Microsoft's October 2019 Patch Tuesday: Tenable Roundup

Scott Caveza

Administrators rejoice: only nine of the 59 vulnerabilities in Microsoft's October 2019 Security Update are rated critical.

Microsoft’s October 2019 Patch Tuesday contains updates for 59 CVEs, nine of which are rated critical. Administrators may rejoice this month with a smaller than usual Patch Tuesday. The following is a breakdown of the most important CVEs from this month’s release.

CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability

CVE-2019-1333 is a remote code execution vulnerability in the Windows Remote Desktop Client. In order to exploit the vulnerability, an attacker would need to entice a user to connect to an attacker-controlled server. While an attacker cannot influence a user to connect to their malicious server, common techniques such as social engineering, DNS poisoning, or Man in the Middle (MiTM) techniques may be used.

CVE-2019-1372 | Azure App Service Remote Code Execution Vulnerability

CVE-2019-1372 is a remote code execution vulnerability in the Azure App Service. This is due to not checking the length of a buffer prior to copying the buffer into memory. An attacker could exploit this vulnerability to allow an unprivileged function to execute code outside the sandbox with NT AUTHORITY\system privileges. The security update addresses this flaw by adding additional sanitization to user-supplied inputs.

CVE-2019-1060 | MS XML Remote Code Execution Vulnerability

CVE-2019-1060 is a remote code execution vulnerability in MS XML. The flaw exists when the Microsoft XML Core Services MSXML parser improperly processes user-supplied input. A remote attacker could exploit the vulnerability by enticing a user to browse to a crafted webpage, designed to invoke MSXML in order to run malicious code and take control of the user’s system.

CVE-2019-1238 & CVE-2019-1239 | VBScript Remote Code Execution Vulnerability

CVE-2019-1238 and CVE-2019-1239 are both remote code execution vulnerabilities in the way the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In order to exploit the issue, an attacker would need to entice a user to visit a specially crafted website in Internet Explorer. The attacker could also host the content on an already compromised website, including websites that host user-provided advertisements. Alternatively, an attacker could embed an ActiveX control in an Office document in order to attempt to exploit these vulnerabilities. While Microsoft says exploitation is less likely, both flaws are rated critical.

Windows 10 1703 End of Life

This month marks the end of life for Windows 10, version 1703 for Enterprise and Education editions. Microsoft’s Windows Lifecycle Fact Sheet notes that support for Home, Pro and Pro for Workstations support ended a year ago on October 9, 2018. However Enterprise and Education editions are now marked as end of service as of today. Plugin ID 118716 can be used to identify the unsupported operating system in your environment.

Tenable Solutions

Users can create scans that focus specifically on our Patch Tuesday plugins. From a new advanced scan, in the plugins tab, set an advanced filter for Plugin Name Contains October 2019.

Microsoft's October 2019 Patch Tuesday: Tenable Roundup

With that filter set, click on the plugin families to the left, and enable each plugin that appears on the right side. Note that if your families on the left say Enabled then that means all of the plugins in that family are set. Disable the whole family before selecting the individual plugins for this scan. Here’s an example from Tenable.io:

Microsoft's October 2019 Patch Tuesday: Tenable Roundup

A list of all of the plugins released for Tenable’s October 2019 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems that are yet to be patched.

As a reminder, Windows 7 support will be discontinued on January 14, 2020, so we strongly recommend reviewing what hosts remain and any action plans for migration. Plugin ID 11936 (OS Identification) can be useful for identifying hosts that are still running on Windows 7.

Get more information

Join Tenable's Security Response Team on the Tenable Community.

Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface.

Get a free 60-day trial of Tenable.io Vulnerability Management.

Read more >

Published on Oct 8, 2019

People also viewed

Business Cost Analyst - Cloud Infrastructure

San Jose California United States E Santa Clara St., San Jose, California, United States, 95113 Engineering Engineering
Your Role:Tenable is seeking a Business Cost Analyst of Cloud Infrastructure with strong MS Excel experience to assess, analyze and compile current costs and potentially determine initiatives to reduce and improve our cloud infrastructure cost for...

Professional Services Engagement Manager

Singapore Singapore Singapore North Bridge Road, Parkview Square, Singapore, 188788 Professional Services Professional Services
Your Role:The Professional Services Engagement Manager assists in the professional services business development and oversees the delivery of projects. The Professional Services Engagement Manager’s roles include tactical project management oversi...

UX Designer

Columbia Maryland United States Columbia Gateway Drive, Columbia, Maryland, United States, 21046 Engineering Engineering
Your Role:Tenable is looking for an extraordinary Senior UX Designer to join our team. Our group is chartered with creating the next generation of security products while at the same time pioneering unprecedented user experience in the digital sec...

Commercial Territory Manager - West

Columbia Maryland United States Columbia Gateway Drive, Columbia, Maryland, United States, 21046 Sales Sales
Your Role:The Commercial Territory Manager will meet and exceed quarterly sales quota by developing new opportunities within specific geographical territory.  Researching and identifying potential accounts; outbound cold calling to soliciting new ...

Senior Software Engineer (Java & Kotlin)

San Jose California United States E Santa Clara St., San Jose, California, United States, 95113 Engineering Engineering
Your Role:Tenable is looking for a Senior Software Engineer to join the Lumin product development team. As a Sr. Software Engineer you will drive projects end-to-end, collaborate on product requirements with Product Managers, architect and impleme...

Public Sector Channel Manager - Distribution

Reston Virginia United States Reston, Virginia, United States Channel Sales Sales
Your Role:The Public Sector Channel Manager-Distribution is responsible for establishing and managing relationships with the Distribution Partner(s).  The CM-Disty will act as a sales liaison between distributor and Tenable Channel Manager personn...

We have big plans for continued global growth, and we’re looking for people who are creative, flexible and dedicated to helping us build something great – something that matters.