logo_SVG-01
✕
  • Platform
    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    • Managed Security Services
    • Managed Penetration Testing
  • Services
    • Assess
      • Compromise Assessment
      • Advanced Persistent Threats Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      • SOC Maturity Assessment
      • SOC Model Evaluation
      • SOC Gap Analysis
      • SIEM Gap Analysis
      • SIEM Optimization
      • SOC Content Pack
    • Train
      • Simulated Cyber Attack Exercise
      • Tabletop Exercise
      • Security Awareness and Training
    • Respond
      • Incident Analysis
      • Incident Response
  • Solutions
  • Resources
    • Blogs
    • Press Releases
    • Threat Insights
      • Threat Intelligence Reports
      • Threat Advisories
      • Monthly Threat Insights
  • Why Rewterz?
    • About Us
    • Careers
    • Contact
logo_SVG-01
  • Platform
    xdrLogo
    center_new
    Read More about XDR

    Platform

    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    Rewterz Threat Advisory – Update fixes IE 0-day RCE vulnerability and 74 other flaws in Microsoft Products

    Managed Security Services

    • Managed Security Monitoring
    • Remote SOC
    • Onsite SOC
    • Hybrid SOC

    Managed Penetration Testing

    Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.

  • Services

    Assess

    • Compromise Assessment
    • APT Assessment
    • Penetration Testing
    • Architecture Design & Review
    • Red Team Assessment
    • Purple Team Assessment
    • Social Engineering
    • Source Code Review

    Transform

    • SOC Consultancy
    • SOC Maturity Assessment
    • SOC Model Evaluation
    • SOC Gap Analysis
    • SIEM Gap Analysis
    • SIEM Optimization
    • SOC Content Pack

    Train

    • Simulated Cyber Attack Exercise
    • Tabletop Exercise
    • Security Awareness and Training

    Respond

    • Incident Analysis
    • Incident Response
  • Solutions
  • Resources

    Resources

    • Blog
    • Press Releases
    March 17, 2023
    March 17, 2023
    Rewterz Threat Alert – Chaos Ransomware – Active IOCs
    Severity High Analysis Summary Chaos is a customizable ransomware builder that emerged on June 9 2021 (in underground forums) by falsely marketing itself as the .NET […]
    March 17, 2023
    March 17, 2023
    Rewterz Threat Advisory – Multiple Adobe ColdFusion Vulnerabilities
    Severity High Analysis Summary CVE-2023-26361 CVSS:4.9 Adobe ColdFusion could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially […]
    March 17, 2023
    March 17, 2023
    Rewterz Threat Alert – Ursnif Banking Trojan aka Gozi – Active IOCs
    Severity Medium Analysis Summary Ursnif banking trojan also known as Gozi and Dreambot has been around for more than 10 years. It gained popularity in 2015 […]

    Threat Insights

    16
    pdf-file (1)
    Annual Threat Intelligence Report 2022
    • Threat Advisories
    • Monthly Threat Insights
    • Threat Intelligence Reports
  • Why Rewterz?

    About Us

    Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.

    Read More

    play_btn_Smallplay_btn_hover_Small
    leadership

    Our Leadership

    Our leadership team brings together years of knowledge and experience in cybersecurity to drive our company's mission and vision. Our team is passionate about delivering high-quality products and services, leading by example and assisting our clients in securing their organization’s environment.
    help

    CSR

    At Rewterz, we believe that businesses have a responsibility to impact positively and contribute to the well-being of our communities as well as the planet. That's why we are committed to operating in a socially responsible and sustainable way.

    Connect with Us

    • Contact
    • Careers
Get in Touch
logo_SVG-01
  • Platform
    xdrLogo
    center_new
    Read More about XDR

    Platform

    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    Rewterz Threat Advisory – Update fixes IE 0-day RCE vulnerability and 74 other flaws in Microsoft Products

    Managed Security Services

    • Managed Security Monitoring
    • Remote SOC
    • Onsite SOC
    • Hybrid SOC

    Managed Penetration Testing

    Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.

  • Services

    Assess

    • Compromise Assessment
    • APT Assessment
    • Penetration Testing
    • Architecture Design & Review
    • Red Team Assessment
    • Purple Team Assessment
    • Social Engineering
    • Source Code Review

    Transform

    • SOC Consultancy
    • SOC Maturity Assessment
    • SOC Model Evaluation
    • SOC Gap Analysis
    • SIEM Gap Analysis
    • SIEM Optimization
    • SOC Content Pack

    Train

    • Simulated Cyber Attack Exercise
    • Tabletop Exercise
    • Security Awareness and Training

