 10, Server 2016 and later, according to Microsoft. The flaw, Microsoft reported, could allow Elevation of Privilege on the affected system. \n[](<https://threatpost.com/newsletter-sign/>)\n\n\u201cPublic disclosure is an indicator of increased risk,\u201d wrote Chris Goettl, director of product management, security at Ivanti in a written analysis. \u201cThis means attackers have had early access to engineer an exploit to take advantage of these vulnerabilities.\u201d\n\nGoettl warned all four of the previously known bugs (CVE-2019-1069, [CVE-2019-1064](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1064>), [CVE-2019-1053](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1053>) and [CVE-2019-0973](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0973>)) should be a patching priority for system administrators.\n\nAnother bug CVE-2019-1064 is a vulnerability in Windows, which could allow Elevation of Privilege on the affected system. Affected is Windows 10, Server 2016 and later.\n\nThe third bug (CVE-2019-1053) is a Windows Shell vulnerability that could also create Elevation of Privilege conditions on the affected system by escaping a sandbox, according to Microsoft. The flaw affects all currently supported Windows operating systems. The last of the four publicly known bugs (CVE-2019-0973) is a vulnerability in Windows Installer that could also allow Elevation of Privilege on the affected system due to improper sanitization of input from loaded libraries.\n\n## Hyper-V and Office Vulnerabilities\n\nSecurity researchers are also flagging three hypervisor escape bugs in Hyper-V. Three remote code execution vulnerabilities ([CVE-2019-0620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0620>), [CVE-2019-0709](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0709>), and [CVE-2019-0722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0722>)) are patched in Hyper-V that would allow an authenticated user on a guest system to run arbitrary code on the host system, noted Jimmy Graham, a director at Qualys [in his Patch Tuesday commentary](<https://blog.qualys.com/laws-of-vulnerabilities/2019/06/11/june-2019-patch-tuesday-88-vulns-21-critical-hyper-v-escape-adobe-vulns>). \u201cMicrosoft notes that exploitation of this vulnerability is less likely, but these patches should still be prioritized for Hyper-V systems.\u201d\n\nPatches for two potentially serious remote code execution vulnerabilities in Microsoft Word ([CVE-2019-1034](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1034>) and [CVE-2019-1035](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1035>)) are also worth prioritizing, according to commentary from Allan Liska, threat intelligence analyst at Recorded Future. This vulnerability affects all versions of Microsoft Word on Windows and Mac as well as Office 365, according to Microsoft.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2019/05/14160018/bug-fix.jpg>)\u201cGiven that Microsoft Word Documents are a favorite exploitation tool of cybercriminals, if this vulnerability is reverse engineered it could be widely exploited,\u201d he said.\n\nLiska said both are memory corruption vulnerabilities that require an attacker to send a specially crafted Microsoft Word document for a victim to open. He said that alternatively, an attacker could convince a victim to click on a link to website hosting a malicious Microsoft Word document.\n\nAlso affecting Office are three cross-site scripting vulnerabilities in SharePoint ([CVE-2019-1031](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1031>), [CVE-2019-1033](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1033>) and [CVE-2019-1036](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1036>)). \u201c[The] vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server,\u201d Microsoft wrote of each of the CVEs. A successful exploit of either of the bugs allows an adversary to read unauthorized content, use the victim\u2019s identity to further access a SharePoint site and change permissions, delete content or place malicious context of the user\u2019s browser.\n\n## NTLM Relay Attack Bug\n\nTwo moderate vulnerabilities [CVE-2019-1040](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1040>) and [CVE-2019-1019](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1019>) were patched by Microsoft that allowed attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.\n\nAccording to researchers at Preempt, [who discovered the flaws](<https://threatpost.com/critical-microsoft-rce-bugs-windows/145572/>), the two CVEs consist of three logical flaws in NTLM, the company\u2019s proprietary authentication protocol.\n\nAside from the 88 bugs patched, Microsoft released a number of advisories. Here they are as reported by Qualys:\n\n * [ADV190016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190016>) Disables the ability to use certain Bluetooth Low Energy FIDO security keys, due to a [vulnerability](<https://nvd.nist.gov/vuln/detail/CVE-2019-2102>) that was disclosed in May. [Google](<https://security.googleblog.com/2019/05/titan-keys-update.html>) and [Feitian](<https://www.ftsafe.com/replacement/>) have issued advisories for customers of these keys.\n * [ADV190017](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190017>) fixes several vulnerabilities in HoloLens that could allow an unauthenticated attacker to DoS or compromise HoloLens devices if they are in close proximity.