Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

Detecting Insider Threats in Office 365 and Hybrid AD
Understanding Windows Event Collection (WEC/WEF): Planning, Troubleshooting and Performance Monitoring
Anatomy of a DNS Hijacking: The Fascinating Case of the Sea Turtle Campaign
Data Loss Detection: Finding Your Data on the Dark Web and Beyond
PCI and the Windows/AD Environment: Understanding the 12 Requirements of the Data Security Standard in Context

Webinar Library

Latest Blogs

Recent Security Features in Active Directory You Probably Aren't Using

Active Directory security features you probably aren’t using and more in my sessions at The Experts Conference 2019

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Top Resources

Security Log

Additional Resources

October, 2019: Patch Tuesday - One public exploit you will want to give attention to

Welcome to this October Patch Tuesday Bulletin. This month there are 61 unique CVE’s, 10 critical and 1 being exploited. CVE-2019-1367 is currently being exploited and for desktop OS's you will want to update ASAP. Server OS's like 2008, 2008R2, 2012, 2016 and 2019 with Enhanced Security Configuration enabled are better protected unless a vulnerable site has been added to the Trusted Sites zone. If you want to test before updating, Microsoft does offer a workaround that can easily be reverted after patching. Besides that it's a fairly light month for Microsoft patching.

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 7, 8.1, 8.1 RT, 10 Server 2008/2008 R2 Sever 2012, 2012 R2 Server 2016 Server 2019 System Center Windows 10 Mobile Windows Defender	Critical	CVE-2019-1060 CVE-2019-1166 CVE-2019-1230 CVE-2019-1255 CVE-2019-1311 CVE-2019-1314 CVE-2019-1315 CVE-2019-1316 CVE-2019-1317 CVE-2019-1318 CVE-2019-1319 CVE-2019-1320 CVE-2019-1321 CVE-2019-1322 CVE-2019-1323 CVE-2019-1325 CVE-2019-1326 CVE-2019-1333 CVE-2019-1334 CVE-2019-1336 CVE-2019-1337 CVE-2019-1338 CVE-2019-1339 CVE-2019-1340 CVE-2019-1341 CVE-2019-1342 CVE-2019-1343 CVE-2019-1344 CVE-2019-1345 CVE-2019-1346 CVE-2019-1347 CVE-2019-1358 CVE-2019-1359 CVE-2019-1361 CVE-2019-1362 CVE-2019-1363 CVE-2019-1364 CVE-2019-1365 CVE-2019-1368	Workaround: No Exploited: No Public: No	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing Tampering
Edge	All	Critical	CVE-2019-0608 CVE-2019-1307 CVE-2019-1308 CVE-2019-1335 CVE-2019-1356 CVE-2019-1357 CVE-2019-1366	Workaround: No Exploited: No Public: No	Information Disclosure Remote Code Execution Spoofing
IE	9, 10, 11	Critical	CVE-2019-0608 CVE-2019-1238 CVE-2019-1239 CVE-2019-1357 CVE-2019-1367 CVE-2019-1371	Workaround: No Exploited: Yes Public: No	Remote Code Execution Spoofing
Office, Office Services, Office Web Apps	Office 365 ProPlus SharePoint 2010, 2013, 2016, 2019 Office 2010, 2013, 2016, 2019, Online Server Excel 2010, 2013, 2016, Excel Services 2016 for Mac, 2019 for Mac	Important	CVE-2019-1070 CVE-2019-1327 CVE-2019-1328 CVE-2019-1329 CVE-2019-1330 CVE-2019-1331	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution Spoofing
Azure	Azure App Service on Azure Stack	Critical	CVE-2019-1372	Workaround: No Exploited: No Public: No	Remote Code Execution
ChakraCore	ChakraCore	Critical	CVE-2019-1307 CVE-2019-1308 CVE-2019-1335 CVE-2019-1366	Workaround: No Exploited: No Public: No	Remote Code Execution
Open Enclave SDK	Open Enclave SDK	Important	CVE-2019-1369	Workaround: No Exploited: No Public: No	Information Disclosure
SQL Server Management Studio	18.3, 18.3.1	Important	CVE-2019-1313 CVE-2019-1376	Workaround: No Exploited: No Public: No	Information Disclosure
Dynamics 365 On-Prem	9.0	Important	CVE-2019-1375	Workaround: No Exploited: No Public: No	Spoofing

Send me this chart next Patch Tuesday.

Home

User name:
Password:
	/ Forgot?
	Register

October 2019 Patch Tuesday	"Patch Tuesday - One public exploit you will want to give attention to " - sponsored by LOGbinder

Follow @randyfsmith

Home

Follow @randyfsmith

About | Newsletter | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2019 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.