Microsoft’s November 2019 Patch Tuesday Fixes IE Zero-Day

Microsoft’s November 2019 Patch Tuesday Fixes IE Zero-Day

November 2019 Patch Tuesday: What to Expect

Microsoft has released 74 updates today – there are 13 Critical and 61 Important updates to deal with.

CVE-2019-1429 has been released to solve a bug that is being weaponized! This vulnerability should be treated as an ‘Out-of-Band’ update for anyone still using Internet Explorer. Previously, we have suggested moving away from IE—this is yet another reason to look for a safer browser for your business.

Robert Brown, Director of Services for Syxsense said, “The biggest risk our customers can take, is not treating weaponized vulnerabilities seriously enough. Weaponized vulnerabilities are often not the highest severity and aren’t prioritized enough by IT managers and security administrators. In this case, the severity is critical. If the vulnerability was exploited, it could easily be used to spread ransomware or take over a system. Please patch this now.”

Not Critical, But High Priority Patches

CVE-2019-1384 and CVE-2019-1424 have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these 8.5 and 8.1 respectively. CVE-2019-1384 is a vulnerability impacting all Windows operating systems from Windows 7 to Windows Server 2019 where an attacker could obtain key and sign in messages making some security login audit records redundant. It can also infect other machines.

We believe CVE-2019-1424 is particularly dangerous. If exposed, this vulnerability could downgrade the secure communications channel leading to communications messages being sent to Windows improperly—possibly even intercepted and recorded.

Latest Adobe Patches

Adobe released four patches for Adobe Animate CC, Illustrator CC, Bridge CC, and Media Encoder. The Media Encoder patch includes a critical fix for an out-of-bounds (OOB) that could allow code execution. Both Syxsense and Adobe recommend this Out-of-Band update be deployed within the next 7 days.

November 2019 Patch Tuesday Update

Based on the vendor severity and CVSS score, we have made a few recommendations for what to prioritize this month. Pay close attention to those under Publicly Aware and Weaponized.

 

CVE Ref. Description Vendor Severity CVSS Base Score Publicly Aware Weaponised Syxsense Secure Recommended
CVE-2019-1429 Scripting Engine Memory Corruption Vulnerability Critical 7.5 No Yes YES
CVE-2019-1373 Microsoft Exchange Remote Code Execution Vulnerability Critical NA No No YES
CVE-2019-1457 Microsoft Office Excel Security Feature Bypass Important NA Yes No YES
CVE-2019-1384 Microsoft Windows Security Feature Bypass Vulnerability Important 8.5 No No YES
CVE-2019-1424 NetLogon Security Feature Bypass Vulnerability Important 8.1 No No YES
CVE-2019-0721 Hyper-V Remote Code Execution Vulnerability Critical 8 No No YES
CVE-2019-1419 OpenType Font Parsing Remote Code Execution Vulnerability Critical 7.8 No No YES
CVE-2019-1379 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1380 Microsoft splwow64 Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1382 Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1383 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1385 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1388 Windows Certificate Dialog Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1393 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1394 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1395 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1396 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1405 Windows UPnP Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1407 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1408 Win32k Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1415 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1416 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1417 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1420 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1422 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1423 Windows Elevation of Privilege Vulnerability Important 7.8 No No YES
CVE-2019-1456 OpenType Font Parsing Remote Code Execution Vulnerability Important 7.8 No No YES
CVE-2019-1389 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1397 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1398 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.6 No No YES
CVE-2019-1390 VBScript Remote Code Execution Vulnerability Critical 7.5 No No YES
CVE-2019-1430 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Critical 7.3 No No YES
CVE-2019-1370 Open Enclave SDK Information Disclosure Vulnerability Important 7 No No YES
CVE-2019-1392 Windows Kernel Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1433 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1434 Win32k Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1435 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1437 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1438 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No YES
CVE-2019-1441 Win32k Graphics Remote Code Execution Vulnerability Critical 6.7 No No YES
CVE-2019-1406 Jet Database Engine Remote Code Execution Vulnerability Important 6.7 No No
CVE-2019-1381 Microsoft Windows Information Disclosure Vulnerability Important 6.6 No No
CVE-2019-0712 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1309 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1310 Windows Hyper-V Denial of Service Vulnerability Important 5.8 No No
CVE-2019-1374 Windows Error Reporting Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1391 Windows Denial of Service Vulnerability Important 5.5 No No
CVE-2019-1409 Windows Remote Procedure Call Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1436 Win32k Information Disclosure Vulnerability Important 5.5 No No
CVE-2019-1399 Windows Hyper-V Denial of Service Vulnerability Important 5.4 No No
CVE-2019-1324 Windows TCP/IP Information Disclosure Vulnerability Important 5.3 No No
CVE-2019-1412 OpenType Font Driver Information Disclosure Vulnerability Important 5 No No
CVE-2019-1440 Win32k Information Disclosure Vulnerability Important 5 No No
CVE-2018-12207 Windows Kernel Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-11135 Windows Kernel Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-1439 Windows GDI Information Disclosure Vulnerability Important 4.7 No No
CVE-2019-1411 DirectWrite Information Disclosure Vulnerability Important 4.4 No No
CVE-2019-1432 DirectWrite Information Disclosure Vulnerability Important 4.4 No No
CVE-2019-1413 Microsoft Edge Security Feature Bypass Vulnerability Important 4.3 No No
CVE-2019-1426 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1427 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1428 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No
CVE-2019-1418 Windows Modules Installer Service Information Disclosure Vulnerability Important 3.5 No No
CVE-2019-1234 Azure Stack Spoofing Vulnerability Important NA No No
CVE-2019-1402 Microsoft Office Information Disclosure Vulnerability Important NA No No
CVE-2019-1425 Visual Studio Elevation of Privilege Vulnerability Important NA No No
CVE-2019-1442 Microsoft Office Security Feature Bypass Vulnerability Important NA No No
CVE-2019-1443 Microsoft SharePoint Information Disclosure Vulnerability Important NA No No
CVE-2019-1445 Microsoft Office Online Spoofing Vulnerability Important NA No No
CVE-2019-1446 Microsoft Excel Information Disclosure Vulnerability Important NA No No
CVE-2019-1447 Microsoft Office Online Spoofing Vulnerability Important NA No No
CVE-2019-1448 Microsoft Excel Remote Code Execution Vulnerability Important NA No No
CVE-2019-1449 Microsoft Office ClickToRun Security Feature Bypass Vulnerability Important NA No No
CVE-2019-1454 Windows User Profile Service Elevation of Privilege Vulnerability Important NA No No

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.