December, 2019: Patch Tuesday: Light Month but 1 Exploit in the Wild

Welcome to this December Patch Tuesday Bulletin, the last for 2019! This month was lighter than recent months in total CVE’s as well as technologies affected. There were 37 CVE’s, 2 technologies with critical severity vulnerabilities, 1 CVE exploited, and no vulnerabilities that are public or with workarounds. Focus this month on CVE-2019-1458 which is an elevation of privilege vulnerability that has been known to be exploited in the wild. An adversary would need local access to a machine and the ability to run a malicious application to exploit this vulnerability. An interesting note this month is a vulnerability for Windows XP was identified but will not patched. If you happen to be running XP then take a look at CVE-2019-1489. Microsoft will not provide an update and recommends upgrading to a supported version of software.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of MS patches this month.

Patch data provided by:

Technology

Products Affected

Severity

Reference

Workaround/ Exploited

Vulnerability Info

Windows

Windows XP, 7, 8.1, RT 8.1, 10

Critical

CVE-2019-1458

CVE-2019-1469

CVE-2019-1470

CVE-2019-1471

CVE-2019-1474

CVE-2019-1477

CVE-2019-1478

CVE-2019-1465

CVE-2019-1472

CVE-2019-1467

CVE-2019-1468

CVE-2019-1453

CVE-2019-1483

CVE-2019-1476

CVE-2019-1488

CVE-2019-1466

CVE-2019-1480

CVE-2019-1481

CVE-2019-1484

CVE-2019-1489

*Workaround: No

**Public: No

Exploited: Yes

Elevation of Privilege

Information Disclosure

Remote Code Execution

Denial of Service

Security Feature Bypass

 

Internet Explorer

IE 9., 10, 11

Important

CVE-2019-1485

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Office, Office Services, and Office Web Apps

Excel 2010, 2013, 2016

Office 2010, 2013, 2016, 2016 for Mac, 2019, 2019 for Mac

PowerPoint 2010, 2013, 2016

Word 2010, 2013, 2016

Office 365 ProPlus

Important

CVE-2019-1400

CVE-2019-1461

CVE-2019-1462

CVE-2019-1463

CVE-2019-1464

CVE-2019-1490

CVE-2019-1460

*Workaround: No

**Public: No

Exploited: No

Information Disclosure

Denial of Service

Remote Code Execution

Spoofing

 

SQL Server

SQL Server Reporting Services 2017, 2019

Power BI Report Server

Important

CVE-2019-1332

*Workaround: No

**Public: No

Exploited: No

Spoofing

Visual Studio

Visual Studio 2017, 2019

Visual Studio Live Share Extension

Critical

CVE-2019-1351

CVE-2019-1354

CVE-2019-1486

CVE-2019-1350

CVE-2019-1352

CVE-2019-1387

CVE-2019-1349

 

*Workaround: No

**Public: No

Exploited: No

Tampering

Remote Code Execution

Spoofing

 

Skype for Business

Skype for Business Server 2019

Important

CVE-2019-1490

*Workaround: No

**Public: No

Exploited: No

Spoofing