/Microsoft Tuesday Patch 74 Vulnerabilities November 2019 – HackersOnlineClub (via WindowsKernel.com)
Microsoft Tuesday Patch 74 Vulnerabilities November 2019 - HackersOnlineClub

Microsoft Tuesday Patch 74 Vulnerabilities November 2019 – HackersOnlineClub (via WindowsKernel.com)


Microsoft has released Tuesday patch with fixes 74 security vulnerabilities including 13 bugs are critical.

The November security release consists of security updates for the following software:

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge (EdgeHTML-based)
  • ChakraCore
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Open Source Software
  • Microsoft Exchange Server
  • Visual Studio
  • Azure Stack

Please note the following information regarding the security updates:

  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is present only in the IE Cumulative package.

Following CVE’s have patched

  • CVE-2018-12207 | Windows Denial of Service Vulnerability

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding.

  • CVE-2019-11135 | Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.

The update addresses the vulnerability by correcting how Windows handles objects in memory.

  • CVE-2019-1324 | Windows TCP/IP Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to send specially crafted IPv6 packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows handles IPv6 flowlabel data in packets.

  • CVE-2019-1370 | Open Enclave SDK Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information stored in the Enclave.

To exploit this vulnerability, an attacker would have to successfully compromise the host application running the enclave. The attacker can then pivot to the enclave and exploit this vulnerability without user interaction.

The security update addresses the vulnerability by modifying how Open Enclave SDK handle objects in memory.

  • CVE-2019-1442 | Microsoft Office Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.

An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials. An attacker who successfully exploited this vulnerability could perform a phishing attack.

The update addresses the vulnerability by ensuring Microsoft Office properly validates URLs.

  • CVE-2019-1448 | Microsoft Excel Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system.

An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.

An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

  • CVE-2019-1449 | Microsoft Office ClickToRun Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.

To exploit this bug, an attacker would have to run a specially crafted file. The security update addresses how C2R components handle these files.

And others CVE’s are related to Information Disclosure, RCE and other Vulnerabilities.

How To Update Microsoft Windows?

  • Open the Control Panel.
  • If you are using Small icons view, click on the Windows Update option.
  • If you are using the Category view, click on the System and Security option, then click on the Windows Update option.
  • Windows Update will check for any available updates for your computer.
  • Turn to automatic updates for future.

Subscribe to HackersOnlineClub via Email

This is a syndicated post. Read the original post at Source link .