Microsoft’s November 2019 Patch Tuesday Fixes IE Zero-Day
Microsoft has released 74 Patch Tuesday updates, including 13 Critical updates and a fix for a remote code execution vulnerability in Internet Explorer.
November 2019 Patch Tuesday: What to Expect
Microsoft has released 74 updates today – there are 13 Critical and 61 Important updates to deal with.
CVE-2019-1429 has been released to solve a bug that is being weaponized! This vulnerability should be treated as an ‘Out-of-Band’ update for anyone still using Internet Explorer. Previously, we have suggested moving away from IE—this is yet another reason to look for a safer browser for your business.
Robert Brown, Director of Services for Syxsense said, “The biggest risk our customers can take, is not treating weaponized vulnerabilities seriously enough. Weaponized vulnerabilities are often not the highest severity and aren’t prioritized enough by IT managers and security administrators. In this case, the severity is critical. If the vulnerability was exploited, it could easily be used to spread ransomware or take over a system. Please patch this now.”
Not Critical, But High Priority Patches
CVE-2019-1384 and CVE-2019-1424 have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these 8.5 and 8.1 respectively. CVE-2019-1384 is a vulnerability impacting all Windows operating systems from Windows 7 to Windows Server 2019 where an attacker could obtain key and sign in messages making some security login audit records redundant. It can also infect other machines.
We believe CVE-2019-1424 is particularly dangerous. If exposed, this vulnerability could downgrade the secure communications channel leading to communications messages being sent to Windows improperly—possibly even intercepted and recorded.
Latest Adobe Patches
Adobe released four patches for Adobe Animate CC, Illustrator CC, Bridge CC, and Media Encoder. The Media Encoder patch includes a critical fix for an out-of-bounds (OOB) that could allow code execution. Both Syxsense and Adobe recommend this Out-of-Band update be deployed within the next 7 days.
November 2019 Patch Tuesday Update
Based on the vendor severity and CVSS score, we have made a few recommendations for what to prioritize this month. Pay close attention to those under Publicly Aware and Weaponized.
| CVE Ref. | Description | Vendor Severity | CVSS Base Score | Publicly Aware | Weaponised | Syxsense Secure Recommended |
| CVE-2019-1429 | Scripting Engine Memory Corruption Vulnerability | Critical | 7.5 | No | Yes | YES |
| CVE-2019-1373 | Microsoft Exchange Remote Code Execution Vulnerability | Critical | NA | No | No | YES |
| CVE-2019-1457 | Microsoft Office Excel Security Feature Bypass | Important | NA | Yes | No | YES |
| CVE-2019-1384 | Microsoft Windows Security Feature Bypass Vulnerability | Important | 8.5 | No | No | YES |
| CVE-2019-1424 | NetLogon Security Feature Bypass Vulnerability | Important | 8.1 | No | No | YES |
| CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability | Critical | 8 | No | No | YES |
| CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability | Critical | 7.8 | No | No | YES |
| CVE-2019-1379 | Windows Data Sharing Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1380 | Microsoft splwow64 Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1382 | Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1383 | Windows Data Sharing Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1385 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1388 | Windows Certificate Dialog Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1393 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1394 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1395 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1396 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1405 | Windows UPnP Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1407 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1408 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1415 | Windows Installer Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1416 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1417 | Windows Data Sharing Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1420 | Windows Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1422 | Windows Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1423 | Windows Elevation of Privilege Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1456 | OpenType Font Parsing Remote Code Execution Vulnerability | Important | 7.8 | No | No | YES |
| CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 7.6 | No | No | YES |
| CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 7.6 | No | No | YES |
| CVE-2019-1398 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 7.6 | No | No | YES |
| CVE-2019-1390 | VBScript Remote Code Execution Vulnerability | Critical | 7.5 | No | No | YES |
| CVE-2019-1430 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Critical | 7.3 | No | No | YES |
| CVE-2019-1370 | Open Enclave SDK Information Disclosure Vulnerability | Important | 7 | No | No | YES |
| CVE-2019-1392 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7 | No | No | YES |
| CVE-2019-1433 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7 | No | No | YES |
| CVE-2019-1434 | Win32k Elevation of Privilege Vulnerability | Important | 7 | No | No | YES |
| CVE-2019-1435 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7 | No | No | YES |
| CVE-2019-1437 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7 | No | No | YES |
| CVE-2019-1438 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7 | No | No | YES |
| CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability | Critical | 6.7 | No | No | YES |
| CVE-2019-1406 | Jet Database Engine Remote Code Execution Vulnerability | Important | 6.7 | No | No | |
| CVE-2019-1381 | Microsoft Windows Information Disclosure Vulnerability | Important | 6.6 | No | No | |
| CVE-2019-0712 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.8 | No | No | |
| CVE-2019-1309 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.8 | No | No | |
| CVE-2019-1310 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.8 | No | No | |
| CVE-2019-1374 | Windows Error Reporting Information Disclosure Vulnerability | Important | 5.5 | No | No | |
| CVE-2019-1391 | Windows Denial of Service Vulnerability | Important | 5.5 | No | No | |
| CVE-2019-1409 | Windows Remote Procedure Call Information Disclosure Vulnerability | Important | 5.5 | No | No | |
| CVE-2019-1436 | Win32k Information Disclosure Vulnerability | Important | 5.5 | No | No | |
| CVE-2019-1399 | Windows Hyper-V Denial of Service Vulnerability | Important | 5.4 | No | No | |
| CVE-2019-1324 | Windows TCP/IP Information Disclosure Vulnerability | Important | 5.3 | No | No | |
| CVE-2019-1412 | OpenType Font Driver Information Disclosure Vulnerability | Important | 5 | No | No | |
| CVE-2019-1440 | Win32k Information Disclosure Vulnerability | Important | 5 | No | No | |
| CVE-2018-12207 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 | No | No | |
| CVE-2019-11135 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 | No | No | |
| CVE-2019-1439 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 | No | No | |
| CVE-2019-1411 | DirectWrite Information Disclosure Vulnerability | Important | 4.4 | No | No | |
| CVE-2019-1432 | DirectWrite Information Disclosure Vulnerability | Important | 4.4 | No | No | |
| CVE-2019-1413 | Microsoft Edge Security Feature Bypass Vulnerability | Important | 4.3 | No | No | |
| CVE-2019-1426 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 | No | No | |
| CVE-2019-1427 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 | No | No | |
| CVE-2019-1428 | Scripting Engine Memory Corruption Vulnerability | Critical | 4.2 | No | No | |
| CVE-2019-1418 | Windows Modules Installer Service Information Disclosure Vulnerability | Important | 3.5 | No | No | |
| CVE-2019-1234 | Azure Stack Spoofing Vulnerability | Important | NA | No | No | |
| CVE-2019-1402 | Microsoft Office Information Disclosure Vulnerability | Important | NA | No | No | |
| CVE-2019-1425 | Visual Studio Elevation of Privilege Vulnerability | Important | NA | No | No | |
| CVE-2019-1442 | Microsoft Office Security Feature Bypass Vulnerability | Important | NA | No | No | |
| CVE-2019-1443 | Microsoft SharePoint Information Disclosure Vulnerability | Important | NA | No | No | |
| CVE-2019-1445 | Microsoft Office Online Spoofing Vulnerability | Important | NA | No | No | |
| CVE-2019-1446 | Microsoft Excel Information Disclosure Vulnerability | Important | NA | No | No | |
| CVE-2019-1447 | Microsoft Office Online Spoofing Vulnerability | Important | NA | No | No | |
| CVE-2019-1448 | Microsoft Excel Remote Code Execution Vulnerability | Important | NA | No | No | |
| CVE-2019-1449 | Microsoft Office ClickToRun Security Feature Bypass Vulnerability | Important | NA | No | No | |
| CVE-2019-1454 | Windows User Profile Service Elevation of Privilege Vulnerability | Important | NA | No | No |
Experience the Power of Syxsense
Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