\n * [ADV190018](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190018>) refers to a \u201cMicrosoft Exchange Server Defense in Depth Update,\u201d but there are no details provided around the update as of the time of this writing.\n\n**_Ransomware is on the rise: _**[**_Don\u2019t miss our free Threatpost webinar _**](<https://attendee.gotowebinar.com/register/611039692762707715?source=enews>)**_on the ransomware threat landscape, June 19 at 2 p.m. ET. _****_Join _****_Threatpost _****_and a panel of experts as they discuss_****_ how to manage the risk associated with this unique attack type,_** **_with exclusive insights into new developments on the ransomware front and how to stay ahead of the attackers._**\n", "modified": "2019-06-11T20:29:45", "published": "2019-06-11T20:29:45", "id": "THREATPOST:040A4A9D0367AA2E807A97FB83D00240", "href": "https://threatpost.com/microsoft-patches-four-publicly-known-vulnerabilities/145594/", "type": "threatpost", "title": "Microsoft Patches Four Publicly-Known Vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-07-21T20:40:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-0908", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0986", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-1014"], "description": "This host is missing a critical security\n update according to Microsoft KB4503276", "modified": "2020-07-17T00:00:00", "published": "2019-06-12T00:00:00", "id": "OPENVAS:1361412562310815210", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815210", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503276)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815210\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0620\", \"CVE-2019-0710\", \"CVE-2019-0711\", \"CVE-2019-0713\",\n \"CVE-2019-0722\", \"CVE-2019-0888\", \"CVE-2019-0904\", \"CVE-2019-0905\",\n \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-0908\", \"CVE-2019-0909\",\n \"CVE-2019-0920\", \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-0948\",\n \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-0974\", \"CVE-2019-0984\",\n \"CVE-2019-0986\", \"CVE-2019-0988\", \"CVE-2019-1005\", \"CVE-2019-1010\",\n \"CVE-2019-1012\", \"CVE-2019-1014\", \"CVE-2019-1017\", \"CVE-2019-1019\",\n \"CVE-2019-1025\", \"CVE-2019-1028\", \"CVE-2019-1038\", \"CVE-2019-1039\",\n \"CVE-2019-1040\", \"CVE-2019-1043\", \"CVE-2019-1045\", \"CVE-2019-1046\",\n \"CVE-2019-1050\", \"CVE-2019-1053\", \"CVE-2019-1055\", \"CVE-2019-1080\",\n \"CVE-2019-1081\", \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 11:42:30 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503276)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503276\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - ActiveX Data Objects (ADO) improperly handle objects in memory.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n an authenticated user on a guest operating system.\n\n - Windows Installer fails to properly sanitize input.\n\n - Windows Common Log File System (CLFS) driver improperly handles objects\n in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n an attacker to execute arbitrary code, elevate privileges by escaping a\n sandbox, gain access to sensitive information, run processes and\n delete files and folders in an elevated context.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 8.1 for 32-bit/x64\n\n - Microsoft Windows Server 2012 R2\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503276\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\ndllVer = fetch_file_version(sysPath:sysPath, file_name:\"Inetcomm.dll\");\nif(!dllVer)\n exit(0);\n\nif(version_is_less(version:dllVer, test_version:\"6.3.9600.19377\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Inetcomm.dll\",\n file_version:dllVer, vulnerable_range:\"Less than 6.3.9600.19377\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0709", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1052"], "description": "This host is missing a critical security\n update according to Microsoft KB4503291", "modified": "2020-07-17T00:00:00", "published": "2019-06-12T00:00:00", "id": "OPENVAS:1361412562310815205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815205", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503291)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815205\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0974\", \"CVE-2019-0984\", \"CVE-2019-1050\", \"CVE-2019-1051\",\n \"CVE-2019-1052\", \"CVE-2019-0620\", \"CVE-2019-0709\", \"CVE-2019-0710\",\n \"CVE-2019-1010\", \"CVE-2019-1012\", \"CVE-2019-0711\", \"CVE-2019-0713\",\n \"CVE-2019-0722\", \"CVE-2019-1014\", \"CVE-2019-0888\", \"CVE-2019-0904\",\n \"CVE-2019-0905\", \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\",\n \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-1023\", \"CVE-2019-1025\",\n \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-1028\", \"CVE-2019-0920\",\n \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-1038\", \"CVE-2019-1039\",\n \"CVE-2019-0948\", \"CVE-2019-1040\", \"CVE-2019-1043\", \"CVE-2019-0972\",\n \"CVE-2019-0973\", \"CVE-2019-1045\", \"CVE-2019-1046\", \"CVE-2019-0986\",\n \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-1053\", \"CVE-2019-1055\",\n \"CVE-2019-0990\", \"CVE-2019-0991\", \"CVE-2019-0992\", \"CVE-2019-0993\",\n \"CVE-2019-1069\", \"CVE-2019-1080\", \"CVE-2019-1081\", \"CVE-2019-1002\",\n \"CVE-2019-1003\", \"CVE-2019-1005\", \"CVE-2019-1007\", \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:29:24 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503291)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503291\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - ActiveX Data Objects (ADO) improperly handle objects in memory.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows GDI component improperly discloses the contents of its\n memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information, run processes\n and delete files and folders in an elevated context.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 for 32-bit Systems\n\n - Microsoft Windows 10 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503291\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.10240.0\", test_version2:\"11.0.10240.18243\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.10240.0 - 11.0.10240.18243\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0709", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "description": "This host is missing a critical security\n update according to Microsoft KB4503279", "modified": "2020-07-17T00:00:00", "published": "2019-06-12T00:00:00", "id": "OPENVAS:1361412562310815086", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815086", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503279)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815086\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-2102\", \"CVE-2019-0620\", \"CVE-2019-0709\", \"CVE-2019-0710\",\n \"CVE-2019-0711\", \"CVE-2019-0713\", \"CVE-2019-0722\", \"CVE-2019-0888\",\n \"CVE-2019-0904\", \"CVE-2019-0905\", \"CVE-2019-0906\", \"CVE-2019-0907\",\n \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-0920\", \"CVE-2019-0941\",\n \"CVE-2019-0943\", \"CVE-2019-0948\", \"CVE-2019-0972\", \"CVE-2019-0973\",\n \"CVE-2019-0974\", \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-0986\",\n \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-0990\", \"CVE-2019-0991\",\n \"CVE-2019-0992\", \"CVE-2019-0993\", \"CVE-2019-1002\", \"CVE-2019-1003\",\n \"CVE-2019-1005\", \"CVE-2019-1007\", \"CVE-2019-1010\", \"CVE-2019-1012\",\n \"CVE-2019-1014\", \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\",\n \"CVE-2019-1021\", \"CVE-2019-1023\", \"CVE-2019-1024\", \"CVE-2019-1025\",\n \"CVE-2019-1028\", \"CVE-2019-1038\", \"CVE-2019-1039\", \"CVE-2019-1040\",\n \"CVE-2019-1043\", \"CVE-2019-1045\", \"CVE-2019-1046\", \"CVE-2019-1050\",\n \"CVE-2019-1051\", \"CVE-2019-1052\", \"CVE-2019-1053\", \"CVE-2019-1054\",\n \"CVE-2019-1055\", \"CVE-2019-1064\", \"CVE-2019-1069\", \"CVE-2019-1080\",\n \"CVE-2019-1081\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 08:59:34 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503279)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503279\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine handles objects in memory in Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code on a victim system, escalate privileges, bypass\n security restrictions, disclose sensitive information and cause a denial of\n service condition on a victim system.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1703 x32/x64.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503279\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.15063.0\", test_version2:\"11.0.15063.1867\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.15063.0 - 11.0.15063.1867\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1065", "CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1026", "CVE-2019-0908", "CVE-2019-0998", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-1039", "CVE-2019-0948", "CVE-2019-1005", "CVE-2019-1027", "CVE-2019-0905", "CVE-2019-1022", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-1041", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0959", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "description": "This host is missing a critical security\n update according to Microsoft KB4503293", "modified": "2020-07-17T00:00:00", "published": "2019-06-12T00:00:00", "id": "OPENVAS:1361412562310815085", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815085", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503293)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815085\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-2102\", \"CVE-2019-0620\", \"CVE-2019-0722\", \"CVE-2019-0888\",\n \"CVE-2019-0904\", \"CVE-2019-0905\", \"CVE-2019-0906\", \"CVE-2019-0907\",\n \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-0920\", \"CVE-2019-0941\",\n \"CVE-2019-0943\", \"CVE-2019-0948\", \"CVE-2019-0959\", \"CVE-2019-0972\",\n \"CVE-2019-0973\", \"CVE-2019-0974\", \"CVE-2019-0983\", \"CVE-2019-0984\",\n \"CVE-2019-0986\", \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-0990\",\n \"CVE-2019-0991\", \"CVE-2019-0992\", \"CVE-2019-0993\", \"CVE-2019-0998\",\n \"CVE-2019-1003\", \"CVE-2019-1005\", \"CVE-2019-1007\", \"CVE-2019-1010\",\n \"CVE-2019-1012\", \"CVE-2019-1014\", \"CVE-2019-1017\", \"CVE-2019-1019\",\n \"CVE-2019-1021\", \"CVE-2019-1022\", \"CVE-2019-1023\", \"CVE-2019-1024\",\n \"CVE-2019-1025\", \"CVE-2019-1026\", \"CVE-2019-1027\", \"CVE-2019-1028\",\n \"CVE-2019-1038\", \"CVE-2019-1039\", \"CVE-2019-1040\", \"CVE-2019-1041\",\n \"CVE-2019-1043\", \"CVE-2019-1046\", \"CVE-2019-1050\", \"CVE-2019-1051\",\n \"CVE-2019-1052\", \"CVE-2019-1053\", \"CVE-2019-1054\", \"CVE-2019-1055\",\n \"CVE-2019-1064\", \"CVE-2019-1065\", \"CVE-2019-1069\", \"CVE-2019-1080\",\n \"CVE-2019-1081\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 08:40:30 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503293)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503293\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - ActiveX Data Objects (ADO) improperly handle objects in memory.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows kernel fails to properly handle objects in memory.\n\n - Windows Common Log File System (CLFS) driver improperly handles objects in\n memory.\n\n - A misconfiguration in the Bluetooth pairing protocols\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code on a victim system, escalate privileges, bypass\n security restrictions, disclose sensitive information and cause a denial of\n service condition on a victim system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1903 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1903 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503293\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.18362.0\", test_version2:\"11.0.18362.174\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.18362.0 - 11.0.18362.174\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-0905", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0709", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1052"], "description": "This host is missing a critical security\n update according to Microsoft KB4503267", "modified": "2020-07-17T00:00:00", "published": "2019-06-12T00:00:00", "id": "OPENVAS:1361412562310815207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815207", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503267)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815207\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0974\", \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-1050\",\n \"CVE-2019-1051\", \"CVE-2019-1052\", \"CVE-2019-0620\", \"CVE-2019-0709\",\n \"CVE-2019-0710\", \"CVE-2019-1010\", \"CVE-2019-1012\", \"CVE-2019-0711\",\n \"CVE-2019-0713\", \"CVE-2019-0722\", \"CVE-2019-1014\", \"CVE-2019-0888\",\n \"CVE-2019-0904\", \"CVE-2019-0905\", \"CVE-2019-1017\", \"CVE-2019-1018\",\n \"CVE-2019-1019\", \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-1023\",\n \"CVE-2019-1025\", \"CVE-2019-0908\", \"CVE-2019-0909\", \"CVE-2019-1028\",\n \"CVE-2019-0920\", \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-1038\",\n \"CVE-2019-1039\", \"CVE-2019-0948\", \"CVE-2019-1040\", \"CVE-2019-1043\",\n \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-1046\", \"CVE-2019-0986\",\n \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-1053\", \"CVE-2019-1054\",\n \"CVE-2019-1055\", \"CVE-2019-1064\", \"CVE-2019-0990\", \"CVE-2019-0991\",\n \"CVE-2019-0992\", \"CVE-2019-0993\", \"CVE-2019-1069\", \"CVE-2019-1080\",\n \"CVE-2019-1081\", \"CVE-2019-1002\", \"CVE-2019-1003\", \"CVE-2019-1005\",\n \"CVE-2019-1007\", \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:37:10 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503267)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503267\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - ActiveX Data Objects (ADO) improerly handle objects in memory.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Task Scheduler Service improperly validates certain file operations.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in kernel mode, elevate privileges\n by escaping a sandbox, gain access to sensitive information, run\n processes and delete files and folders in an elevated context.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1607 x32/x64\n\n - Microsoft Windows Server 2016\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503267\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2016:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.14393.0\", test_version2:\"11.0.14393.3023\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.14393.0 - 11.0.14393.3023\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0998", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-1045", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-1027", "CVE-2019-0905", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0709", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "description": "This host is missing a critical security\n update according to Microsoft KB4503284", "modified": "2020-07-17T00:00:00", "published": "2019-06-12T00:00:00", "id": "OPENVAS:1361412562310815087", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815087", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503284)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815087\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0620\", \"CVE-2019-0709\", \"CVE-2019-0710\", \"CVE-2019-0711\",\n \"CVE-2019-0713\", \"CVE-2019-0722\", \"CVE-2019-0888\", \"CVE-2019-0904\",\n \"CVE-2019-0905\", \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-0908\",\n \"CVE-2019-0909\", \"CVE-2019-0920\", \"CVE-2019-0941\", \"CVE-2019-0943\",\n \"CVE-2019-0948\", \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-0974\",\n \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-0986\", \"CVE-2019-0988\",\n \"CVE-2019-0989\", \"CVE-2019-0990\", \"CVE-2019-0991\", \"CVE-2019-0992\",\n \"CVE-2019-0993\", \"CVE-2019-0998\", \"CVE-2019-1002\", \"CVE-2019-1003\",\n \"CVE-2019-1005\", \"CVE-2019-1007\", \"CVE-2019-1010\", \"CVE-2019-1012\",\n \"CVE-2019-1014\", \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\",\n \"CVE-2019-1021\", \"CVE-2019-1023\", \"CVE-2019-1024\", \"CVE-2019-1025\",\n \"CVE-2019-1027\", \"CVE-2019-1028\", \"CVE-2019-1038\", \"CVE-2019-1039\",\n \"CVE-2019-1040\", \"CVE-2019-1043\", \"CVE-2019-1045\", \"CVE-2019-1046\",\n \"CVE-2019-1050\", \"CVE-2019-1051\", \"CVE-2019-1052\", \"CVE-2019-1053\",\n \"CVE-2019-1054\", \"CVE-2019-1055\", \"CVE-2019-1064\", \"CVE-2019-1069\",\n \"CVE-2019-1080\", \"CVE-2019-1081\", \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:25:15 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503284)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503284\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in Microsoft\n Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from a\n privileged user on a guest operating system.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows Common Log File System (CLFS) driver improperly handles objects in\n memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code on a victim system, escalate privileges, bypass\n security restrictions, disclose sensitive information and cause a denial of\n service condition on a victim system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1709 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503284\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.1216\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.1216\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1065", "CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1026", "CVE-2019-1018", "CVE-2019-0908", "CVE-2019-0998", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-1027", "CVE-2019-0905", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-1041", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0959", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-1002", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "description": "This host is missing a critical security\n update according to Microsoft KB4503286", "modified": "2020-07-17T00:00:00", "published": "2019-06-12T00:00:00", "id": "OPENVAS:1361412562310815206", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815206", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503286)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815206\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-0974\", \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-1050\",\n \"CVE-2019-1051\", \"CVE-2019-1052\", \"CVE-2019-0620\", \"CVE-2019-0710\",\n \"CVE-2019-1010\", \"CVE-2019-1012\", \"CVE-2019-0711\", \"CVE-2019-0713\",\n \"CVE-2019-0722\", \"CVE-2019-1014\", \"CVE-2019-0888\", \"CVE-2019-0904\",\n \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\", \"CVE-2019-0905\",\n \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-1021\", \"CVE-2019-1023\",\n \"CVE-2019-1024\", \"CVE-2019-1025\", \"CVE-2019-0908\", \"CVE-2019-0909\",\n \"CVE-2019-1026\", \"CVE-2019-1027\", \"CVE-2019-1028\", \"CVE-2019-0920\",\n \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-1038\", \"CVE-2019-1039\",\n \"CVE-2019-0948\", \"CVE-2019-0959\", \"CVE-2019-1040\", \"CVE-2019-1041\",\n \"CVE-2019-1043\", \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-1046\",\n \"CVE-2019-0986\", \"CVE-2019-0988\", \"CVE-2019-0989\", \"CVE-2019-1053\",\n \"CVE-2019-1054\", \"CVE-2019-1055\", \"CVE-2019-1064\", \"CVE-2019-0990\",\n \"CVE-2019-0991\", \"CVE-2019-0992\", \"CVE-2019-0993\", \"CVE-2019-0998\",\n \"CVE-2019-1065\", \"CVE-2019-1069\", \"CVE-2019-1080\", \"CVE-2019-1081\",\n \"CVE-2019-1002\", \"CVE-2019-1003\", \"CVE-2019-1005\", \"CVE-2019-1007\",\n \"CVE-2019-2102\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:25:27 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503286)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503286\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improper initializes objects in memory.\n\n - Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - ActiveX Data Objects (ADO) improperly handles objects in memory.\n\n - Windows Common Log File System (CLFS) driver improperly handles\n objects in memory.\n\n - Scripting engine does not properly handle objects in memory in\n Microsoft Edge.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to run arbitrary code in kernel mode, cause denial of service, gain elevated\n privileges, delete files and folders in an elevated context, and bypass security\n restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1803 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1803 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503286\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.828\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.828\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1065", "CVE-2019-1019", "CVE-2019-0943", "CVE-2019-1007", "CVE-2019-1026", "CVE-2019-1018", "CVE-2019-1044", "CVE-2019-0908", "CVE-2019-0998", "CVE-2019-0983", "CVE-2019-0989", "CVE-2019-0974", "CVE-2019-0906", "CVE-2019-0710", "CVE-2019-1039", "CVE-2019-9502", "CVE-2019-0948", "CVE-2019-0713", "CVE-2019-1005", "CVE-2019-1027", "CVE-2019-0905", "CVE-2019-1022", "CVE-2019-1064", "CVE-2019-0909", "CVE-2019-1050", "CVE-2019-0986", "CVE-2019-1003", "CVE-2019-0988", "CVE-2019-1055", "CVE-2019-9500", "CVE-2019-1040", "CVE-2019-1021", "CVE-2019-1051", "CVE-2019-1038", "CVE-2019-0984", "CVE-2019-0888", "CVE-2019-0941", "CVE-2019-0620", "CVE-2019-9503", "CVE-2019-1081", "CVE-2019-0972", "CVE-2019-1017", "CVE-2019-1080", "CVE-2019-0991", "CVE-2019-1069", "CVE-2019-1053", "CVE-2019-0907", "CVE-2019-1012", "CVE-2019-0992", "CVE-2019-1041", "CVE-2019-0993", "CVE-2019-0920", "CVE-2019-0959", "CVE-2019-9501", "CVE-2019-0722", "CVE-2019-1043", "CVE-2019-2102", "CVE-2019-1010", "CVE-2019-1046", "CVE-2019-1028", "CVE-2019-0904", "CVE-2019-0973", "CVE-2019-1025", "CVE-2019-0711", "CVE-2019-0990", "CVE-2019-1014", "CVE-2019-1023", "CVE-2019-1054", "CVE-2019-1024", "CVE-2019-1052"], "description": "This