Patch Tuesday: October Update Includes Sleeper Vulnerability
Microsoft released 59 updates for its monthly Patch Tuesday Update. Beware of a sleeper vulnerability and a patch that is being weaponized.
Microsoft’s October 2019 Patch Tuesday Fixes 59 Vulnerabilities
Microsoft has released 59 updates for its monthly Patch Tuesday Update, much less than September’s release of 80 updates. However, that doesn’t mean you can be complacent—there are still 9 Critical and 49 Important updates to deal with.
CVE-2019-1367 has been re-released and is being weaponized! This out-of-band update was actually released at the end of September, but following several misguided attempts to reassure customers, Microsoft released it to WSUS on October 7 and have released it again today. They also noted the updated patch addresses some ‘quality issues’ in the first versions of the patch. Customers of Syxsense had all versions available to them—including the uninstalls.
Our expert onboarding team helps implement a successful patching strategy to complement every customer’s environment with Syxsense, including the ability to roll back problematic updates.
Beware of a Sleeper Vulnerability
CVE-2019-1311 is only marked as Important, but this could have a huge impact if not addressed. It carries a CVSS score of 7.8Â and could allow a sophisticated attack using the same credentials as the victim if exposed.
To exploit the vulnerability, an attacker needs to convince a user to open a specially crafted .WIM file. If you are concerned about moving to newer versions of Windows 10 and being vulnerable to the same attack, we recommend prioritizing this update.
CVE-2019-1340 Windows AppX Deployment Server and CVE-2019-1358 Windows Jet Database Engine also carry high CVSS severities which we recommend prioritizing.
Protect Roaming Users
A recent study revealed that companies are more concerned with protecting corporate networks that they took their eyes off roaming users. Roaming users, especially C-Level executives, were most vulnerable when using hotel or home networks which do not have the highest secure network level firewalls or Host Intrusion Prevention tools.
When choosing a cyber security solution, ensure the security of roaming users whenever they are connected to the internet—you cannot trust your users to connect into VPN.
Adobe Updates
There are no Adobe updates released today. However, keep your eyes peeled because Adobe does not always release updates on the same day as Microsoft.
Patch Tuesday Updates
We have made a few recommendations below which you should prioritize this month:
| Our Recommendation | CVE Reference | Description | Severity | Publicly Announced | Actively Exploited |
| Yes | CVE-2019-1060 | VBScript Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-1238 | VBScript Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-1239 | VBScript Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-1307 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-1308 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability | Critical | No | No |
| Yes | CVE-2019-1335 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-1366 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical | No | No |
| Yes | CVE-2019-1372 | Azure App Service Elevation of Privilege Vulnerability | Critical | No | No |
| Â Yes | CVE-2019-1311 | Windows Imaging API Remote Code Execution Vulnerability | Important | No | No |
| CVE-2019-0608 | Microsoft Browser Spoofing Vulnerability | Important | No | No | |
| CVE-2019-1070 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | |
| CVE-2019-1166 | Windows NTLM Tampering Vulnerability | Important | No | No | |
| CVE-2019-1230 | Hyper-V Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1313 | SQL Server Management Studio Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1314 | Windows 10 Mobile Security Feature Bypass Vulnerability | Important | No | No | |
| CVE-2019-1315 | Windows Error Reporting Manager Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1316 | Microsoft Windows Setup Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1317 | Microsoft Windows Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-1318 | Microsoft Windows Transport Layer Security Spoofing Vulnerability | Important | No | No | |
| CVE-2019-1319 | Windows Error Reporting Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1320 | Microsoft Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1321 | Microsoft Windows CloudStore Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1322 | Microsoft Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1323 | Microsoft Windows Update Client Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1326 | Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-1327 | Microsoft Excel Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-1328 | Microsoft SharePoint Spoofing Vulnerability | Important | No | No | |
| CVE-2019-1329 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1330 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1331 | Microsoft Excel Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-1334 | Windows Kernel Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1336 | Microsoft Windows Update Client Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1337 | Windows Update Client Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1338 | Windows NTLM Security Feature Bypass Vulnerability | Important | No | No | |
| CVE-2019-1339 | Windows Error Reporting Manager Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1340 | Microsoft Windows Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1341 | Windows Power Service Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1342 | Windows Error Reporting Manager Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1343 | Windows Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-1344 | Windows Code Integrity Module Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1345 | Windows Kernel Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1346 | Windows Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-1347 | Windows Denial of Service Vulnerability | Important | No | No | |
| CVE-2019-1356 | Microsoft Edge based on Edge HTML Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1357 | Microsoft Browser Spoofing Vulnerability | Important | No | No | |
| CVE-2019-1358 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-1359 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | |
| CVE-2019-1361 | Microsoft Graphics Components Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1362 | Win32k Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1363 | Windows GDI Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1364 | Win32k Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1365 | Microsoft IIS Server Elevation of Privilege Vulnerability | Important | No | No | |
| CVE-2019-1369 | Open Enclave SDK Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1371 | Internet Explorer Memory Corruption Vulnerability | Important | No | No | |
| CVE-2019-1368 | Windows Secure Boot Security Feature Bypass Vulnerability | Important | No | No | |
| CVE-2019-1375 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | No | No | |
| CVE-2019-1376 | SQL Server Management Studio Information Disclosure Vulnerability | Important | No | No | |
| CVE-2019-1325 | Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | Moderate | No | No |
Start a Free Trial
Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
