vulnerability
Microsoft Windows: CVE-2019-1289: Windows Update Delivery Optimization Elevation of Privilege Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:N/C:N/I:P/A:P) | Sep 10, 2019 | Sep 10, 2019 | Sep 5, 2025 |
Severity
4
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:P)
Published
Sep 10, 2019
Added
Sep 10, 2019
Modified
Sep 5, 2025
Description
An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions, aka 'Windows Update Delivery Optimization Elevation of Privilege Vulnerability'.
Solutions
microsoft-windows-windows_10-1507-kb4516070microsoft-windows-windows_10-1607-kb4516044microsoft-windows-windows_10-1703-kb4516068microsoft-windows-windows_10-1709-kb4516066microsoft-windows-windows_10-1803-kb4516058microsoft-windows-windows_10-1809-kb4512578microsoft-windows-windows_10-1903-kb4515384microsoft-windows-windows_server_2016-1607-kb4516044microsoft-windows-windows_server_2019-1809-kb4512578msft-kb4515384-1fec8c01-d96f-4692-9c3f-533f1966ba0f
References
- CVE-2019-1289
- https://attackerkb.com/topics/CVE-2019-1289
- CWE-863
- https://support.microsoft.com/help/4512578
- https://support.microsoft.com/help/4515384
- https://support.microsoft.com/help/4516044
- https://support.microsoft.com/help/4516058
- https://support.microsoft.com/help/4516066
- https://support.microsoft.com/help/4516068
- https://support.microsoft.com/help/4516070
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.