Hello, welcome to the Wednesday, October 9th, 2019 edition of the Sansanet Storm Center's Stormcast.

My name is Johannes Ulrich.

And then I'm recording from Chicago, Illinois.

Well, it's Microsoft Patch Tuesday, so let's take a look at what Microsoft had to offer today.

Overall, I would rate this as a pretty average patch Tuesday as far as patched Tuesdays ago.

59 vulnerabilities were addressed this time, nine of which were critical.

None of the vulnerabilities were publicly disclosed before

this Tuesday or had been exploited according to Microsoft. Now, there are a couple sort of

noteworthy vulnerabilities among this set. One, for example, in Asia, that would allow a normal user running in a host

in Asia to actually escape that particular host. So essentially a sandbox escape could also

then turn into a remote code execution. We do have, and I think these variables are actually always kind of interesting, and Renato

is pointing this one out to vulnerability in Microsoft's XML core services.

Now the main exploit path here is of course in an explorer, but other software that uses

Microsoft XML core services to parse XML

could potentially be vulnerable here as well.

So make sure how you're using this particular library essentially.

Now Remote Desktop service is in the news again here as well, but this time it's the

client part, it's not the server part, and it would require that a user connects to

a malicious server in order to run code on declined.

So we're definitely not talking about another blue keep vulnerability here. Overall,

no real sort of clear patch priority here other than the critical ones you probably want to go

after first. And like I mentioned, that XML one could be a little bit tricky depending on

...