host is missing a critical security\n update according to Microsoft KB4503327", "modified": "2020-07-17T00:00:00", "published": "2019-06-12T00:00:00", "id": "OPENVAS:1361412562310815088", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815088", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4503327)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815088\");\n script_version(\"2020-07-17T06:09:49+0000\");\n script_cve_id(\"CVE-2019-0620\", \"CVE-2019-0710\", \"CVE-2019-0711\", \"CVE-2019-0713\",\n \"CVE-2019-0722\", \"CVE-2019-0888\", \"CVE-2019-0904\", \"CVE-2019-0905\",\n \"CVE-2019-0906\", \"CVE-2019-0907\", \"CVE-2019-0908\", \"CVE-2019-0909\",\n \"CVE-2019-0920\", \"CVE-2019-0941\", \"CVE-2019-0943\", \"CVE-2019-0948\",\n \"CVE-2019-0959\", \"CVE-2019-0972\", \"CVE-2019-0973\", \"CVE-2019-0974\",\n \"CVE-2019-0983\", \"CVE-2019-0984\", \"CVE-2019-0986\", \"CVE-2019-0988\",\n \"CVE-2019-0989\", \"CVE-2019-0990\", \"CVE-2019-0991\", \"CVE-2019-0992\",\n \"CVE-2019-0993\", \"CVE-2019-0998\", \"CVE-2019-1003\", \"CVE-2019-1005\",\n \"CVE-2019-1007\", \"CVE-2019-1010\", \"CVE-2019-1012\", \"CVE-2019-1014\",\n \"CVE-2019-1017\", \"CVE-2019-1018\", \"CVE-2019-1019\", \"CVE-2019-1021\",\n \"CVE-2019-1022\", \"CVE-2019-1023\", \"CVE-2019-1024\", \"CVE-2019-1025\",\n \"CVE-2019-1026\", \"CVE-2019-1027\", \"CVE-2019-1028\", \"CVE-2019-1038\",\n \"CVE-2019-1039\", \"CVE-2019-1040\", \"CVE-2019-1041\", \"CVE-2019-1043\",\n \"CVE-2019-1044\", \"CVE-2019-1046\", \"CVE-2019-1050\", \"CVE-2019-1051\",\n \"CVE-2019-1052\", \"CVE-2019-1053\", \"CVE-2019-1054\", \"CVE-2019-1055\",\n \"CVE-2019-1064\", \"CVE-2019-1065\", \"CVE-2019-1069\", \"CVE-2019-1080\",\n \"CVE-2019-1081\", \"CVE-2019-2102\", \"CVE-2019-9500\", \"CVE-2019-9501\",\n \"CVE-2019-9502\", \"CVE-2019-9503\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 06:09:49 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 09:36:13 +0530 (Wed, 12 Jun 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4503327)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4503327\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows kernel improperly initializes objects in memory.\n\n - Chakra scripting engine handles objects in memory in Microsoft Edge.\n\n - Microsoft Hyper-V on a host server fails to properly validate input from\n a privileged user on a guest operating system.\n\n - Windows Jet Database Engine improperly handles objects in memory.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows GDI component improperly discloses the contents of its memory.\n\n - Windows Common Log File System (CLFS) driver improperly handles objects in\n memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code on a victim system, escalate privileges, bypass\n security restrictions, disclose sensitive information and cause a denial of\n service condition on a victim system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1809 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1809 for x64-based Systems\n\n - Microsoft Windows Server 2019\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4503327\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2019:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer)\n exit(0);\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17763.0\", test_version2:\"11.0.17763.556\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17763.0 - 11.0.17763.556\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "apple": [{"lastseen": "2020-12-24T20:43:25", "bulletinFamily": "software", "cvelist": ["CVE-2019-8568", "CVE-2019-8608", "CVE-2019-8633", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8593", "CVE-2019-8577", "CVE-2019-8612", "CVE-2019-8592", "CVE-2019-8591", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8637", "CVE-2019-8560", "CVE-2019-8594", "CVE-2019-8585", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8620", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8582", "CVE-2019-8619", "CVE-2019-8631", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-2102", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8574", "CVE-2019-8623", "CVE-2019-8576", "CVE-2019-8609", "CVE-2019-8595"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 12.3\n\nReleased May 13, 2019\n\n**AppleFileConduit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8593: Dany Lisiansky (@DanyL931)\n\n**Bluetooth**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added August 1, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreText**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**Disk Images**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added September 17, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Messages**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**MobileInstallation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**MobileLockdown**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8637: Dany Lisiansky (@DanyL931)\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**sysdiagnose**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated February 3, 2020\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security & Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 30, 2019\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n\n\n## Additional recognition\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge Vozzie and Rami and m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero and an anonymous researcher for their assistance.