November 2019 Microsoft Patch Tuesday

Published: 2019-11-12. Last Updated: 2019-11-12 18:23:47 UTC
by Johannes Ullrich (Version: 1)

Microsoft today patched a total of 74 vulnerabilities. This patch Tuesday release also includes two advisories. 15 of the vulnerabilities are rated critical.

Two vulnerabilities had been disclosed prior to today, and one critical scripting engine vulnerability has already been exploited in the wild. The vulnerability, CVE-2019-1429, may lead to remote code execution due to memory corruption in the scripting engine. All current versions of Windows / Internet Explorer are affected. This is probably the most important issue you need to patch. At the recent "Pwn2Own" contest in Tokyo, JavaScript engine issues were used to breach anything from smart TV to smartphones via not-so-smart browsers.

The first publicly disclosed problem, a confidentiality issue with Trusted Platform Module (TPM) chip firmware, is probably not as severe. It only affects the ECDSA algorithm, which isn't used in Windows so far. Patching this issue will be difficult. You will need to update the TPM firmware (and the page Microsoft links to with details from the TPM manufacturer is down right now). Once updated, you need to re-enroll into security services.

The second publicly known vulnerability affects the Microsoft Office Click-to-Run system (C2R). A crafted file could abuse these components to escalate privileges and execute code as System.

