OnlyFm252
Patch Tuesday Archive

Patch Tuesday October 2019

Total CVEs

61

Critical

8

Important

48

Exploited

0

Publicly Disclosed

0

All CVEs this month 61

CVE Title Severity CVSS Product Exploited Disclosed
CVE-2019-1060 MS XML Remote Code Execution Vulnerability Critical 7.5 Microsoft Scripting Engine - -
CVE-2019-1239 VBScript Remote Code Execution Vulnerability Critical 7.5 Microsoft Scripting Engine - -
CVE-2019-1307 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1308 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1333 Remote Desktop Client Remote Code Execution Vulnerability Critical 7.5 Windows RDP - -
CVE-2019-1335 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1366 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1372 Azure Stack Remote Code Execution Vulnerability Critical - Azure - -
CVE-2019-1070 Microsoft Office SharePoint XSS Vulnerability Important - Microsoft Office SharePoint - -
CVE-2019-1166 Windows NTLM Tampering Vulnerability Important 5.9 Windows NTLM - -
CVE-2019-1230 Hyper-V Information Disclosure Vulnerability Important 6.8 Windows Hyper-V - -
CVE-2019-1311 Windows Imaging API Remote Code Execution Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1313 SQL Server Management Studio Information Disclosure Vulnerability Important - SQL Server - -
CVE-2019-1314 Windows 10 Mobile Security Feature Bypass Vulnerability Important - Microsoft Devices - -
CVE-2019-1315 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1316 Microsoft Windows Setup Elevation of Privilege Vulnerability Important 7.3 Microsoft Windows - -
CVE-2019-1317 Microsoft Windows Denial of Service Vulnerability Important 6.4 Microsoft Windows - -
CVE-2019-1318 Microsoft Windows Transport Layer Security Spoofing Vulnerability Important 7.7 Microsoft Windows - -
CVE-2019-1319 Windows Error Reporting Elevation of Privilege Vulnerability Important 7 Microsoft Windows - -
CVE-2019-1320 Microsoft Windows Elevation of Privilege Vulnerability Important 7 Microsoft Windows - -
CVE-2019-1321 Microsoft Windows CloudStore Elevation of Privilege Vulnerability Important 5.8 Microsoft Windows - -
CVE-2019-1322 Microsoft Windows Elevation of Privilege Vulnerability Important 7 Microsoft Windows - -
CVE-2019-1323 Microsoft Windows Update Client Elevation of Privilege Vulnerability Important 7 Windows Update Stack - -
CVE-2019-1326 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important 7.5 Windows RDP - -
CVE-2019-1327 Microsoft Excel Remote Code Execution Vulnerability Important - Microsoft Office - -
CVE-2019-1328 Microsoft SharePoint Spoofing Vulnerability Important - Microsoft Office SharePoint - -
CVE-2019-1329 Microsoft SharePoint Elevation of Privilege Vulnerability Important - Microsoft Office SharePoint - -
CVE-2019-1330 Microsoft SharePoint Elevation of Privilege Vulnerability Important - Microsoft Office SharePoint - -
CVE-2019-1331 Microsoft Excel Remote Code Execution Vulnerability Important - Microsoft Office - -
CVE-2019-1334 Windows Kernel Information Disclosure Vulnerability Important 4.7 Windows Kernel - -
CVE-2019-1336 Microsoft Windows Update Client Elevation of Privilege Vulnerability Important 7 Windows Update Stack - -
CVE-2019-1337 Windows Update Client Information Disclosure Vulnerability Important 5.5 Windows Update Stack - -
CVE-2019-1338 Windows NTLM Security Feature Bypass Vulnerability Important 5.3 Microsoft Windows - -
CVE-2019-1339 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1340 Microsoft Windows Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1341 Windows Power Service Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1342 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important 7 Microsoft Windows - -
CVE-2019-1343 Windows Denial of Service Vulnerability Important 6.5 Windows Kernel - -
CVE-2019-1344 Windows Code Integrity Module Information Disclosure Vulnerability Important 5.5 Microsoft Windows - -
CVE-2019-1345 Windows Kernel Information Disclosure Vulnerability Important 5.5 Windows Kernel - -
CVE-2019-1346 Windows Denial of Service Vulnerability Important 5.7 Microsoft Windows - -
CVE-2019-1347 Windows Denial of Service Vulnerability Important 5.7 Microsoft Windows - -
CVE-2019-1356 Microsoft Edge based on Edge HTML Information Disclosure Vulnerability Important 4.3 Microsoft Edge (HTML-based) - -
CVE-2019-1358 Jet Database Engine Remote Code Execution Vulnerability Important 7.8 Microsoft JET Database Engine - -
CVE-2019-1359 Jet Database Engine Remote Code Execution Vulnerability Important 7.8 Microsoft JET Database Engine - -
CVE-2019-1361 Microsoft Graphics Components Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1362 Win32k Elevation of Privilege Vulnerability Important 7 Microsoft Graphics Component - -
CVE-2019-1363 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1364 Win32k Elevation of Privilege Vulnerability Important 7 Microsoft Graphics Component - -
CVE-2019-1365 Microsoft IIS Server Elevation of Privilege Vulnerability Important 7.5 Windows IIS - -
CVE-2019-1368 Windows Secure Boot Security Feature Bypass Vulnerability Important 4.9 Windows Secure Boot - -
CVE-2019-1369 Open Enclave SDK Information Disclosure Vulnerability Important - Open Source Software - -
CVE-2019-1375 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important - Microsoft Dynamics - -
CVE-2019-1376 SQL Server Management Studio Information Disclosure Vulnerability Important - SQL Server - -
CVE-2019-1378 Windows 10 Update Assistant Elevation of Privilege Vulnerability Important - Windows Installer - -
CVE-2019-1414 Visual Studio Code Elevation of Privilege Vulnerability Important - Visual Studio - -
CVE-2019-1238 VBScript Remote Code Execution Vulnerability Moderate 7.5 Microsoft Scripting Engine - -
CVE-2019-1325 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability Moderate 7.8 Microsoft Windows - -
CVE-2019-0608 Microsoft Browser Spoofing Vulnerability Low 4.3 Microsoft Browsers - -
CVE-2019-1357 Microsoft Browser Spoofing Vulnerability Low 5.4 Microsoft Browsers - -
CVE-2019-1371 Internet Explorer Memory Corruption Vulnerability Low 7.5 Internet Explorer - -

    Threat Categories 8

    Threat Category CVEs Critical
    Elevation of Privilege 19 -
    Remote Code Execution 15 8
    Information Disclosure 11 -
    Spoofing 6 -
    Denial of Service 5 -
    Security Feature Bypass 3 -
    Tampering 1 -
    Denial of Service, Elevation of Privilege 1 -

    Affected Products 23

    Product CVEs Exploited
    Microsoft Windows 18 -
    Microsoft Scripting Engine 7 -
    Microsoft Office SharePoint 4 -
    Microsoft Graphics Component 4 -
    Windows Update Stack 3 -
    Windows Kernel 3 -
    Windows RDP 2 -
    SQL Server 2 -
    Microsoft Office 2 -
    Microsoft JET Database Engine 2 -
    Microsoft Browsers 2 -
    Azure 1 -
    Windows NTLM 1 -
    Windows Hyper-V 1 -
    Microsoft Devices 1 -
    Microsoft Edge (HTML-based) 1 -
    Windows IIS 1 -
    Windows Secure Boot 1 -
    Open Source Software 1 -
    Microsoft Dynamics 1 -
    Windows Installer 1 -
    Visual Studio 1 -
    Internet Explorer 1 -