Microsoft November 2019 Patch Tuesday

Posted by joyce, 14-11-2019

Background

Microsoft has released 74 security patches to address vulnerabilities affecting its Operating System (OS) and other related products.

The following 12 vulnerabilities were rated critical and require immediate attention:

CVE-2019-1373 - This vulnerability exists in Microsoft Exchange, when metadata is deserialised via PowerShell. If the vulnerability is successfully exploited, an attacker can gain the same user rights as the current user and take control of the affected system.

CVE-2019-1441 - This vulnerability exists when the Windows font library improperly handles special embedded fonts. If the vulnerability is successfully exploited, an attacker can gain the same user rights as the current user and take control of the affected system.

CVE-2019-1419 - This vulnerability exists in Microsoft Windows, when the Windows Adobe Type Manager improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker can run malicious code remotely and take control of the user’s system if the vulnerability is successfully exploited. For systems running Windows 10, an attacker can execute code in the sandbox context, with limited privileges and capabilities, if the vulnerability is successfully exploited.

CVE-2019-1426, CVE-2019-1429, CVE-2019-1427 - These vulnerabilities exist in the way the scripting engine handles objects in memory in Internet Explorer and Microsoft Edge. The vulnerabilities can corrupt memory in such a way that an attacker will be able to execute arbitrary code in the context of the current user. If the vulnerability is successfully exploited, an attacker can gain the same user rights as the current user and take control of the affected system.

CVE-2019-1398, CVE-2019-0719, CVE-2019-1397, CVE-2019-0721, CVE-2019-1389 - These vulnerabilities exist when Windows Hyper-V and Windows Hyper-V Network Switch on a host server fail to properly validate inputs from an authenticated user on a guest OS. An attacker will be able to run a specially crafted application on a guest OS that can cause the host OS to execute arbitrary code and take control of the affected system.

CVE-2019-1430 - This vulnerability exists when Microsoft Windows Media Foundation handles specially crafted QuickTime media files. If the vulnerability is successfully exploited, an attacker can gain the same user rights as the current user and take control of the affected system.

ADV990001 - This is a list of the latest servicing stack updates for each OS. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV990001

For the full list of security patches released by Microsoft, please visit https://portal.msrc.microsoft.com/en-us/security-guidance.


Affected Products

Microsoft’s release contains updates for the following:

Microsoft Windows
Microsoft Exchange Server
Internet Explorer
Microsoft Edge
ChakraCore
Microsoft Office and Microsoft Office Services and Web Apps
Open Source Software
Visual Studio
Azure Stack


Impact

Successful exploitation of these critical vulnerabilities can allow attackers to perform remote code execution and take control of the affected systems to perform malicious activities, including unauthorised installation of programs, creating rogue administrator accounts and ability to view, change, or delete data.


Recommendations

Users and system administrators of affected products are strongly encouraged to install the security updates immediately.


References

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/164aa83e-499c-e911-a994-000d3a33c573
https://www.bleepingcomputer.com/news/microsoft/microsofts-november-2019-patch-tuesday-fixes-ie-zero-day-74-flaws/

 

In Summary, the proactive to patch management is requirement to ensure systems remain safe and reliable. Check out some of our managed security service providers in our vendor list for more information. The link is below.

http://sgcybersecurity.com/directory

 

 

sources: https://www.csa.gov.sg/singcert/news/advisories-alerts/microsoft-november-2019-patch-tuesday