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
Azure Stack Spoofing Vulnerability
CVE-2019-1234	No	No	-	-	Important
DirectWrite Information Disclosure Vulnerability
CVE-2019-1432	No	No	-	-	Important	4.4	4.0
CVE-2019-1411	No	No	Less Likely	Less Likely	Important	4.4	4.0
Hyper-V Remote Code Execution Vulnerability
CVE-2019-0719	No	No	Less Likely	Less Likely	Critical	8.0	7.2
CVE-2019-0721	No	No	Less Likely	Less Likely	Critical	8.0	7.2
Jet Database Engine Remote Code Execution Vulnerability
CVE-2019-1406	No	No	Less Likely	Less Likely	Important	6.7	6.0
Latest Servicing Stack Updates
ADV990001	No	No	-	-	Critical
Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability
CVE-2019-1382	No	No	Less Likely	Less Likely	Important	7.8	7.0
Microsoft Edge Security Feature Bypass Vulnerability
CVE-2019-1413	No	No	-	-	Important	4.3	3.9
Microsoft Excel Information Disclosure Vulnerability
CVE-2019-1446	No	No	Less Likely	Less Likely	Important
Microsoft Excel Remote Code Execution Vulnerability
CVE-2019-1448	No	No	Less Likely	Less Likely	Important
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2019-1373	No	No	Less Likely	Less Likely	Critical
Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)
ADV190024	Yes	No	-	-
Microsoft Office ClickToRun Security Feature Bypass Vulnerability
CVE-2019-1449	No	No	Less Likely	Less Likely	Important
Microsoft Office Excel Security Feature Bypass
CVE-2019-1457	Yes	No	-	-	Important
Microsoft Office Information Disclosure Vulnerability
CVE-2019-1402	No	No	Less Likely	Less Likely	Important
Microsoft Office Online Spoofing Vulnerability
CVE-2019-1445	No	No	-	-	Important
CVE-2019-1447	No	No	-	-	Important
Microsoft Office Security Feature Bypass Vulnerability
CVE-2019-1442	No	No	-	-	Important
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2019-1443	No	No	Less Likely	Less Likely	Important
Microsoft Windows Information Disclosure Vulnerability
CVE-2019-1381	No	No	Less Likely	Less Likely	Important	6.6	5.9
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2019-1430	No	No	-	-	Critical	7.3	6.6
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2019-1384	No	No	Less Likely	Less Likely	Important	8.5	7.6
Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2019-1380	No	No	Less Likely	Less Likely	Important	7.8	7.0
NetLogon Security Feature Bypass Vulnerability
CVE-2019-1424	No	No	Less Likely	Less Likely	Important	8.1	7.3
Open Enclave SDK Information Disclosure Vulnerability
CVE-2019-1370	No	No	Less Likely	Less Likely	Important	7.0	6.3
OpenType Font Driver Information Disclosure Vulnerability
CVE-2019-1412	No	No	-	-	Important	5.0	4.5
OpenType Font Parsing Remote Code Execution Vulnerability
CVE-2019-1456	No	No	-	-	Important	7.8	7.0
CVE-2019-1419	No	No	Less Likely	Less Likely	Critical	7.8	7.0
Scripting Engine Memory Corruption Vulnerability
CVE-2019-1429	No	Yes	Detected	Detected	Critical	6.4	5.8
CVE-2019-1426	No	No	-	-	Critical	4.2	3.8
CVE-2019-1427	No	No	-	-	Critical	4.2	3.8
CVE-2019-1428	No	No	-	-	Critical	4.2	3.8
VBScript Remote Code Execution Vulnerability
CVE-2019-1390	No	No	More Likely	More Likely	Critical	6.4	5.8
Visual Studio Elevation of Privilege Vulnerability
CVE-2019-1425	No	No	-	-	Important
Win32k Elevation of Privilege Vulnerability
CVE-2019-1434	No	No	-	-	Important	7.0	6.3
CVE-2019-1393	No	No	More Likely	More Likely	Important	7.8	7.0
CVE-2019-1394	No	No	More Likely	More Likely	Important	7.8	7.0
CVE-2019-1395	No	No	More Likely	More Likely	Important	7.8	7.0
CVE-2019-1396	No	No	More Likely	More Likely	Important	7.8	7.0
CVE-2019-1408	No	No	More Likely	More Likely	Important	7.8	7.0
Win32k Graphics Remote Code Execution Vulnerability
CVE-2019-1441	No	No	-	-	Critical	6.7	6.0
Win32k Information Disclosure Vulnerability
CVE-2019-1436	No	No	More Likely	More Likely	Important	5.5	5.0
CVE-2019-1440	No	No	Less Likely	Less Likely	Important	5.0	4.5
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVE-2019-1385	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Certificate Dialog Elevation of Privilege Vulnerability
CVE-2019-1388	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2019-1417	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1379	No	No	-	-	Important	7.8	7.0
CVE-2019-1383	No	No	-	-	Important	7.8	7.0
Windows Denial of Service Vulnerability
CVE-2018-12207	No	No	Less Likely	Less Likely	Important	4.7	4.2
CVE-2019-1391	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Elevation of Privilege Vulnerability
CVE-2019-1420	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1422	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2019-1423	No	No	-	-	Important	7.8	7.0
Windows Error Reporting Information Disclosure Vulnerability
CVE-2019-1374	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows GDI Information Disclosure Vulnerability
CVE-2019-1439	No	No	Less Likely	Less Likely	Important	4.7	4.2
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2019-1433	No	No	Less Likely	Less Likely	Important	7.0	6.3
CVE-2019-1435	No	No	More Likely	More Likely	Important	7.0	6.3
CVE-2019-1437	No	No	More Likely	More Likely	Important	7.0	6.3
CVE-2019-1438	No	No	More Likely	More Likely	Important	7.0	6.3
CVE-2019-1407	No	No	-	-	Important	7.8	7.0
Windows Hyper-V Denial of Service Vulnerability
CVE-2019-0712	No	No	Less Likely	Less Likely	Important	5.8	5.2
CVE-2019-1309	No	No	Less Likely	Less Likely	Important	5.8	5.2
CVE-2019-1310	No	No	Less Likely	Less Likely	Important	5.8	5.2
CVE-2019-1399	No	No	Less Likely	Less Likely	Important	5.4	4.9
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2019-1389	No	No	-	-	Critical	7.6	6.8
CVE-2019-1397	No	No	Less Likely	Less Likely	Critical	7.6	6.8
CVE-2019-1398	No	No	Less Likely	Less Likely	Critical	7.6	6.8
Windows Installer Elevation of Privilege Vulnerability
CVE-2019-1415	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-1392	No	No	-	-	Important	7.0	6.3
Windows Kernel Information Disclosure Vulnerability
CVE-2019-11135	No	No	Less Likely	Less Likely	Important	4.7	4.2
Windows Modules Installer Service Information Disclosure Vulnerability
CVE-2019-1418	No	No	Less Likely	Less Likely	Important	3.5	3.2
Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2019-1409	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2019-1416	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows TCP/IP Information Disclosure Vulnerability
CVE-2019-1324	No	No	Less Likely	Less Likely	Important	5.3	4.9
Windows UPnP Service Elevation of Privilege Vulnerability
CVE-2019-1405	No	No	Less Likely	Less Likely	Important	7.8	7.0

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

Keywords:

0 comment(s)

Internet Storm Center

November 2019 Microsoft Patch Tuesday

Comments