Microsoft issued the June 2019 Security Updates that include 88 unique vulnerability fixes, 21 rated critical. Additional guidance was also published to mitigate Adobe vulnerabilities.
The updates address multiple Microsoft products to include:
- Adobe Flash Player
- Internet Explorer
- Exchange Server
- Office and Microsoft Office Services and Web Apps
- Skype for Business and Microsoft Lync.
Of note, one patch fixes a remote code execution vulnerability (CVE-2019-0985) that impacts the Microsoft Speech API. In fact, Microsoft says exploitation is more likely on older OS, such as impacted Windows 7 and Server 2008 R2.
Users are also reminded that Microsoft ends support for Windows 7 and Server 2008 on January 14, 2020.
Microsoft also issued a security advisory for Adobe Flash Player. The update was also made available by Adobe in APSB19-30 to fix a Critical vulnerability CVE-2019-7845 that could allow arbitrary code execution.
The 21 critical Microsoft vulnerabilities are listed below (each impacts Windows, Browser or Development Tools product families):