October 2019 Patch Tuesday Index

Are you ready for October’s Patch Tuesday? We here at Automox are monitoring all the major services and feeds to make sure we are up to date with the latest information and released. In an effort to keep the myriad of patches released today together, we are providing an index of the major patches as they become available. This patch index will be live throughout the day so be sure to check back often to make sure you are up to date with the latest information. We will publish a recap and breakdown blog tomorrow and you can register for our Patch Tuesday Webinar, hosted Thursday, here.

Updated Live. Last Update 11:44 AM Oct. 8 2019.

microsoftMicrosoft
Product
Title
Identifier
Severity
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Latest Servicing Stack Updates ADV990001 Critical
Internet Explorer 9, 10, 11 and Microsoft Edge Microsoft Browser Spoofing Vulnerability CVE-2019-0608 Important
Windows 8, 10 and Server 2012, 2016, 2019 MS XML Remote Code Execution Vulnerability CVE-2019-1060 Critical
Microsoft SharePoint 2013 and 2016 Microsoft Office SharePoint XSS Vulnerability CVE-2019-1070 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows NTLM Tampering Vulnerability CVE-2019-1166 Important
Windows 10 and Server 2019 Hyper-V Information Disclosure Vulnerability CVE-2019-1230 Important
Internet Explorer 9, 10, 11 VBScript Remote Code Execution Vulnerability CVE-2019-1238 Critical
Internet Explorer 11 VBScript Remote Code Execution Vulnerability CVE-2019-1239 Critical
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1307 Critical
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1308 Critical
Windows 8, 10 and Server 2012, 2016, 2019 Windows Imaging API Remote Code Execution Vulnerability CVE-2019-1311 Important
SQL Server Management Studio SQL Server Management Studio Information Disclosure Vulnerability CVE-2019-1313 Important
Windows 10 Mobile Windows 10 Mobile Security Feature Bypass Vulnerability CVE-2019-1314 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Error Reporting Manager Elevation of Privilege Vulnerability CVE-2019-1315 Important
Windows 10 and Server 2016, 2019 Microsoft Windows Setup Elevation of Privilege Vulnerability CVE-2019-1316 Important
Windows 10 and Server 2016, 2019 Microsoft Windows Denial of Service Vulnerability CVE-2019-1317 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Microsoft Windows Transport Layer Security Spoofing Vulnerability CVE-2019-1318 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Error Reporting Elevation of Privilege Vulnerability CVE-2019-1319 Important
Windows 10 and Server 2019 Microsoft Windows Elevation of Privilege Vulnerability CVE-2019-1320 Important
Windows 10 and Server 2019 Microsoft Windows CloudStore Elevation of Privilege Vulnerability CVE-2019-1321 Important
Windows 10 and Server 2019 Microsoft Windows Elevation of Privilege Vulnerability CVE-2019-1322 Important
Windows 10 and Server 2019 Microsoft Windows Update Client Elevation of Privilege Vulnerability CVE-2019-1323 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows redirected Drive Buffering System Elevation of Privilege Vulnerability CVE-2019-1325 Moderate
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability CVE-2019-1326 Important
Microsoft Excel 2010, 2013, 2016, 2019 and Office 365 ProPlus Microsoft Excel Remote Code Execution Vulnerability CVE-2019-1327 Important
Microsoft SharePoint 2010, 2013, 2016 Microsoft SharePoint Spoofing Vulnerability CVE-2019-1328 Important
Microsoft SharePoint 2010, 2013, 2016 Microsoft SharePoint Elevation of Privilege Vulnerability CVE-2019-1329 Important
Microsoft SharePoint 2010, 2013, 2016 Microsoft SharePoint Elevation of Privilege Vulnerability CVE-2019-1330 Important
 Microsoft Excel 2010, 2013, 2016, 2019 Microsoft Excel Remote Code Execution Vulnerability CVE-2019-1331 Important
Windows 7, 8 10 and Server 2008, 2012, 2016, 2019 Remote Desktop Client Remote Code Execution Vulnerability CVE-2019-1333 Critical
Windows 8, 10 and Server 2012, 2016, 2019 Windows Kernel Information Disclosure Vulnerability CVE-2019-1334 Important
