Microsoft has released the Windows 10 June 2019 patch last Tuesday, featuring 4 advisories, 1 servicing stack update, and updates for 88 vulnerabilities, with 21 being classified as Critical.
It is said that some of the advisories include updated drivers and software that fix vulnerabilities in 3rd-party hardware and software, such as Adobe Flash Player.
According to the company, 66 out of the 88 patches are rated as “important” while only one is rated as “moderate”. In addition, Microsoft claimed that none of the publically disclosed zero days, or other vulnerabilities, were found to be publically exploited in the wild.
Microsoft suggests everyone to install the security updates in order to protect their systems.
The four publicly disclosed vulnerabilities patched in the security update are the following:
- CVE-2019-1069: The bug, which affects Windows Task Scheduler in Windows 10, Server 2016 and later versions, has raised the most concern among security experts. It could allow elevation of privilege on affected systems, according to Microsoft.
- CVE-2019-1064: Windows elevation of privilege vulnerability affecting Windows 10, Server 2016 and later.
- CVE-2019-1053: Windows Shell elevation of privilege vulnerability affects all currently supported Windows operating systems. It could create elevation of privilege conditions on affected systems by escaping a sandbox.
- CVE-2019-0973: Windows Installer vulnerability could enable elevation of privilege on the affected systems through wrong sanitisation of input from loaded libraries.
Kudos to our reader Metal Messiah for bringing this to our attention.