Microsoft Issues Windows Security Update for 0Day Vulnerability

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Forum Veteran
Aug 17, 2014
12,726
123,827
8,399
Content source
https://www.bleepingcomputer.com/news/security/microsoft-issues-windows-security-update-for-0day-vulnerability/
Microsoft released two out of band security updates today for remote code execution (RCE) and denial of service (DoS) security vulnerabilities impacting Internet Explorer and Windows Defender, respectively.

The first one is a zero-day RCE vulnerability tracked as CVE-2019-1367 and disclosed by Clément Lecigne of Google’s Threat Analysis Group.
The CVE-2019-1367 scripting engine memory corruption vulnerability is known to have been exploited in the wild and it "exists in the way that the scripting engine handles objects in memory in Internet Explorer."
Out of band security vulnerability fixes CVE-2019-1367 and CVE-2019-1255 have been released today. For more information please see https://t.co/QMUM53m8so and https://t.co/vy3d0wXWng .
— Security Response (@msftsecresponse) September 23, 2019
Click to expand...
Click to expand...
www.bleepingcomputer.com

Microsoft Issues Windows Security Update for 0Day Vulnerability

Microsoft released two out of band security updates today for remote code execution (RCE) and denial of service (DoS) security vulnerabilities impacting Internet Explorer and Windows Defender, respectively.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: Vasudev, oldschool, Viking and 12 others
So is Microsoft slipping this update in with the definitions, like a mickey or what? Anyone who wants to check the engine version, open Defender app, click three bars at top, click settings cog at bottom, then click "about." *** I still have the old version. IE11 was fortuitously shut off a few days ago via Control Panel. Haven't gotten either yet, it says within 48 hours.

defender version.PNG


***ridiculous
 
  • Like
  • Wow
Reactions: Vasudev, show-Zi, bribon77 and 4 others
  • Like
Reactions: Burrito, silversurfer, harlan4096 and 4 others
plat1098 said:
So is Microsoft slipping this update in with the definitions, like a mickey or what? Anyone who wants to check the engine version, open Defender app, click three bars at top, click settings cog at bottom, then click "about." *** I still have the old version. IE11 was fortuitously shut off a few days ago via Control Panel. Haven't gotten either yet, it says within 48 hours.

View attachment 225450

***ridiculous
Click to expand...

You're still on 1809 ?
 
  • Like
Reactions: silversurfer, show-Zi, bribon77 and 2 others
Thanks, upnorth! Even though you can update manually, I don't like the recent trend of issuing patches via definition updates (like with the broken Defender scan very recently). You can't monitor anything this way, unlike with Windows system ones, you know when it's coming and there's a changelog. Plus getting the Defender's versions is very convoluted and obscure. The article didn't say how this update would be delivered.

I'm on 1903 and everything is current, I checked.


forum member Oldschool said in post #5: …..I think his concern is with the antimalware engine.....

Uh, it's her concern, and there is actually no concern. Thanks.
 
  • Like
  • +Reputation
Reactions: oldschool, upnorth, simmerskool and 5 others
plat1098 said:
Uh, it's her concern, and there is actually no concern.
Click to expand...

Oops, sorry. :notworthy:

I read the article to mean the update will come with the tomorrow's cumulative update:

...Users don't need to take any actions to protect against CVE-2019-1255 exploitation since the Microsoft Malware Protection Engine comes with an auto-update feature that will automatically install the newly patched version within 48 hours of its availability.
 
  • Like
Reactions: upnorth, simmerskool, silversurfer and 8 others
@plat1098 , I can also agree with more or less everything you said about MS recent trend how they ship updates etc. It could be much better but, I also get the feeling they them self understand it's not perfect and actually try to improve it. The share from @bribon77 is probably a sign on that.
malwaretips.com

Windows 10 is Getting a New Optional Update Experience

https://www.bleepingcomputer.com/news/microsoft/windows-10-is-getting-a-new-optional-update-experience/ Windows 10 is Getting a New Optional Update Experience Microsoft is changing the windows update experience in Windows 10 so that "optional" updates are shown in a dedicated screen...
malwaretips.com malwaretips.com
Another share that explains a lot how MS nowadays work with their OS, is the post from @oldschool that I highly recommend. For me personal that information is already well known, but the guy in the video explains it very well.
malwaretips.com

Former M$ employee and Windows lover riffs on M$'s QA problems.

Here's yet another video poached from Wilders. Really funny and informative take from a former M$ QA employee. Definitely worth watching!
malwaretips.com malwaretips.com
 
  • Like
  • +Reputation
  • Applause
Reactions: Fel Grossi, Venustus, Burrito and 7 others
Well, this is very reasonable and fair, upnorth. While I completely understand the necessity and efficiency of security patches delivered via def. updates, that doesn't mean I have to "love" it. :emoji_neutral_face: This goes back to this big thing: What are the upper limits for which Microsoft can take liberties with YOUR machine? But OK, enough already. The engine on here was updated in this sneaky manner within the past 12 hours. So, it seems, here is the current, patched version. :)

defvers.PNG
 
  • Like
  • +Reputation
Reactions: Venustus, Burrito, oldschool and 2 others
DeepWeb said:
I love how Windows Defender has become one of the most troubling attack vectors. The irony.
Click to expand...

A quick search on this forum will indicate I've been warning of that very thing and encouraging people to not run WD. There are other things going on, and it will not get better in the end with WD. So those bandwagoning it, might want to reconsider their pied piper roles.
 
  • Like
  • Applause
  • +Reputation
Reactions: stefanos, Kuttz, Handsome Recluse and 2 others
zhuzhangspankspank said:
Unfortunately Windows Defender isn't the only one. Just keep track of Google Project Zero reports of Norton, Kaspersky, Trend Micro and so on. Vulns are to be found in them all.
Click to expand...

Spot on.

This isn't a MS only issue. As you've said, if anyone is paying attention, they would see that Tavis Ormandy of Project Zero, has virtually ripped apart every single 3rd part security program, both with big and small vulnerabilities. To say that people shouldn't use WD because of this, is just ignoring the fact that every single AV in existence has had similar, if not worse issues.


ForgottenSeer 58943 said:
A quick search on this forum will indicate I've been warning of that very thing and encouraging people to not run WD. There are other things going on, and it will not get better in the end with WD. So those bandwagoning it, might want to reconsider their pied piper roles.
Click to expand...

No offence, but I'll keep using WD and I won't be stressing about this. As @zhuzhangspankspank and myself said, this isn't a MS only issue. Every AV had has similar, if not worse issues, stating otherwise is just being ignorant of the facts. This isn't some WD apology, it's a vulnerability that definitely needed to be patched, but people shouldn't be worrying and being told to switch because of it. I will still recommend WD and I urge people who are using it and like it, to continue to do so.

At the end of the day, people just need to use what works best for them. No one is forcing anyone to use WD, or any other program for that matter. One's habits will dictate if and how often they will get infected more than which security program one uses. In saying that, WD has come a long ways, it is far better than before and continues to improve. Those constantly looking for examples to rip apart WD just need to get their heads out of the sand. Many act as if MS came and took their first born or something. Chances are home users won't be subject to such an attack anyways. Doesn't mean it cant happen, but I would wager that unless your a government, large business/enterprise, bank, etc.... you won't run into this

Use what you like and practice safe habits. If you don't like WD that's totally cool, but those who do like it and use it, shouldn't be told not to use it because of this, or quite simply because the person telling them not to use it doesn't like it. :emoji_v:
 
Last edited by a moderator:
  • Like
  • +Reputation
Reactions: stefanos, Venustus, plat and 2 others
You must log in or register to reply here.

You may also like...