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1335 Critical
Windows 10 and Server 2019 Microsoft Windows Update Client Elevation of Privilege Vulnerability CVE-2019-1336 Important
Windows 10 and Server 2019 Windows Update Client Information Disclosure Vulnerability CVE-2019-1337 Important
Windows 7 and Server 2008 Windows NTLM Security Feature Bypass Vulnerability CVE-2019-1338 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Error Reporting Manager Elevation of Privilege Vulnerability CVE-2019-1339 Important
Windows 10 and Server 2019 Microsoft Windows Elevation of Privilege Vulnerability CVE-2019-1340 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Power Service Elevation of Privilege Vulnerability CVE-2019-1341 Critical
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Error Reporting Manager Elevation of Privilege Vulnerability CVE-2019-1342 Important
Windows 8, 10 and Server 2012, 2016, 2019 Windows Denial of Service Vulnerability CVE-2019-1343 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Microsoft Code Integrity Module Information Disclosure Vulnerability CVE-2019-1344 Important
Windows 10 and Server 2016, 2019 Windows Kernel Information Disclosure Vulnerability CVE-2019-1345 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Denial of Service Vulnerability CVE-2019-1346 Important
Windows 7, 8, 10 and Server 2012, 2016, 2019 Windows Denial of Service Vulnerability CVE-2019-1347 Important
Microsoft Edge Microsoft Edge based on Edge HTML Information Disclosure Vulnerability CVE-2019-1356 Important
Internet Explorer 10, 11 and Edge Microsoft browser Spoofing Vulnerability CVE-2019-1357 Important
Windows 8, 10 and Server 2012, 2016, 2019 Jet Database Engine Remote Code Execution Vulnerability CVE-2019-1358 Important
Windows 8, 10 and Server 2012, 2016, 2019 Jet Database Engine Remote Code Execution Vulnerability CVE-2019-1359 Important
Windows 7 and Server 2008 Microsoft Graphics Components Information Disclosure Vulnerability CVE-2019-1361 Important
Windows 7 and Server 2008 Win32k Elevation of Privilege Vulnerability CVE-2019-1362 Critical
Windows 7 and Server 2008 Windows GDI Information Disclosure Vulnerability CVE-2019-1363 Important
Windows 7 and Server 2008 Win32k Elevation of Privilege Vulnerability CVE-2019-1364 Important
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Microsoft IIS Server Elevation of Privilege Vulnerability CVE-2019-1365 Important
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1366 Critical
Windows 10 and Server 2019 Windows Secure Booth Security Feature Bypass Vulnerability CVE-2019-1368 Important
Open Enclave SDK Open Enclave SDK Information Disclosure Vulnerability CVE-2019-1369 Important
Internet Explorer 9, 10, 11 Internet Explorer Memory Corruption Vulnerability CVE-2019-1371 Important
Azure App Service Azure App Service Remote Code Execution Vulnerability CVE-2019-1372 Critical
Microsoft Dynamics Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability CVE-2019-1375 Important
SQL Server Management Studio SQL Server Management Studio Information Disclosure Vulnerability CVE-2019-1376 Important
apple copy Apple
Product
Title
Identifier
Severity
iTunes
iTunes 12.10.1 for Windows
N/A
iCloud
iCloud for Windows 7.14
N/A
iCloud
iCloud for Windows 10.7
N/A
macOS
macOS Catalina 10.15
N/A

 

Want a more in-depth discussion about this month's Patch Tuesday releases? Join Richard Melick on Thursday, October 10th, at 1:00 pm EST for Automox's Automating Patch Tuesday Webinar. Even if you can't make it, we'll send you a recording to watch at your leisure. Sign up below!

SAVE MY SPOT

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure. 

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

Get Instant Updates on Vulnerabilities

Subscribe to receive Automox vulnerability alerts

Reduce your threat surface by up to 80%

Make all of your corporate infrastructure more resilient by automating the basics of cyber hygiene.

Take 15 days to raise your security confidence!
Start a Free Trial