Patch Tuesday: October Update Includes Sleeper Vulnerability

Microsoft’s October 2019 Patch Tuesday Fixes 59 Vulnerabilities

Microsoft has released 59 updates for its monthly Patch Tuesday Update, much less than September’s release of 80 updates. However, that doesn’t mean you can be complacent—there are still 9 Critical and 49 Important updates to deal with.

CVE-2019-1367 has been re-released and is being weaponized! This out-of-band update was actually released at the end of September, but following several misguided attempts to reassure customers, Microsoft released it to WSUS on October 7 and have released it again today. They also noted the updated patch addresses some ‘quality issues’ in the first versions of the patch. Customers of Syxsense had all versions available to them—including the uninstalls.

Our expert onboarding team helps implement a successful patching strategy to complement every customer’s environment with Syxsense, including the ability to roll back problematic updates.

Beware of a Sleeper Vulnerability

CVE-2019-1311 is only marked as Important, but this could have a huge impact if not addressed. It carries a CVSS score of 7.8 and could allow a sophisticated attack using the same credentials as the victim if exposed.

To exploit the vulnerability, an attacker needs to convince a user to open a specially crafted .WIM file. If you are concerned about moving to newer versions of Windows 10 and being vulnerable to the same attack, we recommend prioritizing this update.

CVE-2019-1340 Windows AppX Deployment Server and CVE-2019-1358 Windows Jet Database Engine also carry high CVSS severities which we recommend prioritizing.

Protect Roaming Users

A recent study revealed that companies are more concerned with protecting corporate networks that they took their eyes off roaming users. Roaming users, especially C-Level executives, were most vulnerable when using hotel or home networks which do not have the highest secure network level firewalls or Host Intrusion Prevention tools.

When choosing a cyber security solution, ensure the security of roaming users whenever they are connected to the internet—you cannot trust your users to connect into VPN.

Adobe Updates

There are no Adobe updates released today. However, keep your eyes peeled because Adobe does not always release updates on the same day as Microsoft.

Patch Tuesday Updates

We have made a few recommendations below which you should prioritize this month:

Our Recommendation	CVE Reference	Description	Severity	Publicly Announced	Actively Exploited
Yes	CVE-2019-1060	VBScript Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-1238	VBScript Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-1239	VBScript Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-1307	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-1308	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-1333	Remote Desktop Client Remote Code Execution Vulnerability	Critical	No	No
Yes	CVE-2019-1335	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-1366	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No
Yes	CVE-2019-1372	Azure App Service Elevation of Privilege Vulnerability	Critical	No	No
Yes	CVE-2019-1311	Windows Imaging API Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-0608	Microsoft Browser Spoofing Vulnerability	Important	No	No
	CVE-2019-1070	Microsoft Office SharePoint XSS Vulnerability	Important	No	No
	CVE-2019-1166	Windows NTLM Tampering Vulnerability	Important	No	No
	CVE-2019-1230	Hyper-V Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1313	SQL Server Management Studio Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1314	Windows 10 Mobile Security Feature Bypass Vulnerability	Important	No	No
	CVE-2019-1315	Windows Error Reporting Manager Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1316	Microsoft Windows Setup Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1317	Microsoft Windows Denial of Service Vulnerability	Important	No	No
	CVE-2019-1318	Microsoft Windows Transport Layer Security Spoofing Vulnerability	Important	No	No
	CVE-2019-1319	Windows Error Reporting Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1320	Microsoft Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1321	Microsoft Windows CloudStore Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1322	Microsoft Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1323	Microsoft Windows Update Client Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1326	Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability	Important	No	No
	CVE-2019-1327	Microsoft Excel Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-1328	Microsoft SharePoint Spoofing Vulnerability	Important	No	No
	CVE-2019-1329	Microsoft SharePoint Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1330	Microsoft SharePoint Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1331	Microsoft Excel Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-1334	Windows Kernel Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1336	Microsoft Windows Update Client Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1337	Windows Update Client Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1338	Windows NTLM Security Feature Bypass Vulnerability	Important	No	No
	CVE-2019-1339	Windows Error Reporting Manager Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1340	Microsoft Windows Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1341	Windows Power Service Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1342	Windows Error Reporting Manager Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1343	Windows Denial of Service Vulnerability	Important	No	No
	CVE-2019-1344	Windows Code Integrity Module Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1345	Windows Kernel Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1346	Windows Denial of Service Vulnerability	Important	No	No
	CVE-2019-1347	Windows Denial of Service Vulnerability	Important	No	No
	CVE-2019-1356	Microsoft Edge based on Edge HTML Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1357	Microsoft Browser Spoofing Vulnerability	Important	No	No
	CVE-2019-1358	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-1359	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No
	CVE-2019-1361	Microsoft Graphics Components Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1362	Win32k Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1363	Windows GDI Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1364	Win32k Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1365	Microsoft IIS Server Elevation of Privilege Vulnerability	Important	No	No
	CVE-2019-1369	Open Enclave SDK Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1371	Internet Explorer Memory Corruption Vulnerability	Important	No	No
	CVE-2019-1368	Windows Secure Boot Security Feature Bypass Vulnerability	Important	No	No
	CVE-2019-1375	Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability	Important	No	No
	CVE-2019-1376	SQL Server Management Studio Information Disclosure Vulnerability	Important	No	No
	CVE-2019-1325	Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability	Moderate	No	No