Previous All Posts Next

Microsoft Patches 80 Security Flaws in September 2019

Posted: September 11, 2019 to News.

Tags: Data Breach, Malware, Compliance

Microsoft issued security updates yesterday to plug roughly 80 security issues holes in its Windows operating systems and software. Over 25% of those updates are critical. This is the fourth time this year that Microsoft has had to fix bugs in its Remote Desktop Feature. Two of the bugs resolved in this month’s patch batch (CVE-2019-1214 and CVE-2019-1215) involve vulnerabilities that have already been exploited and utilize privilege escalation flaws to take over targeted systems. Another patches a critical vulnerability involving the shortcut files that end in “.Ink” extension. “.lnk” files were one of the four known exploits bundled with Stuxnet, the weapon that the U.S. and Israeli intelligence services deployed against Iran years ago. Adobe also fixed two critical bugs in its Flash Player browser plugin. According to KrebsonSecurity, there “do not appear to be any patch-now-or-be-compromised-tomorrow flaws in the September patch rollup” and users are encouraged to “wait a few days” for any patch glitches to be corrected before applying these fixes. KrebsonSecurity also reminds users to be sure that files are backed up prior to any updates, and for security reasons be sure you are following the 3-2-1 backup rule.

Protect Your Business Today

Petronella Technology Group has provided cybersecurity, compliance, and managed IT services from Raleigh, NC for over 23 years. Contact us today for a free consultation and technology assessment.

Need help implementing these strategies? Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
Explore Our Services
Cybersecurity AI Services Compliance HIPAA CMMC Managed IT

Related Articles

FBI Issues Warning for Gmail, Outlook, AOL, and Yahoo Users FBI Issues Warning for Gmail, Outlook, AOL, and Yahoo Users Top 3 MFA Bypass Attacks: MFA Fatigue, Token Theft, and Machine-in-the-Middle Attacks Top 3 MFA Bypass Attacks: MFA Fatigue, Token Theft, and Machine-in-the-Middle Attacks Stop M365 MitM Attacks: MFA Bypass Defense Guide Stop M365 MitM Attacks: MFA Bypass Defense Guide Understanding and Defending Against MFA Machine-in-the-Middle (MitM) Attacks Understanding and Defending Against MFA Machine-in-the-Middle (MitM) Attacks
Craig Petronella
Craig Petronella
CEO & Founder, Petronella Technology Group | CMMC Registered Practitioner

Craig Petronella is a cybersecurity expert with over 24 years of experience protecting businesses from cyber threats. As founder of Petronella Technology Group, he has helped over 2,500 organizations strengthen their security posture, achieve compliance, and respond to incidents.

LinkedIn Twitter About
Related Service
Need Cybersecurity or Compliance Help?

Schedule a free consultation with our cybersecurity experts to discuss your security needs.

Schedule Free Consultation
Previous All Posts Next
Free cybersecurity consultation available Schedule Now