Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft October 2019 Patch Tuesday

Published: 2019-10-08
Last Updated: 2019-10-08 17:58:14 UTC
by Renato Marinho (Version: 1)
0 comment(s)

This month we got patches for 59 vulnerabilities total. None of them have been previously disclosed nor are being exploited according to Microsoft. 

Amongst 9 critical vulnerabilities, its worth mentioning the remote code execution one which affects Microsoft XML Core Services (CVE-2019-1060). To exploit this vulnerability, an attacker would have to convince a user to access a specially crafted website designed to invoke MSXML through the web browser. When Internet Explorer parses the malicious content, the attacker could run malicious code remotely on users’s system.  

There is also a critical remote execution vulnerability Windows Remote Desktop Client (CVE-2019-1333). To exploit this vulnerability, an attacker would have to force the user to connect to a malicious server or compromise a legitimate server to host the malicious code on it, and wait for the users to connect. 

See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Azure App Service Remote Code Execution Vulnerability
CVE-2019-1372 No No Less Likely Less Likely Critical    
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1307 No No - - Critical 4.2 3.8
CVE-2019-1308 No No - - Critical 4.2 3.8
CVE-2019-1335 No No - - Critical 4.2 3.8
CVE-2019-1366 No No - - Critical 4.2 3.8
Hyper-V Information Disclosure Vulnerability
CVE-2019-1230 No No Less Likely Less Likely Important 6.8 6.1
Internet Explorer Memory Corruption Vulnerability
CVE-2019-1371 No No Less Likely Less Likely Important 6.4 5.8
Jet Database Engine Remote Code Execution Vulnerability
CVE-2019-1358 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1359 No No Less Likely Less Likely Important 7.8 7.0
Latest Servicing Stack Updates
ADV990001 No No - - Critical    
MS XML Remote Code Execution Vulnerability
CVE-2019-1060 No No Less Likely Less Likely Critical 6.4 5.8
Microsoft Browser Spoofing Vulnerability
CVE-2019-0608 No No Less Likely Less Likely Important 2.4 2.2
CVE-2019-1357 No No Less Likely Less Likely Important 3.5 3.2
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
CVE-2019-1375 No No Less Likely Less Likely Important    
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
CVE-2019-1356 No No - - Important 4.3 3.9
Microsoft Excel Remote Code Execution Vulnerability
CVE-2019-1327 No No Less Likely Less Likely Important    
CVE-2019-1331 No No Less Likely Less Likely Important    
Microsoft Graphics Components Information Disclosure Vulnerability
CVE-2019-1361 No No - - Important 5.5 5.0
Microsoft IIS Server Elevation of Privilege Vulnerability
CVE-2019-1365 No No Less Likely Less Likely Important 7.5 6.7
Microsoft Office SharePoint XSS Vulnerability
CVE-2019-1070 No No - - Important    
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2019-1329 No No - - Important    
CVE-2019-1330 No No Less Likely Less Likely Important    
Microsoft SharePoint Spoofing Vulnerability
CVE-2019-1328 No No - - Important    
Microsoft Windows CloudStore Elevation of Privilege Vulnerability
CVE-2019-1321 No No Less Likely Less Likely Important 5.8 5.2
Microsoft Windows Denial of Service Vulnerability
CVE-2019-1317 No No Less Likely Less Likely Important 6.4 5.8
Microsoft Windows Elevation of Privilege Vulnerability
CVE-2019-1320 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1322 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1340 No No Less Likely Less Likely Important 7.8 7.0
Microsoft Windows Setup Elevation of Privilege Vulnerability
CVE-2019-1316 No No Less Likely Less Likely Important 7.3 6.6
Microsoft Windows Transport Layer Security Spoofing Vulnerability
CVE-2019-1318 No No Less Likely Less Likely Important 7.7 6.9
Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2019-1323 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1336 No No Less Likely Less Likely Important 7.0 6.3
Open Enclave SDK Information Disclosure Vulnerability
CVE-2019-1369 No No Less Likely Less Likely Important    
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2019-1333 No No More Likely More Likely Critical 7.5 6.7
SQL Server Management Studio Information Disclosure Vulnerability
CVE-2019-1313 No No Less Likely Less Likely Important    
CVE-2019-1376 No No Less Likely Less Likely Important    
VBScript Remote Code Execution Vulnerability
CVE-2019-1238 No No Less Likely Less Likely Critical 6.4 5.8
CVE-2019-1239 No No - - Critical 6.4 5.8
Win32k Elevation of Privilege Vulnerability
CVE-2019-1362 No No - - Important 7.0 6.3
CVE-2019-1364 No No - - Important 7.0 6.3
Windows 10 Mobile Security Feature Bypass Vulnerability
CVE-2019-1314 No No Less Likely Less Likely Important    
Windows Code Integrity Module Information Disclosure Vulnerability
CVE-2019-1344 No No Less Likely Less Likely Important 5.5 5.0
Windows Denial of Service Vulnerability
CVE-2019-1343 No No Less Likely Less Likely Important 6.5 5.9
CVE-2019-1346 No No Less Likely Less Likely Important 5.7 5.1
CVE-2019-1347 No No Less Likely Less Likely Important 5.7 5.1
Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2019-1319 No No Less Likely Less Likely Important 7.0 6.3
Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2019-1342 No No Less Likely Less Likely Important 7.0 6.3
CVE-2019-1315 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1339 No No - - Important 7.8 7.0
Windows GDI Information Disclosure Vulnerability
CVE-2019-1363 No No - - Important 5.5 5.0
Windows Imaging API Remote Code Execution Vulnerability
CVE-2019-1311 No No Less Likely Less Likely Important 7.8 7.0
Windows Kernel Information Disclosure Vulnerability
CVE-2019-1345 No No Less Likely Less Likely Important 5.5 5.0
CVE-2019-1334 No No Less Likely Less Likely Important 4.7 4.2
Windows NTLM Security Feature Bypass Vulnerability
CVE-2019-1338 No No - - Important 5.3 4.8
Windows NTLM Tampering Vulnerability
CVE-2019-1166 No No Less Likely Less Likely Important 5.9 5.3
Windows Power Service Elevation of Privilege Vulnerability
CVE-2019-1341 No No More Likely More Likely Important 7.8 7.0
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
CVE-2019-1325 No No Less Likely Unlikely Important 5.5 5.0
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
CVE-2019-1326 No No Less Likely Less Likely Important 7.5 6.7
Windows Secure Boot Security Feature Bypass Vulnerability
CVE-2019-1368 No No Less Likely Less Likely Important 4.9 4.4
Windows Update Client Information Disclosure Vulnerability
CVE-2019-1337 No No Less Likely Less Likely Important 5.5 5.0

 

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:
0 comment(s)
Diary Archives