    Respond

    • Incident Analysis
    • Incident Response
  • Solutions
  • Resources

    Resources

    • Blog
    • Press Releases
    March 17, 2023
    March 17, 2023
    Rewterz Threat Alert – Chaos Ransomware – Active IOCs
    Severity High Analysis Summary Chaos is a customizable ransomware builder that emerged on June 9 2021 (in underground forums) by falsely marketing itself as the .NET […]
    March 17, 2023
    March 17, 2023
    Rewterz Threat Advisory – Multiple Adobe ColdFusion Vulnerabilities
    Severity High Analysis Summary CVE-2023-26361 CVSS:4.9 Adobe ColdFusion could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially […]
    March 17, 2023
    March 17, 2023
    Rewterz Threat Alert – Ursnif Banking Trojan aka Gozi – Active IOCs
    Severity Medium Analysis Summary Ursnif banking trojan also known as Gozi and Dreambot has been around for more than 10 years. It gained popularity in 2015 […]

    Threat Insights

    16
    pdf-file (1)
    Annual Threat Intelligence Report 2022
    • Threat Advisories
    • Monthly Threat Insights
    • Threat Intelligence Reports
  • Why Rewterz?

    About Us

    Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.

    Read More

    play_btn_Smallplay_btn_hover_Small
    leadership

    Our Leadership

    Our leadership team brings together years of knowledge and experience in cybersecurity to drive our company's mission and vision. Our team is passionate about delivering high-quality products and services, leading by example and assisting our clients in securing their organization’s environment.
    help

    CSR

    At Rewterz, we believe that businesses have a responsibility to impact positively and contribute to the well-being of our communities as well as the planet. That's why we are committed to operating in a socially responsible and sustainable way.

    Connect with Us

    • Contact
    • Careers
Get in Touch
Rewterz
Rewterz Threat Advisory – CVE-2019-3648 – McAfee Patches Privilege Escalation Flaw in Antivirus Software
November 13, 2019
Rewterz
Rewterz Threat Alert – RevengeRAT Being Distributed via Malspam Campaigns
November 13, 2019

Rewterz Threat Advisory – Update fixes IE 0-day RCE vulnerability and 74 other flaws in Microsoft Products

November 13, 2019

Severity

High

Analysis Summary

Microsoft has released November updates to fix 75 security flaws in multiple products.

CVE-2019-1429 – Scripting Engine Memory Corruption Vulnerability could allow an attacker to conduct a web-based attack via specially crafted web pages that exploits the vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

Microsoft also fixed a publicly disclosed vulnerability in Microsoft Office for Mac titled “CVE-2019-1457 | Microsoft Office Excel Security Feature Bypass” that allows attackers to bypass security restrictions. If the Microsoft Excel for Mac option “Disable all macros without notification” is enabled, XLM macros in SYLK files are executed without prompting the user. “If Office for the Mac has been configured to use the “Disable all macros without notification” feature, XLM macros in SYLK files are executed without prompting the user. This behavior is consistent even with fully-patched Office 2016 and Office 2019 for Mac systems, says Will Dormann of the CERT/CC.

Below are other vulnerabilities that are fixed in this November update:

