- The November Windows patch is out, and it comes with a large number of critical fixes.
- All users are urged to update immediately, as the patch covers a wide range of software tools and products.
- Some known minor issues accompany this update as always, but there are workarounds.
Microsoft has just released a pretty comprehensive patch for Windows 10, bringing 74 fixes, 13 of which address critical remote code execution (RCE) flaws. The software that is covered this time ranges from the OS core and the Edge browser to the Azure Stack, the Visual Studio, and the Exchange Server. All Windows 10 users will see the update on their settings menu, and everyone is advised to apply the patches as soon as possible, as they will help you stay safe and secure against a wide variety of threats.
More specifically, here are the most critical flaws that were fixed this time:
- Hyper-V arbitrary code execution and failure to validate input from guest OSes (CVE-2019-0721, CVE-2019-1389, CVE-2019-1397, and CVE-2019-1398)
- Microsoft Exchange RCE flaw (CVE-2019-1373)
- SharePoint server information disclosure flaw (CVE-2019-1443)
- Windows TCP/IP improper IPv6 packet handling (CVE-2019-1324)
- Windows Graphics Device Interface information disclosure flaw (CVE-2019-1439)
- Windows Graphics Component privilege elevation vulnerabilities (CVE-2019-1407 and CVE-2019-1433)
- Microsoft Office for Mac inability to disable macros properly (CVE-2019-1457)
- VBScript remote code execution vulnerability (CVE-2019-1390)
- Microsoft Scripting Engine memory corruption flaws (CVE-2019-1426, CVE-2019-1427, CVE-2019-1428, and CVE-2019-1429)
The rest of the patches concern “important” level flaws, so they are also crucial in several use-case scenarios. For example, CVE-2019-1020 is a bypass vulnerability in the Windows secure boot process, allowing an attacker to load malicious software via a third-party bootloader. With the latest patch, this threat has been blocked.
Remember, if you’re using a security solution, it will get updated with new rules to cover the disclosed vulnerabilities. However, applying the OS updates should be an absolute priority in order to defend from any form of known exploitation methods. Moreover, Microsoft delivers Windows updates in a cumulative form, so you will also get other optimizations and improvements bundled with the security fixes.
Applying this update may cause a number of side-effects which Microsoft describes in their “known issues” section. For example, the Exchange Server may greet you with a “File failed to upload” error when trying to save files on a network location, and the exchange services may remain in a disabled state. OOBE (Out of Box Experience) may also be associated with problems creating a local user through IME (Input Method Editor). Finally, renaming files and folders on a CSV (Cluster Shared Volume) may fail with the following error: “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. For most of these, there are workarounds provided by Microsoft.