Hello, welcome to the Wednesday, November 13th, 2019 edition of the Sandstone Storm Center's Stormcast.

My name is Johannes Ulrich, and then I'm recording from Jacksonville, Florida.

Well, today, of course, we'll start with Microsoft's patched Tuesday, and Microsoft had sort of an overall, I would call it, average

patched Tuesday with 74 vulnerabilities being patched and 15 critical vulnerabilities. Now,

in addition to these patches, we also got two advisories. Advisories are usually notes referring to behavior changes or security

issues that don't necessarily result in a patch. Now, the one critical vulnerability that was

already exploited in the wild is yet again a scripting engine memory corruption vulnerability. Remember

when I talked about the Pone to Own contest on Monday how many of these devices fell due to

JavaScript issues, well this is yet another one, CVE 2019, 1429, has been exploited in the wild,

does allow remote code execution if a user visits a malicious webpage.

Of course, this makes you question a little bit the wisdom of throwing JavaScript everywhere,

given that I don't think

there is really remotely bug-free secure implementation of JavaScript.

Now then we had two vulnerabilities that were already publicly released but at this point

not yet exploited. One is an Excel issue that

affects the click-to-run system. Apparently what can happen here if a user receives a malicious

Excel document, that Excel document could execute code as system. So this is actually inversed

your standard code execution as a normal user and could also be used for privilege escalation

on a system. The second one is one of these advisories. It affects the trusted platform module

and does not affect directly any of Microsoft's code, which is why Microsoft did not release a patch,

just advisory that you should address this. The trusted platform module, of course, is something that Microsoft

Software interacts with, for disk encryption and such, and the problem here is an information

...