The Microsoft October security updates have been released and consist of 59 CVEs. Of these 59 CVEs, 9 are rated Critical, 49 are rated Important and 1 is rated Moderate in severity. Two are listed as publicly known and two others are listed as under active attack at the time of release.
The updates address Spoofing, Remote Code Execution, Information Disclosure, Tampering and Denial of Service. They apply to the following: Microsoft Windows, Internet Explorer, Edge (EdgeHTML-based), ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, SQL Server Management Studio, Microsoft Dynamics 365, Windows Update Assistant and Open Source Software.
Note: Adobe has not issued a Flash Player update.
Known Issues: See the Known Issues and accompanying work-around in the KB Articles for your version of Windows in the Update History at October 2019 Security Updates.
Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative — The October 2019 Security Update Review.
The updates address Spoofing, Remote Code Execution, Information Disclosure, Tampering and Denial of Service. They apply to the following: Microsoft Windows, Internet Explorer, Edge (EdgeHTML-based), ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, SQL Server Management Studio, Microsoft Dynamics 365, Windows Update Assistant and Open Source Software.
Note: Adobe has not issued a Flash Player update.
Known Issues: See the Known Issues and accompanying work-around in the KB Articles for your version of Windows in the Update History at October 2019 Security Updates.
Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative — The October 2019 Security Update Review.