\n\n**MediaLibrary**\n\nWe would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n", "edition": 3, "modified": "2020-07-27T08:21:15", "published": "2020-07-27T08:21:15", "id": "APPLE:HT210120", "href": "https://support.apple.com/kb/HT210120", "title": "About the security content of tvOS 12.3 - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:51", "bulletinFamily": "software", "cvelist": ["CVE-2019-8568", "CVE-2019-8608", "CVE-2019-8633", "CVE-2019-8630", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8593", "CVE-2019-8577", "CVE-2019-8612", "CVE-2019-8592", "CVE-2019-8591", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8637", "CVE-2019-8560", "CVE-2019-8594", "CVE-2019-8585", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8620", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8582", "CVE-2019-8619", "CVE-2019-8631", "CVE-2019-8615", "CVE-2019-8617", "CVE-2019-8626", "CVE-2019-8571", "CVE-2019-2102", "CVE-2019-8573", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8574", "CVE-2019-8599", "CVE-2019-8623", "CVE-2019-8613", "CVE-2019-8576", "CVE-2019-8609", "CVE-2019-8664", "CVE-2019-8595"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 12.3\n\nReleased May 13, 2019\n\n**AppleFileConduit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8593: Dany Lisiansky (@DanyL931)\n\n**Bluetooth**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**Contacts**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**CoreAudio**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreAudio**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added August 1, 2019\n\n**CoreText**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**Disk Images**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added September 17, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Lock Screen**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A person with physical access to an iOS device may be able to see the email address used for iTunes\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2019-8599: Jeremy Pe\u00f1a-Lopez (aka Radio) of the University of North Florida\n\n**Mail**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8626: Natalie Silvanovich of Google Project Zero\n\n**Mail Message Framework**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8613: Natalie Silvanovich of Google Project Zero\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A remote attacker may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8573: Natalie Silvanovich of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8664: Natalie Silvanovich of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**MobileInstallation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**MobileLockdown**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8637: Dany Lisiansky (@DanyL931)\n\n**Photos Storage**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2019-8617: an anonymous researcher\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**Status Bar**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: The lock screen may show a locked icon after unlocking\n\nDescription: The issue was addressed with improved UI handling.\n\nCVE-2019-8630: Jon M. Morlan\n\n**StreamingZip**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**sysdiagnose**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated February 3, 2020\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security & Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**Wi-Fi**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 30, 2019\n\n**Wi-Fi**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n\n\n## Additional recognition\n\n**Clang**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero for their assistance.\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab, Vozzie and Rami for their assistance.\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nWe would like to acknowledge Denis Kopyrin, Brandon Azad of Google Project Zero for their assistance.\n\nEntry updated May 30, 2019\n\n**MediaLibrary**\n\nWe would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\n**Safari**\n\nWe would like to acknowledge Ben Guild (@benguild) for their assistance.\n", "edition": 3, "modified": "2020-07-27T08:18:28", "published": "2020-07-27T08:18:28", "id": "APPLE:HT210118", "href": "https://support.apple.com/kb/HT210118", "title": "About the security content of iOS 12.3 - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:43:10", "bulletinFamily": "software", "cvelist": ["CVE-2018-12126", "CVE-2019-8603", "CVE-2019-8568", "CVE-2019-8635", "CVE-2019-8608", "CVE-2019-8633", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8577", "CVE-2019-8612", "CVE-2019-8592", "CVE-2019-8591", "CVE-2019-8547", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8604", "CVE-2019-8606", "CVE-2019-8560", "CVE-2019-8594", "CVE-2019-8585", "CVE-2019-8622", "CVE-2018-12127", "CVE-2019-8590", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8629", "CVE-2019-8616", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8640", "CVE-2019-8596", "CVE-2019-8582", "CVE-2019-8634", "CVE-2019-8525", "CVE-2019-8619", "CVE-2019-8631", "CVE-2019-8589", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-2102", "CVE-2019-8573", "CVE-2019-8598", "CVE-2019-8600", "CVE-2018-4456", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8574", "CVE-2019-8623", "CVE-2019-11091", "CVE-2019-8576", "CVE-2019-8609", "CVE-2019-8595", "CVE-2018-12130", "CVE-2019-8569"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra\n\nReleased May 13, 2019\n\n**Accessibility