CVE-2019-1234Azure Stack Spoofing Vulnerability
ADV190024Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)
CVE-2019-1456OpenType Font Parsing Remote Code Execution Vulnerability
CVE-2019-1413Microsoft Edge Security Feature Bypass Vulnerability
CVE-2019-1373Microsoft Exchange Remote Code Execution Vulnerability
CVE-2019-1441Win32k Graphics Remote Code Execution Vulnerability
CVE-2019-1408Win32k Elevation of Privilege Vulnerability
CVE-2019-1439Windows GDI Information Disclosure Vulnerability
CVE-2019-1438Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2019-1407Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2019-1394Win32k Elevation of Privilege Vulnerability
CVE-2019-1393Win32k Elevation of Privilege Vulnerability
CVE-2019-1396Win32k Elevation of Privilege Vulnerability
CVE-2019-1395Win32k Elevation of Privilege Vulnerability
CVE-2019-1437Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2019-1432DirectWrite Information Disclosure Vulnerability
CVE-2019-1411DirectWrite Information Disclosure Vulnerability
CVE-2019-1440Win32k Information Disclosure Vulnerability
CVE-2019-1419OpenType Font Parsing Remote Code Execution Vulnerability
CVE-2019-1433Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2019-1436Win32k Information Disclosure Vulnerability
CVE-2019-1412OpenType Font Driver Information Disclosure Vulnerability
CVE-2019-1434Win32k Elevation of Privilege Vulnerability
CVE-2019-1435Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2019-1406Jet Database Engine Remote Code Execution Vulnerability
CVE-2019-1445Microsoft Office Online Spoofing Vulnerability
CVE-2019-1449Microsoft Office ClickToRun Security Feature Bypass Vulnerability
CVE-2019-1446Microsoft Excel Information Disclosure Vulnerability
CVE-2019-1447Microsoft Office Online Spoofing Vulnerability
CVE-2019-1402Microsoft Office Information Disclosure Vulnerability
CVE-2019-1448Microsoft Excel Remote Code Execution Vulnerability
CVE-2019-1457Microsoft Office Excel Security Feature Bypass
CVE-2019-1443Microsoft SharePoint Information Disclosure Vulnerability
CVE-2019-1442Microsoft Office Security Feature Bypass Vulnerability
CVE-2019-1409Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2019-1426Scripting Engine Memory Corruption Vulnerability
CVE-2019-1429Scripting Engine Memory Corruption Vulnerability
CVE-2019-1427Scripting Engine Memory Corruption Vulnerability
CVE-2019-1428Scripting Engine Memory Corruption Vulnerability
CVE-2019-1390VBScript Remote Code Execution Vulnerability
CVE-2019-1383Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2019-1418Windows Modules Installer Service Information Disclosure Vulnerability
CVE-2018-12207Windows Denial of Service Vulnerability
CVE-2019-1420Windows Elevation of Privilege Vulnerability
CVE-2019-1417Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2019-1415Windows Installer Elevation of Privilege Vulnerability
CVE-2019-1374Windows Error Reporting Information Disclosure Vulnerability
CVE-2019-1422Windows Elevation of Privilege Vulnerability
CVE-2019-1423Windows Elevation of Privilege Vulnerability
CVE-2019-1424NetLogon Security Feature Bypass Vulnerability
CVE-2019-1382Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability
CVE-2019-1385Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVE-2019-1380Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2019-1388Windows Certificate Dialog Elevation of Privilege Vulnerability
CVE-2019-1391Windows Denial of Service Vulnerability
CVE-2019-1384Microsoft Windows Security Feature Bypass Vulnerability
CVE-2019-1405Windows UPnP Service Elevation of Privilege Vulnerability
CVE-2019-1381Microsoft Windows Information Disclosure Vulnerability
CVE-2019-1379Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2019-1324Windows TCP/IP Information Disclosure Vulnerability
CVE-2019-1370Open Enclave SDK Information Disclosure Vulnerability
ADV990001Latest Servicing Stack Updates
CVE-2019-1425Visual Studio Elevation of Privilege Vulnerability
CVE-2019-1398Windows Hyper-V Remote Code Execution Vulnerability
CVE-2019-1310Windows Hyper-V Denial of Service Vulnerability
CVE-2019-0719Hyper-V Remote Code Execution Vulnerability
CVE-2019-1399Windows Hyper-V Denial of Service Vulnerability
CVE-2019-1397Windows Hyper-V Remote Code Execution Vulnerability
CVE-2019-0712Windows Hyper-V Denial of Service Vulnerability
CVE-2019-0721Hyper-V Remote Code Execution Vulnerability
CVE-2019-1389Windows Hyper-V Remote Code Execution Vulnerability
CVE-2019-1309Windows Hyper-V Denial of Service Vulnerability
CVE-2019-1392Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-11135Windows Kernel Information Disclosure Vulnerability
CVE-2019-1430Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2019-1416Windows Subsystem for Linux Elevation of Privilege Vulnerability

Impact

  • Memory Corruption
  • Remote Code Execution
  • System Takeover
  • Security Bypass
  • Privilege Escalation
  • Information Disclosure
  • Denial of Service
  • Impersonation

Affected Vendors

Microsoft

Affected Products

  • Microsoft Edge
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft JET Database Engine
  • Microsoft Office
  • Microsoft Office SharePoint
  • Microsoft RPC
  • Microsoft Windows
  • Visual Studio
  • Windows Hyper-V
  • Windows Kernel
  • Windows Media Player
  • Windows Subsystem for Linux

Remediation

Install updates as soon as possible.

https://www.bleepingcomputer.com/microsoft-patch-tuesday-reports/Nov-2019.html

Platform

  • Rewterz XDR
  • Rewterz Defense
  • Rewterz Threat Intelligence

Managed Security Services

  • Managed Security Monitoring
  • Remote SOC
  • Onsite SOC
  • Hybrid SOC

Assess

  • Compromise Assessment
  • APT Assessment
  • Penetration Testing
  • Architecture Design & Review
  • Red Team Assessment
  • Purple Team Assessment
  • Social Engineering
  • Source Code Review

Transform

  • SOC Consultancy
  • SOC Maturity Assessment
  • SOC Model Evaluation
  • SOC Gap Analysis
  • SIEM Gap Analysis
  • SIEM Optimization
  • SOC Content Pack

Train

  • Simulated Cyber Attack Exercise
  • Tabletop Exercise
  • Security Awareness and Training

Respond

  • Incident Analysis
  • Incident Response

Threat Insights

  • Threat Advisories
  • Monthly Threat Insights
  • Threat Intelligence Reports

Resources

  • Blog
  • Press Releases

Connect With Us

  • Contact
  • Careers
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.
Get a Demo