Microsoft Out-of-Band Security Update Released

[Corrine]

Microsoft has released an Out-of-Band security update addressing CVE-2019-1255 which relates to a Microsoft Defender Denial of Service Vulnerability and CVE-2019-1367, a Scripting Engine Memory Corruption Vulnerability. CVE-02019-1255 is rated Important and CVE 2019-1367 is rated Critical in severity.

The updates address Denial of Service and Remote Code Execution. They apply to the following: Windows Defender, Microsoft Security Essentials, Internet Explorer versions 9, 10 and 11 as well as Microsoft Forefront Endpoint Protection 2010, Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection Microsoft System Center 2012 Endpoint Protection.

For more information about the updates released today, see https://portal.msrc.microsoft.com/en-us/security-guidance/summary. Updates can be sorted by OS from the search box. Information about the updates is available from the Windows Update History:

• Windows 10
• Windows 8.1
• Windows 7
  

Security Updates Guide

[Corrine]

In case you missed it in CVE-2019-1367, the update to Internet Explorer needs to be downloaded manually from the Windows Update Catalog.  

 

Updates provided for the latest Windows 10 version 1903 through version 1607:

 

Windows 10, Version 1903:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB4522016
Windows 10, Version 1809:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB4522015
Windows 10, Version 1803:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB4522015
Windows 10, Version 1709:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB4522012
Windows 10, Version 1703:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB4522011
Windows 10, Version 1607:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB4522010

 

Updates for Windows 7, Windows 8 Embedded and 8.1:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB4522007