Framework**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8603: Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative\n\n**AMD**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8635: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team working with Trend Micro's Zero Day Initiative\n\n**Application Firewall**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2019-8590: The UK\u2019s National Cyber Security Centre (NCSC)\n\n**Archive Utility**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8640: Ash Fox of Fitbit Product Security\n\nEntry added August 1, 2019\n\n**Bluetooth**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**CoreAudio**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry updated October 8, 2019\n\n**CoreAudio**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreText**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**DesktopServices**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may bypass Gatekeeper checks\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8589: Andreas Clementi, Stefan Haselwanter, and Peter Stelzhammer of AV-Comparatives\n\n**Disk Images**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 14, 2019\n\n**EFI**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A user may be unexpectedly logged in to another user\u2019s account\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8634: Jenny Sprenger and Maik Hoepfel\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8616: Lilang Wu and Moony Li of Trend Micro Mobile Security Research Team working with Trend Micro's Zero Day Initiative\n\n**Intel Graphics Driver**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-8629: Arash Tohidi of Solita Oy\n\n**IOAcceleratorFamily**\n\nAvailable for: macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4456: Tyler Bohan of Cisco Talos\n\n**IOKit**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: A local user may be able to load unsigned kernel extensions\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8606: Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added July 25, 2019, updated September 17, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8525: Zhuo Liang and shrek_wzw of Qihoo 360 Nirvan Team\n\nEntry added May 14, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-8547: derrek (@derrekr6)\n\nEntry added May 14, 2019\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Messages**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A remote attacker may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8573: Natalie Silvanovich of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**Microcode**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Load ports, fill buffers, and store buffers in systems with microprocessors utilizing speculative execution may allow an attacker with local user access to potentially enable information disclosure via a side channel\n\nDescription: Multiple information disclosure issues were addressed partially by updating the microcode and changing the OS scheduler to isolate the system from web content running in the browser. To completely address these issues, there are additional opt-in mitigations to disable hyper threading and enable microcode-based mitigations for all processes by default. Details of the mitigations can be found at <https://support.apple.com/kb/HT210107>.\n\nCVE-2018-12126: Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; Lei Shi - Qihoo 360 CERT; Marina Minkin; Daniel Genkin from University of Michigan; and Yuval Yarom from University of Adelaide\n\nCVE-2018-12127: Brandon Falk from Microsoft Windows Platform Security Team; and Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel\n\nCVE-2018-12130: Giorgi Maisuradze from Microsoft Research; Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; Moritz Lipp, Michael Schwarz, and Daniel Gruss from Graz University of Technology; Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida from VUSec group at VU Amsterdam; Volodymyr Pikhur; and Dan Horea Lutas from BitDefender\n\nCVE-2019-11091: Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; and Moritz Lipp, Michael Schwarz, and Daniel Gruss from Graz University of Technology\n\nEntry added May 14, 2019\n\n**Security**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8604: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**StreamingZip**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**sysdiagnose**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\n**Touch Bar Support**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8569: Viktor Oreshkin (@stek29)\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security & Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**Wi-Fi**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 14, 2019\n\n\n\n## Additional recognition\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab, Vozzie, and Rami for their assistance.\n\nEntry updated May 14, 2019\n\n**Kernel**\n\nWe would like to acknowledge Denis Kopyrin for their assistance.\n\nEntry updated May 14, 2019\n\n**PackageKit**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance.\n\n**Safari**\n\nWe would like to acknowledge Michael Ball of Gradescope by Turnitin for their assistance.\n\n**System Preferences**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n", "edition": 2, "modified": "2019-10-09T01:52:48", "published": "2019-10-09T01:52:48", "id": "APPLE:HT210119", "href": "https://support.apple.com/kb/HT210119", "title": "About the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
