November 2019 Patch Tuesday comes with patches for an IE zero-day exploited by attackers in the wild and four Hyper-V escapes.
Microsoft updates
Microsoft has delivered fixes for 74 vulnerabilities in various products, 13 of which are deemed to be critical. The most notable ones in this batch are:
CVE-2019-1429, a scripting engine memory corruption vulnerability that, according to researchers of the Google Threat Analysis Group, is being exploited in attacks in the wild to achieve remote code execution
CVE-2019-16863, a flaw effecting STMicroelectronics Trusted Platform Module (TPM) chipsets, which impacts key confidentiality in the Elliptic Curve Digital Signature Algorithm (ECDSA).
The former can be triggered in several ways.
“In a web-based attack scenario, an at ..
Support the originator by clicking the read the rest link below.