This past week, the newest major security patch for Windows 10 went live, offering users the ability to deal with dozens of bugs and other issues with various OS components the threatened system integrity.
A wide array of publicly and privately disclosed vulnerabilities were patched in this round of updates. The newest Windows 10 patch includes fixes for a number of Critical, Important and Moderate issues concerning security of Windows 10. There were at least four vulnerabilities known to the public included in this release. Some fixes were also included for problems with third-party software like Adobe Flash Player.
The four publicly disclosed vulnerabilities patched in the security update are the following:
- CVE-2019-1069: The bug, which affects Windows Task Scheduler in Windows 10, Server 2016 and later versions, has raised the most concern among security experts. It could allow elevation of privilege on affected systems, according to Microsoft.
- CVE-2019-1064: Windows elevation of privilege vulnerability affecting Windows 10, Server 2016 and later.
- CVE-2019-1053: Windows Shell elevation of privilege vulnerability affects all currently supported Windows operating systems. It could create elevation of privilege conditions on affected systems by escaping a sandbox.
- CVE-2019-0973: Windows Installer vulnerability could enable elevation of privilege on the affected systems through wrong sanitisation of input from loaded libraries.
The patch dealt with a total of 88 vulnerabilities, with 66 of these being classed as Important, a further 21 being classified as Critical, and the final update being of Moderate classification. Microsoft claims that of all the vulnerabilities, none were found to be publicly exploited in the wild.