Microsoft October 2019 Patch Tuesday
This month we got patches for 59 vulnerabilities total. None of them have been previously disclosed nor are being exploited according to Microsoft.
Amongst 9 critical vulnerabilities, its worth mentioning the remote code execution one which affects Microsoft XML Core Services (CVE-2019-1060). To exploit this vulnerability, an attacker would have to convince a user to access a specially crafted website designed to invoke MSXML through the web browser. When Internet Explorer parses the malicious content, the attacker could run malicious code remotely on users’s system.
There is also a critical remote execution vulnerability Windows Remote Desktop Client (CVE-2019-1333). To exploit this vulnerability, an attacker would have to force the user to connect to a malicious server or compromise a legitimate server to host the malicious code on it, and wait for the users to connect.
See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
Azure App Service Remote Code Execution Vulnerability | |||||||
CVE-2019-1372 | No | No | Less Likely | Less Likely | Critical | ||
Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2019-1307 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-1308 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-1335 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2019-1366 | No | No | - | - | Critical | 4.2 | 3.8 |
Hyper-V Information Disclosure Vulnerability | |||||||
CVE-2019-1230 | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
Internet Explorer Memory Corruption Vulnerability | |||||||
CVE-2019-1371 | No | No | Less Likely | Less Likely | Important | 6.4 | 5.8 |
Jet Database Engine Remote Code Execution Vulnerability | |||||||
CVE-2019-1358 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2019-1359 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Latest Servicing Stack Updates | |||||||
ADV990001 | No | No | - | - | Critical | ||
MS XML Remote Code Execution Vulnerability | |||||||
CVE-2019-1060 | No | No | Less Likely | Less Likely | Critical | 6.4 | 5.8 |
Microsoft Browser Spoofing Vulnerability | |||||||
CVE-2019-0608 | No | No | Less Likely | Less Likely | Important | 2.4 | 2.2 |
CVE-2019-1357 | No | No | Less Likely | Less Likely | Important | 3.5 | 3.2 |
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | |||||||
CVE-2019-1375 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability | |||||||
CVE-2019-1356 | No | No | - | - | Important | 4.3 | 3.9 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2019-1327 | No | No | Less Likely | Less Likely | Important | ||
CVE-2019-1331 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Graphics Components Information Disclosure Vulnerability | |||||||
CVE-2019-1361 | No | No | - | - | Important | 5.5 | 5.0 |
Microsoft IIS Server Elevation of Privilege Vulnerability | |||||||
CVE-2019-1365 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
Microsoft Office SharePoint XSS Vulnerability | |||||||
CVE-2019-1070 | No | No | - | - | Important | ||
Microsoft SharePoint Elevation of Privilege Vulnerability | |||||||
CVE-2019-1329 | No | No | - | - | Important | ||
CVE-2019-1330 | No | No | Less Likely | Less Likely | Important | ||
Microsoft SharePoint Spoofing Vulnerability | |||||||
CVE-2019-1328 | No | No | - | - | Important | ||
Microsoft Windows CloudStore Elevation of Privilege Vulnerability | |||||||
CVE-2019-1321 | No | No | Less Likely | Less Likely | Important | 5.8 | 5.2 |
Microsoft Windows Denial of Service Vulnerability | |||||||
CVE-2019-1317 | No | No | Less Likely | Less Likely | Important | 6.4 | 5.8 |
Microsoft Windows Elevation of Privilege Vulnerability | |||||||
CVE-2019-1320 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2019-1322 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2019-1340 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Microsoft Windows Setup Elevation of Privilege Vulnerability | |||||||
CVE-2019-1316 | No | No | Less Likely | Less Likely | Important | 7.3 | 6.6 |
Microsoft Windows Transport Layer Security Spoofing Vulnerability | |||||||
CVE-2019-1318 | No | No | Less Likely | Less Likely | Important | 7.7 | 6.9 |
Microsoft Windows Update Client Elevation of Privilege Vulnerability | |||||||
CVE-2019-1323 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2019-1336 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
Open Enclave SDK Information Disclosure Vulnerability | |||||||
CVE-2019-1369 | No | No | Less Likely | Less Likely | Important | ||
Remote Desktop Client Remote Code Execution Vulnerability | |||||||
CVE-2019-1333 | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
SQL Server Management Studio Information Disclosure Vulnerability | |||||||
CVE-2019-1313 | No | No | Less Likely | Less Likely | Important | ||
CVE-2019-1376 | No | No | Less Likely | Less Likely | Important | ||
VBScript Remote Code Execution Vulnerability | |||||||
CVE-2019-1238 | No | No | Less Likely | Less Likely | Critical | 6.4 | 5.8 |
CVE-2019-1239 | No | No | - | - | Critical | 6.4 | 5.8 |
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2019-1362 | No | No | - | - | Important | 7.0 | 6.3 |
CVE-2019-1364 | No | No | - | - | Important | 7.0 | 6.3 |
Windows 10 Mobile Security Feature Bypass Vulnerability | |||||||
CVE-2019-1314 | No | No | Less Likely | Less Likely | Important | ||
Windows Code Integrity Module Information Disclosure Vulnerability | |||||||
CVE-2019-1344 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Denial of Service Vulnerability | |||||||
CVE-2019-1343 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
CVE-2019-1346 | No | No | Less Likely | Less Likely | Important | 5.7 | 5.1 |
CVE-2019-1347 | No | No | Less Likely | Less Likely | Important | 5.7 | 5.1 |
Windows Error Reporting Elevation of Privilege Vulnerability | |||||||
CVE-2019-1319 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
Windows Error Reporting Manager Elevation of Privilege Vulnerability | |||||||
CVE-2019-1342 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2019-1315 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2019-1339 | No | No | - | - | Important | 7.8 | 7.0 |
Windows GDI Information Disclosure Vulnerability | |||||||
CVE-2019-1363 | No | No | - | - | Important | 5.5 | 5.0 |
Windows Imaging API Remote Code Execution Vulnerability | |||||||
CVE-2019-1311 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2019-1345 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
CVE-2019-1334 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
Windows NTLM Security Feature Bypass Vulnerability | |||||||
CVE-2019-1338 | No | No | - | - | Important | 5.3 | 4.8 |
Windows NTLM Tampering Vulnerability | |||||||
CVE-2019-1166 | No | No | Less Likely | Less Likely | Important | 5.9 | 5.3 |
Windows Power Service Elevation of Privilege Vulnerability | |||||||
CVE-2019-1341 | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | |||||||
CVE-2019-1325 | No | No | Less Likely | Unlikely | Important | 5.5 | 5.0 |
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | |||||||
CVE-2019-1326 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
Windows Secure Boot Security Feature Bypass Vulnerability | |||||||
CVE-2019-1368 | No | No | Less Likely | Less Likely | Important | 4.9 | 4.4 |
Windows Update Client Information Disclosure Vulnerability | |||||||
CVE-2019-1337 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Comments