Microsoft October Patch Tuesday: Multiple Information Disclosure Vulnerabilities and Scripting Engine/Excel/Jet Remote Code ExecutionAlerts

by · Published · Updated

On October 09, 2019, Microsoft released the routinely October security update. The security update fix vulnerabilities in the Windows operating system, IE/Edge browser, scripting engine/ChakraCore, Excel/SharePoint, Jet Database, and Windows Update Assistant. A total of 59 CVEs, 9 high-risk vulnerabilities, and 49 intermediate-risk vulnerabilities. But this update Microsoft said that it did not find any vulnerabilities that exploited in the wild. However, it is still recommended that users update the system and install the Windows patch in time to prevent the attack.

Microsoft November Patch Tuesday

Azure App Service Remote Code Execution Vulnerability

CVE-2019-1372 Although the vulnerability is classified as RCE, the actual effect is closer to EoP (privilege escalation). The successful attack allows the attacker to execute code at the system level, which allows the attacker to implement the sandbox escape.

IIS Server Licensing Vulnerability

A buffer overflow vulnerability exists in CVE-2019-1465IIS. The successful attack allows the attacker to execute code at the system level, which allows the attacker to implement the sandbox escape.

Win10 Mobile Security Feature Bypass Vulnerability

A vulnerability in CVE-2019-1314Cortana that allows an attacker to access files on a device from a lock screen if the attack is successful. (requires device for physical access)

Scripting Engine Remote Code Execution Vulnerability

Covers two scripting engines VBScript and Chakra. The successful attack allows the attacker to remotely execute arbitrary code with the appropriate user rights.

  • CVE-2019-1060 VBScript
  • CVE-2019-1238 VBScript
  • CVE-2019-1239 VBScript
  • CVE-2019-1307 Chakra
  • CVE-2019-1308 Chakra

RDP Client Remote Code Execution Vulnerability

CVE-2019-1333RDP client, if the attack is successful, allows the attacker to remotely execute arbitrary code under the corresponding user authority.

Excel Remote Code Execution Vulnerability

Microsoft Excel, in the case of a successful attack, allows an attacker to remotely execute arbitrary code with the appropriate user rights.

  • CVE-2019-1327
  • CVE-2019-1331

Multiple information disclosure vulnerabilities

The successful attack allows the attacker to obtain sensitive information or file content on some user PC/server.

  • CVE-2019-1230 Hyper-V information leakage
  • CVE-2019-1313 SQL Server Management Studio information leak
  • CVE-2019-1376 SQL Server Management Studio information leak
  • CVE-2019-1334 Windows kernel information leak
  • CVE-2019-1337 Windows Update Client Information Disclosure
  • CVE-2019-1361 Microsoft Graphics Components Information Disclosure
  • CVE-2019-1363 Windows GDI Information Disclosure
  • CVE-2019-1369 Open Enclave SDK information leak

Tags: