MS October 2019 Patch Tuesday updates address 59 flaws

Microsoft October 2019 Patch Tuesday addressed a total of 59 vulnerabilities. 9 of which are rated as critical and 49 as important.

The tech giant released its October 2019 Patch Tuesday security updates to address a total of 59 vulnerabilities in Windows operating systems and other software, 9 of which are rated as ‘critical’, 49 are ‘important’, and one ‘moderate’.

None of the vulnerabilities addressed by Microsoft was exploited by attackers in the wild or was publicly known.

Microsoft addressed two critical remote code execution flaws, tracked as CVE-2019-1238 and CVE-2019-1239, in the VBScript engine, both tie the way VBScript handles objects in memory. An attacker could exploit the flaw to cause memory corruption and execute arbitrary code in the context of the current user.

An attacker could trigger the flaws by tricking the victims into visiting a specially crafted website through Internet Explorer.

The attacker could also exploit these flaws using an application or Microsoft Office document that embeds an ActiveX control marked ‘safe for initialization’ that leverages the Internet Explorer rendering engine.

Microsoft addressed three critical memory corruption flaws in the Chakra scripting engine that could lead to remote code execution. The vulnerabilities affect the way Chakra scripting engine handles objects in memory in Microsoft Edge.

Microsoft has addressed a reverse RDP attack, an attacker could exploit the flaw to compromise client computers connecting to a malicious RDP server by exploiting a critical remote code execution issue in Windows built-in Remote Desktop Client application.

The attack scenario sees threat actors tricking victims into connecting to a malicious RDP server.

October 2019 Patch Tuesday security updates also addressed two NTLM authentication vulnerabilities, tracked as CVE 2019-1166 and CVE-2019-1338 that could be exploited by attackers to bypass the MIC (Message Integrity Code) protection on NTLM authentication.

“A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.” reads the security advisory for the CVE 2019-1166.

“To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature.”

The full list of vulnerabilities addressed with the release of October 2019 Patch Tuesday updates is available here.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – October 2019 Patch Tuesday updates, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.