October’s Patch Tuesday is relatively modest, with Microsoft releasing a total of 59 patches. However, this shorter list still warrants attention. Nine of the 59 were still identified as Critical, while the remaining 50 were labeled Important. Most of the critical bulletins were for various Internet Explorer and Microsoft Edge vulnerabilities, with one covering a Remote Desktop Client vulnerability. The Important bulletins fixed several issues, including NLTM and Microsoft IIS server vulnerabilities.
Here’s a closer look at the notable vulnerabilities patched this month:
Remote Desktop Client
CVE-2019-1333 covered a remote code execution (RCE) vulnerability in Microsoft’s Remote Desktop Client. However, for an attacker to successfully exploit and gain remote access to a targeted system using this vulnerability they must have the user access their malicious RDP server, which may involve some use of social engineering.
Browser vulnerabilities
CVE-2019-1060, CVE-2019-1238, and CVE-2019-1239 are vulnerabilities found in how the VBScript engine of Internet Explorer handles objects in memory. CVE-2019-1307, CVE-2019-1308, CVE-2019-1335, and CVE-2019-1366 are similar vulnerabilities in the Chakra scripting engine of Microsoft Edge.
For both cases, a hack ..
Support the originator by clicking the read the rest link below.
