CVE-2019-1280
published 2019-09-11CVE-2019-1280: A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who…
PriorityP347high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
17.79%
96.8th percentile
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.
Affected
66 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc7.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
LNK Remote Code Execution Vulnerability
vendor_msrc·2019-09-10·CVSS 7.3
CVE-2019-1280 [HIGH] LNK Remote Code Execution Vulnerability
LNK Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The attacker could present to the user a removable drive, or remote share, that contains a malicious .LNK file and an associated malicious binary. When the user opens this drive(or remote share) in Windows Explorer, or any other application that parses the .LNK file, the malicious binary will execute code of the attacker’s choice, on the target s
GHSA
GHSA-gmf4-h5jx-m84h: A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a
ghsa_unreviewed·2022-05-24
CVE-2019-1280 [HIGH] GHSA-gmf4-h5jx-m84h: A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.
No detection rules found.
No public exploits indexed.
Krebs
Microsoft Patch Tuesday, February 2020 Edition
blogs_krebs·2020-02-11·CVSS 7.8
[HIGH] Microsoft Patch Tuesday, February 2020 Edition
Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.
Last month, Microsoft released an advisory warning that attackers were exploiting a previously unknown flaw in IE. That vulnerability, assigned as CVE-2020-0674, has been patched with this month’s release. It could be used to install malware just by getting a user to browse to a malicious or hacked Web site.
Microsoft once again fixed a critical flaw in the way Windows handles shortcut (.lnk) files (CVE-2020-0729) that affects Window
Krebs
Microsoft Patch Tuesday, February 2020 Edition
blogs_krebs·2020-02-11·CVSS 7.8
[HIGH] Microsoft Patch Tuesday, February 2020 Edition
Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat .
A dozen of the vulnerabilities Microsoft patched today are rated “critical,” meaning malware or miscreants could exploit them remotely to gain complete control over an affected system with little to no help from the user.
Last month, Microsoft released an advisory warning that attackers were exploiting a previously unknown flaw in IE. That vulnerability, assigned as CVE-2020-0674 , has been patched with this month’s release. It coul
Trendmicro
September Patch Tuesday: RDP Vulns and Zero-Days
blogs_trendmicro·2019-09-11·CVSS 8.8
[HIGH] September Patch Tuesday: RDP Vulns and Zero-Days
Exploits & Vulnerabilities
# September Patch Tuesday: RDP Vulns and Zero-Days
Microsoft’s September Patch Tuesday covered a total of 80 CVEs, 17 of which were rated critical.
By: Trend Micro
2019/09/11
Read time: ( words)
Save to Folio
Microsoft’s September Patch Tuesday covered 80 CVEs, 17 of which were rated critical, and included patches for Azure DevOps Server, Chakra Scripting engine, and Microsoft SharePoint. Sixty-two were labeled as important and included patches for Microsoft Excel, Microsoft Edge, and Microsoft Exchange. Only one was rated as moderate.
### Remote desktop vulnerabilities
Continuing the trend from last month, several of the critical patches were for Remote Desktop Clients and are CVE-2019-0787, CVE-2019-0788, CVE-2019-1290, and CVE-2019-1291 — all Remote Co
Trendmicro
September Patch Tuesday: RDP Vulns and Zero-Days
blogs_trendmicro·2019-09-11·CVSS 8.8
[HIGH] September Patch Tuesday: RDP Vulns and Zero-Days
# September Patch Tuesday: RDP Vulns and Zero-Days
Microsoft’s September Patch Tuesday covered a total of 80 CVEs, 17 of which were rated critical.
By: Trend Micro
Sep 11, 2019
Read time: ( words)
Save to Folio
Microsoft’s September Patch Tuesday covered 80 CVEs, 17 of which were rated critical, and included patches for Azure DevOps Server, Chakra Scripting engine, and Microsoft SharePoint. Sixty-two were labeled as important and included patches for Microsoft Excel, Microsoft Edge, and Microsoft Exchange. Only one was rated as moderate.
### Remote desktop vulnerabilities
Continuing the trend from last month, several of the critical patches were for Remote Desktop Clients and are CVE-2019-0787, CVE-2019-0788, CVE-2019-1290, and CVE-2019-1291 — all Remote Code Execution (RCE) vulnera
2019-09-11
Published