Microsoft revealed a total of 74 patches, 13 of which were classified as critical patches for remote code execution (RCE) vulnerabilities in November before major Windows update.
Microsoft reached 74 patches for fixing vulnerabilities in November before Windows 10 November 2019 Update. When 13 of these patches were classified as critical, the remaining majority includes patches for Windows graphics components and Microsoft SharePoint. Cybersecurity firm TrendMicro shared some detailed about Microsoft’s patches.
Most of the critical patches were caused by flaws in Hyper-V, Microsoft’s virtualization software. These were CVE-2019-0721, CVE-2019-1389, CVE-2019-1397, and CVE-2019-1398. According to TrendMicro, the vulnerabilities exist in how Hyper-V fails to adequately validate input from a guest operating system. Hackers can use a special application on a guest operating system that could have the Hyper-V host operating system to execute arbitrary code.
Microsoft Exchange patch
CVE-2019-1373 is also a critical patch for fixing an RCE vulnerability in Microsoft Exchange which manifests in the deserialization of metadata through PowerShell. This vulnerability allows a successful threat actor to run arbitrary code like a legitimate system user.
Important patches address an information disclosure vulnerability. CVE-2019-1443 is defined as an important patch that fixes the vulnerability in SharePoint. This vulnerability causes uploading a specifically crafted file to the SharePoint server and obtains SMB hashes.
Windows TCP/IP patch
CVE-2019-1324 fixes a vulnerability in the Windows TCP/IP stack that improperly handles IPv6 packets. It allows hackers to acquire the information they can use to more heavily compromise the system. Also, it sends specially crafted IPv6 packets to the targeted Windows computer.
Windows Graphics patches
One of the most important patches, CVE-2019-1439 is responsible for rendering graphical objects in output devices like monitors and printers vulnerability in Windows’ Graphics Device Interface (GDI). TrendMicro researchers said that sackers can use social engineering techniques to have a user open a malicious document or visit an untrusted webpage that would allow them to exploit the vulnerability and steal sensitive information.
Windows Graphics Component has also another vulnerability. In order to fix these vulnerabilities, CVE-2019-1407 and CVE-2019-1433 are another two patches that address the way graphics component handles objects in memory and prevents possible hackers from running processes in an elevated context.
Mac Macro patch
CVE-2019-1457 is for fixing an earlier reported vulnerability in Microsoft Office for Mac. The November list also includes a notable fix to an earlier reported vulnerability in Microsoft Office for Mac. The option “Disable all macros without notification,” in the flaw enables a certain macro format called XLM to run without any prompt. It augments the security risk linked to an opening to run arbitrary code.
Stay tuned for up-to-date Cyber Security News