For system admins who’ve been in their trade for a while, Patch Tuesday and the endless patching and updating that follows is something you’re likely familiar with. For those of you new to the trade, here’s a quick introduction.
What is Patch Tuesday?
It refers to the time of the month that Microsoft releases security and non-security patches to address the vulnerabilities in it’s software products. Updates for improving or enhancing an application/OS are also released on Patch Tuesday.
When is Patch Tuesday?
It usually falls on the second Tuesday of every month. Microsoft formalized Patch Tuesday on October 2003.
Now that we know what Patch Tuesday is, let’s take a look at this month’s Patch Tuesday updates.
Highlights of Patch Tuesday November 2019
This Patch Tuesday, Microsoft has released updates to fix 74 vulnerabilities of which 13 are classified as Critical and 59 are deemed Important. With the release of the November 2019 security updates, Microsoft has also released 2 advisories
Patch Tuesday updates for Microsoft products
Microsoft Patch Tuesday October 2019 covers vulnerabilities in:
- Microsoft Windows
- Internet Explorer
- Microsoft Edge (EdgeHTML)
- Microsoft Office, Microsoft Office Services, and Web Apps
- Open Source Software
- Secure Boot
- Microsoft Exchange Server
- Visual Studio
- Azure Stack
Some of the third-party applications that have been patched are:
- Archi 4.6
- KeePassXC 2.5.1
- GoodSync 10.10.12
- Zoom 4.5.5752.1110
- Microsoft Power BI Desktop 2.75.5649.582
Zero-day vulnerability in Internet Explorer fixed
This month’s Patch Tuesday fixes a critical remote code execution vulnerability in Internet Explorer that was being exploited in the wild. This was a scripting engine memory corruption vulnerability and if exploited, can allow the attacker to conduct web based attacks. The CVE ID to patch this vulnerability is CVE-2019-1429
Apart from this Microsoft also patched a publicly disclosed vulnerability in Microsoft Office for Mac, which was a security feature bypass vulnerability with the CVE ID : CVE-2019-1457
Vulnerabilities that received major updates
Hyper-V hypervisor has been the main focus of this Patch Tuesday. Microsoft has released patches to fix nine Hyper-V vulnerabilities, five of which could have been potentially leveraged to perform remote code execution. The CVE IDs to patch these vulnerabilities are CVE-2019-0712, CVE-2019-0719, CVE-2019-0721, CVE-2019-1309, CVE-2019-1310, CVE-2019-1389, CVE-2019-1397, CVE-2019-1398, CVE-2019-1399. Apart from this, Windows Kernal and scripting engines have also received various updates.
Best practices to handle Microsoft Patch Tuesday updates for November 2019
Patching and updating all your endpoints might seem like an impossible task, but there are best practices you can follow to streamline your patching process:
- Prioritize patching for the Critical vulnerabilities first. In this Patch Tuesday we have 13 critical updates with CVE IDs as follows CVE-2019-1373, CVE-2019-1441, CVE-2019-1419, CVE-2019-1426, CVE-2019-1429, CVE-2019-1427, ADV990001, CVE-2019-1398, CVE-2019-0719, CVE-2019-1397, CVE-2019-0721, CVE-2019-1389, CVE-2019-1430
- Automate all other Important and Moderate updates after that.
- Schedule updates to go out during non-business hours to prevent downtime.
- Create a test group to verify the stability of Patch Tuesday updates before rolling them out to production machines.
- Decline less critical patches and roll them out after the important issues have been addressed.
- Postpone or schedule reboots for critical machines and servers.
- Run patch reports to ensure network endpoints are up-to-date with the latest patch
We can already hear you sighing just thinking about this tedious process. But don’t worry, we’ve got you covered!
ManageEngine offers two solutions—Desktop Central and Patch Manager Plus. Both help you automate all the best practices mentioned above from one central console. Try both solutions free for 30 days to keep more than 750 applications, including over 300 third-party applications, up-to-date.
** Optrics Inc. is an Authorized ManageEngine partner
The original article can be found here: