SlideShare a Scribd company logo

Patch Tuesday Webinar Highlights

Download as PPTX, PDF
Ivanti
Ivanti

This document provides an agenda and overview for a November 13, 2019 webinar on the November 2019 Patch Tuesday updates. The webinar will include an overview of the November 2019 Patch Tuesday updates, discussion of related news articles, details on specific bulletins and patches released, and a question and answer session. Known issues are listed for some of the Windows 10 updates. A variety of vulnerabilities addressed in the November 2019 patches are also summarized, including a remote code execution vulnerability exploited in the wild (CVE-2019-1429).

Internet
1 of 44
Patch Tuesday Webinar Wednesday, November 13, 2019 Hosted by: Chris Goettl & Todd Schell Dial in: 1-877-668-4490 (US) Event ID: 808 925 120
Copyright©2019Ivanti.Allrightsreserved Agenda November 2019 Patch Tuesday Overview In the News Bulletins Q & A 1 2 3 4
Copyright©2019Ivanti.Allrightsreserved  Overview
Copyright©2019Ivanti.Allrightsreserved
Copyright©2019Ivanti.Allrightsreserved  In the News
Copyright©2019Ivanti.Allrightsreserved In The News . . .  BlueKeep Update  https://www.microsoft.com/security/blog/2019/11/07/the-new-cve-2019-0708- rdp-exploit-attacks-explained/  https://www.zdnet.com/article/bluekeep-exploit-to-get-a-fix-for-its-bsod- problem/  https://healthitsecurity.com/news/microsoft-warns-bluekeep-rdp-flaw-attacks- will-increase-urges-patch  https://securityboulevard.com/2019/11/bluekeep-panic-as-rce-rdp-exploit- floods-the-net/  ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)  https://portal.msrc.microsoft.com/en-US/security- guidance/advisory/ADV190024
Copyright©2019Ivanti.Allrightsreserved In The News . . .  The November 2019 Update  https://support.microsoft.com/en-us/help/4529964/windows-10-update-history  https://support.microsoft.com/en-us/help/4517245/feature-update-via- windows-10-version-1909-enablement-package  End of Life is coming! Two more Patch Tuesdays until Windows 7 and Server 20082008 R2 EoL  https://www.bleepingcomputer.com/news/microsoft/new-update-lets-windows- users-test-extended-security-updates/  https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/How-to-get- Extended-Security-Updates-for-eligible-Windows/ba-p/917807  https://forums.ivanti.com/s/article/Custom-Patch-Support-for-Microsoft-s- Windows-7-and-Server-2008-2008-R2-Extended-Support
Copyright©2019Ivanti.Allrightsreserved In The News . . .  Intel  Intel Processor Machine Check Error vulnerability (CVE-2018-12207)  CVE - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2018-12207  Guidance - https://support.microsoft.com/en-us/help/4530989/guidance-for- protecting-against-intel-processor-machine-check-error-vu  Intel Transactional Synchronization Extensions (Intel TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135)  CVE - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE- 2019-11135  Client Guidance – https://support.microsoft.com/en-us/help/4073119/protect-against- speculative-execution-side-channel-vulnerabilities-in  Server Guidance – https://support.microsoft.com/en-us/help/4072698/windows- server-speculative-execution-side-channel-vulnerabilities-prot
Copyright©2019Ivanti.Allrightsreserved Zero-day Exploited Vulnerabilities  CVE-2019-1429 Scripting Engine Memory Corruption Vulnerability  A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.  The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.
Copyright©2019Ivanti.Allrightsreserved Publicly Disclosed Vulnerabilities  CVE-2019-1457 Microsoft Office Excel Security Feature Bypass  A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an Excel worksheet that specifies a macro should be run. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Office software. The security update addresses the vulnerability by enforcing macro settings on Excel documents.
Copyright©2019Ivanti.Allrightsreserved Windows 10 Lifecycle Awareness  Windows 10 Branch Support Source: Microsoft
Copyright©2019Ivanti.Allrightsreserved Windows 10 Lifecycle Awareness (cont)  Enterprise LTSB/LTSC Support  Complete Lifecycle Fact Sheet  https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet Source: Microsoft
Copyright©2019Ivanti.Allrightsreserved Microsoft Patch Tuesday Updates of Interest  Advisory 990001 Latest Servicing Stack Updates  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV990001  SSUs for all supported operating systems  Development Tool and Component Updates  Azure Stack  CharkaCore  Open Enclave SDK  Visual Studio 2017 and 2019  Visual Studio Code Source: Microsoft
Copyright©2019Ivanti.Allrightsreserved Weekly Patch BLOG  Latest Patch Releases  Microsoft and Third-party  Security and non-Security  CVE Analysis  Security Events of Interest  Host: Brian Secrist  https://www.ivanti.com/blog/ topics/patch-tuesday
Copyright©2019Ivanti.Allrightsreserved Patch Content Announcement System Announcements Now Posted on Community Forum Pages  https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2  Subscribe to receive email for the desired product(s)
Copyright©2019Ivanti.Allrightsreserved  Bulletins
Copyright©2019Ivanti.Allrightsreserved MS19-11-W10: Windows 10 Update  Maximum Severity: Critical  Affected Products: Microsoft Windows 10 Versions 1607, 1703, 1709, 1803, 1809, 1903, Server 2016, Server 2019, Server 1709, Server 1803, IE 11 and Microsoft Edge  Description: This bulletin references 16 KB articles. See KBs for the list of changes.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege and Information Disclosure  Fixes 58 Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See Details column of Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: See next slides
Copyright©2019Ivanti.Allrightsreserved November Known Issues for Windows 10  KB 4525232 – Windows 10  [File Rename] Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Workaround: Perform the operation from a process that has administrator privilege or perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution.  KB 4525236 – Windows 10, Version 1607 and Server 2016  [Min Password] After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters. Workaround: Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution.  [File Rename]
Copyright©2019Ivanti.Allrightsreserved November Known Issues for Windows 10 (cont)  KB 4525241 – Windows 10, Version 1709  [File Rename]  [User OOBE] When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages. Workaround: Set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. See this KB for more details. Microsoft is working on a resolution.  KB 4525237 – Windows 10, Version 1803  [File Rename]  [User OOBE]
Copyright©2019Ivanti.Allrightsreserved November Known Issues for Windows 10 (cont)  KB 4523205 – Windows 10, Version 1809, Server 2019 All Versions  [Asian Packs] After installing KB 4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.“ Workaround: Uninstall and reinstall any recently added language packs or select Check for Updates and install the April 2019 Cumulative Update. See KB for more recovery details. Microsoft is working on a resolution.  [File Rename]  [User OOBE]  KB 4524570 – Windows 10, Version 1903  [User OOBE]
Copyright©2019Ivanti.Allrightsreserved MS19-11-IE: Security Updates for Internet Explorer  Maximum Severity: Critical  Affected Products: Microsoft Internet Explorer 9,10,11  Description: The fixes that are included in the cumulative Security Update for Internet Explorer are also included in the November 2019 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are in the cumulative update. This bulletin references 11 KB articles.  Impact: Remote Code Execution  Fixes 2 Vulnerabilities: CVE-2019-1390, CVE-2019-1429  Restart Required: Requires browser restart  Known Issues: None reported
Copyright©2019Ivanti.Allrightsreserved MS19-11-MR2K8: Monthly Rollup for Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008 and IE 9  Description: This security update includes improvements and fixes that were a part of update KB 4520015 (released October 15, 2019). Bulletin is based on KB 4525234.  Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 31 + 2 (IE 9) Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: None reported
Copyright©2019Ivanti.Allrightsreserved MS19-11-SO2K8: Security-only Update for Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008  Description: This bulletin is based on KB 4525239.  Security updates to Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 31 Vulnerabilities: No reported exploited or publicly disclosed vulnerabilities. See Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: None reported
Copyright©2019Ivanti.Allrightsreserved MS19-11-MR7: Monthly Rollup for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7, Server 2008 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 4519972 (released October 15, 2019). Bulletin is based on KB 4525235.  Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 35 + 2 IE Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: None reported.
Copyright©2019Ivanti.Allrightsreserved MS19-11-SO7: Security-only Update for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7 SP1, Server 2008 R2 SP1  Description: Bulletin is based on KB 4525233.  Security updates to Microsoft Scripting Engine, Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 35 Vulnerabilities: No reported exploited or publicly disclosed vulnerabilities. See Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: None reported
Copyright©2019Ivanti.Allrightsreserved MS19-11-MR8: Monthly Rollup for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012 and IE  Description: This security update includes improvements and fixes that were a part of update KB 4520013 (released October 15, 2019). Bulletin is based on KB 4525246.  Security updates to Microsoft Graphics Component, Internet Explorer, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 37 + 2 IE Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
Copyright©2019Ivanti.Allrightsreserved MS19-11-SO8: Security-only Update for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012  Description: Bulletin is based on KB 4525253.  Security updates to Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 37 Vulnerabilities: No reported exploited or publicly disclosed vulnerabilities. See Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
Copyright©2019Ivanti.Allrightsreserved MS19-11-MR81: Monthly Rollup for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 4520012 (released October 15, 2019). Bulletin is based on KB 4525243.  Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 37 + 2 IE Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
Copyright©2019Ivanti.Allrightsreserved MS19-11-SO81: Security-only Update for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2  Description: Bulletin is based on KB 4525250.  Security updates to Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 37 Vulnerabilities: No reported exploited or publicly disclosed vulnerabilities. See Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
Copyright©2019Ivanti.Allrightsreserved MS19-11-EXCH: Security Updates for Exchange Server  Maximum Severity: Critical  Affected Products: Microsoft Exchange Server 2013, 2016 and 2019  Description: This security update fixes a vulnerability in Microsoft Exchange Server which allows the deserialization of metadata via PowerShell. This bulletin is based on KB 4523171.  Impact: Remote Code Execution  Fixes 1 Vulnerability: CVE-2019-1373  Restart Required: Requires restart  Known Issues: Must install update with administrator privileges
Copyright©2019Ivanti.Allrightsreserved MS19-11-OFF: Security Updates for Microsoft Office  Maximum Severity: Important  Affected Products: Excel 2010-2016, Excel 2016 for Mac, Office 2010-2016, Office 2016 and 2019 for Mac  Description: This security update resolves vulnerabilities in several Microsoft Office applications. This bulletin references 10 KB articles plus release notes for MacOS.  Impact: Remote Code Execution, Security Feature Bypass, and Information Disclosure  Fixes 4 Vulnerabilities: CVE-2019-1402, CVE-2019-1446, CVE-2019-1448, CVE- 2019-1457  Restart Required: Requires application restart  Known Issues: None reported
Copyright©2019Ivanti.Allrightsreserved MS19-11-O365: Security Updates for Office 365 ProPlus and Office 2019  Maximum Severity: Important  Affected Products: Office 365 ProPlus, Office 2019  Description: This month’s update resolved various bugs and performance issues in Microsoft Office 365 and Office 2019 applications. Information on Office 365 ProPlus updates is available at https://docs.microsoft.com/en-us/officeupdates/release-notes- office365-proplus  Impact: Remote Code Execution, Security Feature Bypass, and Information Disclosure  Fixes 4 Vulnerabilities: CVE-2019-1402, CVE-2019-1446, CVE-2019-1448, CVE- 2019-1449  Restart Required: Requires application restart  Known Issues: None reported
Copyright©2019Ivanti.Allrightsreserved MS19-11-SPT: Security Updates for SharePoint Server  Maximum Severity: Important  Affected Products: Microsoft Enterprise SharePoint Server 2010-2019  Description: This security update resolves a security feature bypass vulnerability that exists if Microsoft Office does not validate URLs; an information disclosure vulnerability that exists in Microsoft SharePoint if an attacker uploads a specially crafted file; and an information disclosure vulnerability that exists if Microsoft Excel incorrectly discloses the contents of its memory. This bulletin is based on 6 KB articles.  Impact: Security Feature Bypass and Information Disclosure  Fixes 3 Vulnerabilities: CVE-2019-1442, CVE-2019-1443, CVE-2019-1446  Restart Required: Requires Restart  Known Issues: None reported
Copyright©2019Ivanti.Allrightsreserved Between Patch Tuesday’s New Product Support: CrowdStrike Falcon Sensor, Morphisec Protector Security Updates: Adobe (6), Apple (3), CCleaner (1), Amazon Corretto (2), DropBox (3), FireFox (5), Foxit (2), GIMP (1), Google Chrome (4), GOM Player (1), GoodSync (2), GoToMeeting (4), LibreOffice (2), Microsoft (2), Nitro Pro (2), Node.JS (6), Oracle (3), Notepad++ (2), Opera (5), Plex (3), PowerBI (3), Skype (1), Slack (2), Snagit (2), Splunk Forwarder (1), Tableau (11), Thunderbird (4), Tomcat (2), ToroiseGit (1), TortoiseSVN (1), TeamViewer (4), VMware Tools (1), VMware Workstation (1), WinSCP (1), Wireshark (2) Non-Security Updates: AIMP (2), Azure Information Protection (1), Box Edit (1), Beyond Compare (3), CrowdStrike (1), Google Drive (1), GoTo Opener (1), Google Backup and Sync (2), BlueJeans (1), Mouse and Keyboard Center (1), Morphisec Protector (1), Microsoft (44), PDF-Xchange PRO (1), Plex Media Player (1), Royal TS (1), TreeSize Free (1), TightVNC (1), Zoom Client (2), Zoom Outlook Plugin (1)
Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information  iTunes 12.10.2.3  AI19-007, QAI121023  Fixes 16 Vulnerabilities: CVE-2019-8782, CVE-2019-8783, CVE-2019-8784, CVE- 2019-8801, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE- 2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE- 2019-8821, CVE-2019-8822, CVE-2019-8823  Apple iCloud 7.15.0.10  ICLOUD-022, QICLOUD715010  Fixes 11 Vulnerabilities: CVE-2019-8783, CVE-2019-8784, CVE-2019-8811, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE- 2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823  WinSCP 5.15.5  WINSCP-031, QWINSCP5155  Fixes 2 Vulnerabilities: CVE-2019-17068, CVE-2019-17069
Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Acrobat and Reader  APSB19-49, QADC1902120047, QADC1701130150, QADC1500630504, QARDC1902120047, QARDC1902120047MUI, QARDC1902120047MUI, QARDC1701130150MUI, QARDC1500630504MUI  Fixes 68 Vulnerabilities: CVE-2019-8064, CVE-2019-8160, CVE-2019-8161, CVE- 2019-8162, CVE-2019-8163, CVE-2019-8164, CVE-2019-8165, CVE-2019-8166, CVE- 2019-8167, CVE-2019-8168, CVE-2019-8169, CVE-2019-8170, CVE-2019-8171, CVE- 2019-8172, CVE-2019-8173, CVE-2019-8174, CVE-2019-8175, CVE-2019-8176, CVE- 2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, CVE- 2019-8182, CVE-2019-8183, CVE-2019-8184, CVE-2019-8185, CVE-2019-8186, CVE- 2019-8187, CVE-2019-8188, CVE-2019-8189, CVE-2019-8190, CVE-2019-8191, CVE- 2019-8192, CVE-2019-8193, CVE-2019-8194, CVE-2019-8195, CVE-2019-8196, CVE- 2019-8197, CVE-2019-8198, CVE-2019-8199, CVE-2019-8200, CVE-2019-8201, CVE- 2019-8202, CVE-2019-8203, CVE-2019-8204, CVE-2019-8205, CVE-2019-8206, CVE- 2019-8207, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, CVE-2019-8211, CVE- 2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8216, CVE- 2019-8217, CVE-2019-8218, CVE-2019-8219, CVE-2019-8220, CVE-2019-8221, CVE- 2019-8222, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225, CVE-2019-8226
Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Google Chrome 78.0.3904.87  CHROME-264, QGC780390470  CHROME-265, QGC780390487  Fixes 23 Vulnerabilities: CVE-2019-13720, CVE-2019-13721, CVE-2019-13699, CVE- 2019-13700, CVE-2019-13701, CVE-2019-13702, CVE-2019-13703, CVE-2019-13704, CVE-2019-13705, CVE-2019-13706, CVE-2019-13707, CVE-2019-13708, CVE-2019- 13709, CVE-2019-13710, CVE-2019-13711, CVE-2019-13713, CVE-2019-13714, CVE- 2019-13715, CVE-2019-13716, CVE-2019-13717, CVE-2019-13718, CVE-2019-13719, CVE-2019-15903  Corretto 11.0.5.10.1  CORRETTO11-005, QCORRETTO1105  Fixes 18 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE- 2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019- 2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Amazon Corretto 8 Update 232  CORRETTO8-232, QCORRETTO8232  Fixes 17 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE- 2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE- 2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE- 2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999  Firefox 70.0  FF19-023, QFF700  Fixes 13 Vulnerabilities: CVE-2018-6156, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-11765, CVE-2019-15903, CVE-2019-17000, CVE-2019-17001, CVE-2019-17002  Firefox ESR 68.2.0  FFE19-6820, QFFE6820  Fixes 8 Vulnerabilities: CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE- 2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903
Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Foxit PhantomPDF 9.7.0.29478  FIP-023, QFIP97029478  Fixes 11 Vulnerabilities: CVE-2019-5031, CVE-2019-13123, CVE-2019-13124, CVE-2019-13326, CVE-2019-13327, CVE-2019-13328, CVE-2019-13329, CVE-2019-13330, CVE-2019-13331, CVE-2019-13332, CVE-2019-17183  Foxit PhantomPDF 8.3.12.47136  FIP-025, QFIP831247136  Fixes 15 Vulnerabilities: CVE-2019-5031, CVE-2019-13123, CVE-2019- 13124, CVE-2019-13326, CVE-2019-13327, CVE-2019-13328, CVE-2019- 13329, CVE-2019-13330, CVE-2019-13331, CVE-2019-13332, CVE-2019- 17139, CVE-2019-17140, CVE-2019-17141, CVE-2019-17142, CVE-2019- 17183
Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Java 8 Update 231  JAVA8-231, QJAVA8U231  Fixes 18 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE- 2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019- 2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999, CVE-2019-11068  Java Development Kit 8 Update 231  JDK8-231, QJDK8U231  Fixes 18 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE- 2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019- 2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999, CVE-2019-11068
Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Java Development Kit 11 Update 11.0.5  JDK11-002, QJDK11U1105  Fixes 18 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE- 2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019- 2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999  Thunderbird 68.2.0  TB19-6820, QTB6820  Fixes 9 Vulnerabilities: CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903
Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  VirtualBox 5.2.34  OVB-027, QOVB5234  Fixes 10 Vulnerabilities: CVE-2019-1547, CVE-2019-2926, CVE-2019-2944, CVE-2019-2984, CVE-2019-3002, CVE-2019-3005, CVE-2019-3017, CVE- 2019-3021, CVE-2019-3026, CVE-2019-3028, CVE-2019-3031  VirtualBox 6.0.14  OVB-028, QOVB6014  Fixes 10 Vulnerabilities: CVE-2019-1547, CVE-2019-2926, CVE-2019-2944, CVE-2019-2984, CVE-2019-3002, CVE-2019-3005, CVE-2019-3017, CVE- 2019-3021, CVE-2019-3026, CVE-2019-3028, CVE-2019-3031
Copyright©2019Ivanti.Allrightsreserved
Thank You

Recommended

Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019Ivanti
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019Ivanti
 
November Patch Tuesday Analysis
November Patch Tuesday AnalysisNovember Patch Tuesday Analysis
November Patch Tuesday AnalysisIvanti
 
February Patch Tuesday 2019
February Patch Tuesday 2019February Patch Tuesday 2019
February Patch Tuesday 2019Ivanti
 
Ivanti Patch Tuesday for October 2019
Ivanti Patch Tuesday for October 2019Ivanti Patch Tuesday for October 2019
Ivanti Patch Tuesday for October 2019Ivanti
 
Ivanti Patch Tuesday for December 2019
Ivanti Patch Tuesday for December 2019Ivanti Patch Tuesday for December 2019
Ivanti Patch Tuesday for December 2019Ivanti
 
Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti
 
December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisIvanti
 

Recommended

Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019Ivanti
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019Ivanti
 
November Patch Tuesday Analysis
November Patch Tuesday AnalysisNovember Patch Tuesday Analysis
November Patch Tuesday AnalysisIvanti
 
February Patch Tuesday 2019
February Patch Tuesday 2019February Patch Tuesday 2019
February Patch Tuesday 2019Ivanti
 
Ivanti Patch Tuesday for October 2019
Ivanti Patch Tuesday for October 2019Ivanti Patch Tuesday for October 2019
Ivanti Patch Tuesday for October 2019Ivanti
 
Ivanti Patch Tuesday for December 2019
Ivanti Patch Tuesday for December 2019Ivanti Patch Tuesday for December 2019
Ivanti Patch Tuesday for December 2019Ivanti
 
Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti Patch Tuesday for April 2020
Ivanti Patch Tuesday for April 2020Ivanti
 
December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisIvanti
 
October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018Ivanti
 
There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806Ivanti
 
French Patch Tuesday April 2021
French Patch Tuesday April 2021French Patch Tuesday April 2021
French Patch Tuesday April 2021Ivanti
 
August 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday AnalysisAugust 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday AnalysisIvanti
 
June Patch Tuesday 2018
June Patch Tuesday 2018June Patch Tuesday 2018
June Patch Tuesday 2018Ivanti
 
May 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday AnalysisMay 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday AnalysisIvanti
 
December Patch Tuesday 2020
December Patch Tuesday 2020December Patch Tuesday 2020
December Patch Tuesday 2020Ivanti
 
March 2021 Patch Tuesday
March 2021 Patch TuesdayMarch 2021 Patch Tuesday
March 2021 Patch TuesdayIvanti
 
June Patch Tuesday 2019
June Patch Tuesday 2019June Patch Tuesday 2019
June Patch Tuesday 2019Ivanti
 
May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019Ivanti
 
Fr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slidesFr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slidesIvanti
 
2021 June Patch Tuesday
2021 June Patch Tuesday2021 June Patch Tuesday
2021 June Patch TuesdayIvanti
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices Ivanti
 
Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti
 
2021 November Patch Tuesday
2021 November Patch Tuesday2021 November Patch Tuesday
2021 November Patch TuesdayIvanti
 
January 2021 Patch Tuesday
January 2021 Patch TuesdayJanuary 2021 Patch Tuesday
January 2021 Patch TuesdayIvanti
 
2022 February Patch Tuesday
2022 February Patch Tuesday2022 February Patch Tuesday
2022 February Patch TuesdayIvanti
 
April 2021 Patch Tuesday
April 2021 Patch TuesdayApril 2021 Patch Tuesday
April 2021 Patch TuesdayIvanti
 
December 2021 patch tuesday
December 2021 patch tuesdayDecember 2021 patch tuesday
December 2021 patch tuesdayIvanti
 
December 2017 Patch Tuesday
December 2017 Patch TuesdayDecember 2017 Patch Tuesday
December 2017 Patch TuesdayIvanti
 
September Patch Tuesday- 2020
September Patch Tuesday- 2020September Patch Tuesday- 2020
September Patch Tuesday- 2020Ivanti
 
Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti
 

More Related Content

What's hot

October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018Ivanti
 
There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806Ivanti
 
French Patch Tuesday April 2021
French Patch Tuesday April 2021French Patch Tuesday April 2021
French Patch Tuesday April 2021Ivanti
 
August 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday AnalysisAugust 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday AnalysisIvanti
 
June Patch Tuesday 2018
June Patch Tuesday 2018June Patch Tuesday 2018
June Patch Tuesday 2018Ivanti
 
May 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday AnalysisMay 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday AnalysisIvanti
 
December Patch Tuesday 2020
December Patch Tuesday 2020December Patch Tuesday 2020
December Patch Tuesday 2020Ivanti
 
March 2021 Patch Tuesday
March 2021 Patch TuesdayMarch 2021 Patch Tuesday
March 2021 Patch TuesdayIvanti
 
June Patch Tuesday 2019
June Patch Tuesday 2019June Patch Tuesday 2019
June Patch Tuesday 2019Ivanti
 
May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019Ivanti
 
Fr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slidesFr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slidesIvanti
 
2021 June Patch Tuesday
2021 June Patch Tuesday2021 June Patch Tuesday
2021 June Patch TuesdayIvanti
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices Ivanti
 
Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti
 
2021 November Patch Tuesday
2021 November Patch Tuesday2021 November Patch Tuesday
2021 November Patch TuesdayIvanti
 
January 2021 Patch Tuesday
January 2021 Patch TuesdayJanuary 2021 Patch Tuesday
January 2021 Patch TuesdayIvanti
 
2022 February Patch Tuesday
2022 February Patch Tuesday2022 February Patch Tuesday
2022 February Patch TuesdayIvanti
 
April 2021 Patch Tuesday
April 2021 Patch TuesdayApril 2021 Patch Tuesday
April 2021 Patch TuesdayIvanti
 
December 2021 patch tuesday
December 2021 patch tuesdayDecember 2021 patch tuesday
December 2021 patch tuesdayIvanti
 
December 2017 Patch Tuesday
December 2017 Patch TuesdayDecember 2017 Patch Tuesday
December 2017 Patch TuesdayIvanti
 

What's hot (20)

October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018
 
There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806There's more to third-party patching than SCCM 1806
There's more to third-party patching than SCCM 1806
 
French Patch Tuesday April 2021
French Patch Tuesday April 2021French Patch Tuesday April 2021
French Patch Tuesday April 2021
 
August 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday AnalysisAugust 2019 Patch Tuesday Analysis
August 2019 Patch Tuesday Analysis
 
June Patch Tuesday 2018
June Patch Tuesday 2018June Patch Tuesday 2018
June Patch Tuesday 2018
 
May 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday AnalysisMay 2018 Patch Tuesday Analysis
May 2018 Patch Tuesday Analysis
 
December Patch Tuesday 2020
December Patch Tuesday 2020December Patch Tuesday 2020
December Patch Tuesday 2020
 
March 2021 Patch Tuesday
March 2021 Patch TuesdayMarch 2021 Patch Tuesday
March 2021 Patch Tuesday
 
June Patch Tuesday 2019
June Patch Tuesday 2019June Patch Tuesday 2019
June Patch Tuesday 2019
 
May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019May Patch Tuesday Analysis 2019
May Patch Tuesday Analysis 2019
 
Fr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slidesFr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slides
 
2021 June Patch Tuesday
2021 June Patch Tuesday2021 June Patch Tuesday
2021 June Patch Tuesday
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices
 
Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020
 
2021 November Patch Tuesday
2021 November Patch Tuesday2021 November Patch Tuesday
2021 November Patch Tuesday
 
January 2021 Patch Tuesday
January 2021 Patch TuesdayJanuary 2021 Patch Tuesday
January 2021 Patch Tuesday
 
2022 February Patch Tuesday
2022 February Patch Tuesday2022 February Patch Tuesday
2022 February Patch Tuesday
 
April 2021 Patch Tuesday
April 2021 Patch TuesdayApril 2021 Patch Tuesday
April 2021 Patch Tuesday
 
December 2021 patch tuesday
December 2021 patch tuesdayDecember 2021 patch tuesday
December 2021 patch tuesday
 
December 2017 Patch Tuesday
December 2017 Patch TuesdayDecember 2017 Patch Tuesday
December 2017 Patch Tuesday
 

Similar to Patch Tuesday Webinar Highlights

September Patch Tuesday- 2020
September Patch Tuesday- 2020September Patch Tuesday- 2020
September Patch Tuesday- 2020Ivanti
 
Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti
 
Patch Tuesday August 2020
Patch Tuesday August 2020 Patch Tuesday August 2020
Patch Tuesday August 2020 Ivanti
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020Ivanti
 
April 2019 Patch Tuesday
April 2019 Patch TuesdayApril 2019 Patch Tuesday
April 2019 Patch TuesdayIvanti
 
Ivanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti
 
September 2019 Patch Tuesday
September 2019 Patch TuesdaySeptember 2019 Patch Tuesday
September 2019 Patch TuesdayIvanti
 
Patch Tuesday November - 2020
Patch Tuesday November - 2020Patch Tuesday November - 2020
Patch Tuesday November - 2020Ivanti
 
November Patch Tuesday 2020
November Patch Tuesday 2020 November Patch Tuesday 2020
November Patch Tuesday 2020 Ivanti
 
March 2019 Patch Tuesday Analysis
March 2019 Patch Tuesday AnalysisMarch 2019 Patch Tuesday Analysis
March 2019 Patch Tuesday AnalysisIvanti
 
May 2021 Patch Tuesday
May 2021 Patch TuesdayMay 2021 Patch Tuesday
May 2021 Patch TuesdayIvanti
 
2021 September Patch Tuesday
2021 September Patch Tuesday2021 September Patch Tuesday
2021 September Patch TuesdayIvanti
 
August Patch Tuesday Analysis
August Patch Tuesday AnalysisAugust Patch Tuesday Analysis
August Patch Tuesday AnalysisIvanti
 
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020Ivanti
 
March 2018 Patch Tuesday Ivanti
March 2018 Patch Tuesday IvantiMarch 2018 Patch Tuesday Ivanti
March 2018 Patch Tuesday IvantiIvanti
 
October 2017 Ivanti Patch Tuesday Analysis
October 2017 Ivanti Patch Tuesday AnalysisOctober 2017 Ivanti Patch Tuesday Analysis
October 2017 Ivanti Patch Tuesday AnalysisIvanti
 
2021 August Patch Tuesday
2021 August Patch Tuesday2021 August Patch Tuesday
2021 August Patch TuesdayIvanti
 
2022 May Patch Tuesday
2022 May Patch Tuesday2022 May Patch Tuesday
2022 May Patch TuesdayIvanti
 
January Patch Tuesday Webinar 2018
January Patch Tuesday Webinar 2018January Patch Tuesday Webinar 2018
January Patch Tuesday Webinar 2018Ivanti
 
2022 FR Patch Tuesday.pptx
2022 FR Patch Tuesday.pptx2022 FR Patch Tuesday.pptx
2022 FR Patch Tuesday.pptxIvanti
 

Similar to Patch Tuesday Webinar Highlights (20)

September Patch Tuesday- 2020
September Patch Tuesday- 2020September Patch Tuesday- 2020
September Patch Tuesday- 2020
 
Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020
 
Patch Tuesday August 2020
Patch Tuesday August 2020 Patch Tuesday August 2020
Patch Tuesday August 2020
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020
 
April 2019 Patch Tuesday
April 2019 Patch TuesdayApril 2019 Patch Tuesday
April 2019 Patch Tuesday
 
Ivanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti May 2020 Patch Tuesday
Ivanti May 2020 Patch Tuesday
 
September 2019 Patch Tuesday
September 2019 Patch TuesdaySeptember 2019 Patch Tuesday
September 2019 Patch Tuesday
 
Patch Tuesday November - 2020
Patch Tuesday November - 2020Patch Tuesday November - 2020
Patch Tuesday November - 2020
 
November Patch Tuesday 2020
November Patch Tuesday 2020 November Patch Tuesday 2020
November Patch Tuesday 2020
 
March 2019 Patch Tuesday Analysis
March 2019 Patch Tuesday AnalysisMarch 2019 Patch Tuesday Analysis
March 2019 Patch Tuesday Analysis
 
May 2021 Patch Tuesday
May 2021 Patch TuesdayMay 2021 Patch Tuesday
May 2021 Patch Tuesday
 
2021 September Patch Tuesday
2021 September Patch Tuesday2021 September Patch Tuesday
2021 September Patch Tuesday
 
August Patch Tuesday Analysis
August Patch Tuesday AnalysisAugust Patch Tuesday Analysis
August Patch Tuesday Analysis
 
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020
 
March 2018 Patch Tuesday Ivanti
March 2018 Patch Tuesday IvantiMarch 2018 Patch Tuesday Ivanti
March 2018 Patch Tuesday Ivanti
 
October 2017 Ivanti Patch Tuesday Analysis
October 2017 Ivanti Patch Tuesday AnalysisOctober 2017 Ivanti Patch Tuesday Analysis
October 2017 Ivanti Patch Tuesday Analysis
 
2021 August Patch Tuesday
2021 August Patch Tuesday2021 August Patch Tuesday
2021 August Patch Tuesday
 
2022 May Patch Tuesday
2022 May Patch Tuesday2022 May Patch Tuesday
2022 May Patch Tuesday
 
January Patch Tuesday Webinar 2018
January Patch Tuesday Webinar 2018January Patch Tuesday Webinar 2018
January Patch Tuesday Webinar 2018
 
2022 FR Patch Tuesday.pptx
2022 FR Patch Tuesday.pptx2022 FR Patch Tuesday.pptx
2022 FR Patch Tuesday.pptx
 

More from Ivanti

2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Patch Tuesday de Abril
Patch Tuesday de AbrilPatch Tuesday de Abril
Patch Tuesday de AbrilIvanti
 
Français Patch Tuesday - Avril
Français Patch Tuesday - AvrilFrançais Patch Tuesday - Avril
Français Patch Tuesday - AvrilIvanti
 
Patch Tuesday Italia Aprile
Patch Tuesday Italia AprilePatch Tuesday Italia Aprile
Patch Tuesday Italia AprileIvanti
 
Français Patch Tuesday - Mars
Français Patch Tuesday - MarsFrançais Patch Tuesday - Mars
Français Patch Tuesday - MarsIvanti
 
Patch Tuesday de Marzo
Patch Tuesday de MarzoPatch Tuesday de Marzo
Patch Tuesday de MarzoIvanti
 
Patch Tuesday Italia Marzo
Patch Tuesday Italia MarzoPatch Tuesday Italia Marzo
Patch Tuesday Italia MarzoIvanti
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch TuesdayIvanti
 
Patch Tuesday de Febrero
Patch Tuesday de FebreroPatch Tuesday de Febrero
Patch Tuesday de FebreroIvanti
 
2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - FévrierIvanti
 
Patch Tuesday Italia Febbraio
Patch Tuesday Italia FebbraioPatch Tuesday Italia Febbraio
Patch Tuesday Italia FebbraioIvanti
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch TuesdayIvanti
 
2024 Enero Patch Tuesday
2024 Enero Patch Tuesday2024 Enero Patch Tuesday
2024 Enero Patch TuesdayIvanti
 
2024 Janvier Patch Tuesday
2024 Janvier Patch Tuesday2024 Janvier Patch Tuesday
2024 Janvier Patch TuesdayIvanti
 
2024 Gennaio Patch Tuesday
2024 Gennaio Patch Tuesday2024 Gennaio Patch Tuesday
2024 Gennaio Patch TuesdayIvanti
 
Patch Tuesday de Enero
Patch Tuesday de EneroPatch Tuesday de Enero
Patch Tuesday de EneroIvanti
 
Français Patch Tuesday – Janvier
Français Patch Tuesday – JanvierFrançais Patch Tuesday – Janvier
Français Patch Tuesday – JanvierIvanti
 
2024 January Patch Tuesday
2024 January Patch Tuesday2024 January Patch Tuesday
2024 January Patch TuesdayIvanti
 
Patch Tuesday de Diciembre
Patch Tuesday de DiciembrePatch Tuesday de Diciembre
Patch Tuesday de DiciembreIvanti
 
Français Patch Tuesday – Décembre
Français Patch Tuesday – DécembreFrançais Patch Tuesday – Décembre
Français Patch Tuesday – DécembreIvanti
 

More from Ivanti (20)

2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Patch Tuesday de Abril
Patch Tuesday de AbrilPatch Tuesday de Abril
Patch Tuesday de Abril
 
Français Patch Tuesday - Avril
Français Patch Tuesday - AvrilFrançais Patch Tuesday - Avril
Français Patch Tuesday - Avril
 
Patch Tuesday Italia Aprile
Patch Tuesday Italia AprilePatch Tuesday Italia Aprile
Patch Tuesday Italia Aprile
 
Français Patch Tuesday - Mars
Français Patch Tuesday - MarsFrançais Patch Tuesday - Mars
Français Patch Tuesday - Mars
 
Patch Tuesday de Marzo
Patch Tuesday de MarzoPatch Tuesday de Marzo
Patch Tuesday de Marzo
 
Patch Tuesday Italia Marzo
Patch Tuesday Italia MarzoPatch Tuesday Italia Marzo
Patch Tuesday Italia Marzo
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
 
Patch Tuesday de Febrero
Patch Tuesday de FebreroPatch Tuesday de Febrero
Patch Tuesday de Febrero
 
2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février
 
Patch Tuesday Italia Febbraio
Patch Tuesday Italia FebbraioPatch Tuesday Italia Febbraio
Patch Tuesday Italia Febbraio
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch Tuesday
 
2024 Enero Patch Tuesday
2024 Enero Patch Tuesday2024 Enero Patch Tuesday
2024 Enero Patch Tuesday
 
2024 Janvier Patch Tuesday
2024 Janvier Patch Tuesday2024 Janvier Patch Tuesday
2024 Janvier Patch Tuesday
 
2024 Gennaio Patch Tuesday
2024 Gennaio Patch Tuesday2024 Gennaio Patch Tuesday
2024 Gennaio Patch Tuesday
 
Patch Tuesday de Enero
Patch Tuesday de EneroPatch Tuesday de Enero
Patch Tuesday de Enero
 
Français Patch Tuesday – Janvier
Français Patch Tuesday – JanvierFrançais Patch Tuesday – Janvier
Français Patch Tuesday – Janvier
 
2024 January Patch Tuesday
2024 January Patch Tuesday2024 January Patch Tuesday
2024 January Patch Tuesday
 
Patch Tuesday de Diciembre
Patch Tuesday de DiciembrePatch Tuesday de Diciembre
Patch Tuesday de Diciembre
 
Français Patch Tuesday – Décembre
Français Patch Tuesday – DécembreFrançais Patch Tuesday – Décembre
Français Patch Tuesday – Décembre
 

Recently uploaded

Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 

Recently uploaded (20)

Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 

Patch Tuesday Webinar Highlights

  • 1. Patch Tuesday Webinar Wednesday, November 13, 2019 Hosted by: Chris Goettl & Todd Schell Dial in: 1-877-668-4490 (US) Event ID: 808 925 120
  • 2. Copyright©2019Ivanti.Allrightsreserved Agenda November 2019 Patch Tuesday Overview In the News Bulletins Q & A 1 2 3 4
  • 6. Copyright©2019Ivanti.Allrightsreserved In The News . . .  BlueKeep Update  https://www.microsoft.com/security/blog/2019/11/07/the-new-cve-2019-0708- rdp-exploit-attacks-explained/  https://www.zdnet.com/article/bluekeep-exploit-to-get-a-fix-for-its-bsod- problem/  https://healthitsecurity.com/news/microsoft-warns-bluekeep-rdp-flaw-attacks- will-increase-urges-patch  https://securityboulevard.com/2019/11/bluekeep-panic-as-rce-rdp-exploit- floods-the-net/  ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)  https://portal.msrc.microsoft.com/en-US/security- guidance/advisory/ADV190024
  • 7. Copyright©2019Ivanti.Allrightsreserved In The News . . .  The November 2019 Update  https://support.microsoft.com/en-us/help/4529964/windows-10-update-history  https://support.microsoft.com/en-us/help/4517245/feature-update-via- windows-10-version-1909-enablement-package  End of Life is coming! Two more Patch Tuesdays until Windows 7 and Server 20082008 R2 EoL  https://www.bleepingcomputer.com/news/microsoft/new-update-lets-windows- users-test-extended-security-updates/  https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/How-to-get- Extended-Security-Updates-for-eligible-Windows/ba-p/917807  https://forums.ivanti.com/s/article/Custom-Patch-Support-for-Microsoft-s- Windows-7-and-Server-2008-2008-R2-Extended-Support
  • 8. Copyright©2019Ivanti.Allrightsreserved In The News . . .  Intel  Intel Processor Machine Check Error vulnerability (CVE-2018-12207)  CVE - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2018-12207  Guidance - https://support.microsoft.com/en-us/help/4530989/guidance-for- protecting-against-intel-processor-machine-check-error-vu  Intel Transactional Synchronization Extensions (Intel TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135)  CVE - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE- 2019-11135  Client Guidance – https://support.microsoft.com/en-us/help/4073119/protect-against- speculative-execution-side-channel-vulnerabilities-in  Server Guidance – https://support.microsoft.com/en-us/help/4072698/windows- server-speculative-execution-side-channel-vulnerabilities-prot
  • 9. Copyright©2019Ivanti.Allrightsreserved Zero-day Exploited Vulnerabilities  CVE-2019-1429 Scripting Engine Memory Corruption Vulnerability  A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.  The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.
  • 10. Copyright©2019Ivanti.Allrightsreserved Publicly Disclosed Vulnerabilities  CVE-2019-1457 Microsoft Office Excel Security Feature Bypass  A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an Excel worksheet that specifies a macro should be run. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Office software. The security update addresses the vulnerability by enforcing macro settings on Excel documents.
  • 11. Copyright©2019Ivanti.Allrightsreserved Windows 10 Lifecycle Awareness  Windows 10 Branch Support Source: Microsoft
  • 12. Copyright©2019Ivanti.Allrightsreserved Windows 10 Lifecycle Awareness (cont)  Enterprise LTSB/LTSC Support  Complete Lifecycle Fact Sheet  https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet Source: Microsoft
  • 13. Copyright©2019Ivanti.Allrightsreserved Microsoft Patch Tuesday Updates of Interest  Advisory 990001 Latest Servicing Stack Updates  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV990001  SSUs for all supported operating systems  Development Tool and Component Updates  Azure Stack  CharkaCore  Open Enclave SDK  Visual Studio 2017 and 2019  Visual Studio Code Source: Microsoft
  • 14. Copyright©2019Ivanti.Allrightsreserved Weekly Patch BLOG  Latest Patch Releases  Microsoft and Third-party  Security and non-Security  CVE Analysis  Security Events of Interest  Host: Brian Secrist  https://www.ivanti.com/blog/ topics/patch-tuesday
  • 15. Copyright©2019Ivanti.Allrightsreserved Patch Content Announcement System Announcements Now Posted on Community Forum Pages  https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2  Subscribe to receive email for the desired product(s)
  • 17. Copyright©2019Ivanti.Allrightsreserved MS19-11-W10: Windows 10 Update  Maximum Severity: Critical  Affected Products: Microsoft Windows 10 Versions 1607, 1703, 1709, 1803, 1809, 1903, Server 2016, Server 2019, Server 1709, Server 1803, IE 11 and Microsoft Edge  Description: This bulletin references 16 KB articles. See KBs for the list of changes.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege and Information Disclosure  Fixes 58 Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See Details column of Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: See next slides
  • 18. Copyright©2019Ivanti.Allrightsreserved November Known Issues for Windows 10  KB 4525232 – Windows 10  [File Rename] Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Workaround: Perform the operation from a process that has administrator privilege or perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution.  KB 4525236 – Windows 10, Version 1607 and Server 2016  [Min Password] After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters. Workaround: Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution.  [File Rename]
  • 19. Copyright©2019Ivanti.Allrightsreserved November Known Issues for Windows 10 (cont)  KB 4525241 – Windows 10, Version 1709  [File Rename]  [User OOBE] When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages. Workaround: Set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. See this KB for more details. Microsoft is working on a resolution.  KB 4525237 – Windows 10, Version 1803  [File Rename]  [User OOBE]
  • 20. Copyright©2019Ivanti.Allrightsreserved November Known Issues for Windows 10 (cont)  KB 4523205 – Windows 10, Version 1809, Server 2019 All Versions  [Asian Packs] After installing KB 4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.“ Workaround: Uninstall and reinstall any recently added language packs or select Check for Updates and install the April 2019 Cumulative Update. See KB for more recovery details. Microsoft is working on a resolution.  [File Rename]  [User OOBE]  KB 4524570 – Windows 10, Version 1903  [User OOBE]
  • 21. Copyright©2019Ivanti.Allrightsreserved MS19-11-IE: Security Updates for Internet Explorer  Maximum Severity: Critical  Affected Products: Microsoft Internet Explorer 9,10,11  Description: The fixes that are included in the cumulative Security Update for Internet Explorer are also included in the November 2019 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are in the cumulative update. This bulletin references 11 KB articles.  Impact: Remote Code Execution  Fixes 2 Vulnerabilities: CVE-2019-1390, CVE-2019-1429  Restart Required: Requires browser restart  Known Issues: None reported
  • 22. Copyright©2019Ivanti.Allrightsreserved MS19-11-MR2K8: Monthly Rollup for Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008 and IE 9  Description: This security update includes improvements and fixes that were a part of update KB 4520015 (released October 15, 2019). Bulletin is based on KB 4525234.  Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 31 + 2 (IE 9) Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: None reported
  • 23. Copyright©2019Ivanti.Allrightsreserved MS19-11-SO2K8: Security-only Update for Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008  Description: This bulletin is based on KB 4525239.  Security updates to Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 31 Vulnerabilities: No reported exploited or publicly disclosed vulnerabilities. See Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: None reported
  • 24. Copyright©2019Ivanti.Allrightsreserved MS19-11-MR7: Monthly Rollup for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7, Server 2008 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 4519972 (released October 15, 2019). Bulletin is based on KB 4525235.  Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 35 + 2 IE Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: None reported.
  • 25. Copyright©2019Ivanti.Allrightsreserved MS19-11-SO7: Security-only Update for Win 7 and Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7 SP1, Server 2008 R2 SP1  Description: Bulletin is based on KB 4525233.  Security updates to Microsoft Scripting Engine, Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 35 Vulnerabilities: No reported exploited or publicly disclosed vulnerabilities. See Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: None reported
  • 26. Copyright©2019Ivanti.Allrightsreserved MS19-11-MR8: Monthly Rollup for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012 and IE  Description: This security update includes improvements and fixes that were a part of update KB 4520013 (released October 15, 2019). Bulletin is based on KB 4525246.  Security updates to Microsoft Graphics Component, Internet Explorer, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 37 + 2 IE Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  • 27. Copyright©2019Ivanti.Allrightsreserved MS19-11-SO8: Security-only Update for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Server 2012  Description: Bulletin is based on KB 4525253.  Security updates to Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 37 Vulnerabilities: No reported exploited or publicly disclosed vulnerabilities. See Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  • 28. Copyright©2019Ivanti.Allrightsreserved MS19-11-MR81: Monthly Rollup for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 4520012 (released October 15, 2019). Bulletin is based on KB 4525243.  Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 37 + 2 IE Vulnerabilities: CVE-2019-1429 is known exploited. No CVEs are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  • 29. Copyright©2019Ivanti.Allrightsreserved MS19-11-SO81: Security-only Update for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2  Description: Bulletin is based on KB 4525250.  Security updates to Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.  Protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135).  Protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207).  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of Privilege, and Information Disclosure  Fixes 37 Vulnerabilities: No reported exploited or publicly disclosed vulnerabilities. See Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  • 30. Copyright©2019Ivanti.Allrightsreserved MS19-11-EXCH: Security Updates for Exchange Server  Maximum Severity: Critical  Affected Products: Microsoft Exchange Server 2013, 2016 and 2019  Description: This security update fixes a vulnerability in Microsoft Exchange Server which allows the deserialization of metadata via PowerShell. This bulletin is based on KB 4523171.  Impact: Remote Code Execution  Fixes 1 Vulnerability: CVE-2019-1373  Restart Required: Requires restart  Known Issues: Must install update with administrator privileges
  • 31. Copyright©2019Ivanti.Allrightsreserved MS19-11-OFF: Security Updates for Microsoft Office  Maximum Severity: Important  Affected Products: Excel 2010-2016, Excel 2016 for Mac, Office 2010-2016, Office 2016 and 2019 for Mac  Description: This security update resolves vulnerabilities in several Microsoft Office applications. This bulletin references 10 KB articles plus release notes for MacOS.  Impact: Remote Code Execution, Security Feature Bypass, and Information Disclosure  Fixes 4 Vulnerabilities: CVE-2019-1402, CVE-2019-1446, CVE-2019-1448, CVE- 2019-1457  Restart Required: Requires application restart  Known Issues: None reported
  • 32. Copyright©2019Ivanti.Allrightsreserved MS19-11-O365: Security Updates for Office 365 ProPlus and Office 2019  Maximum Severity: Important  Affected Products: Office 365 ProPlus, Office 2019  Description: This month’s update resolved various bugs and performance issues in Microsoft Office 365 and Office 2019 applications. Information on Office 365 ProPlus updates is available at https://docs.microsoft.com/en-us/officeupdates/release-notes- office365-proplus  Impact: Remote Code Execution, Security Feature Bypass, and Information Disclosure  Fixes 4 Vulnerabilities: CVE-2019-1402, CVE-2019-1446, CVE-2019-1448, CVE- 2019-1449  Restart Required: Requires application restart  Known Issues: None reported
  • 33. Copyright©2019Ivanti.Allrightsreserved MS19-11-SPT: Security Updates for SharePoint Server  Maximum Severity: Important  Affected Products: Microsoft Enterprise SharePoint Server 2010-2019  Description: This security update resolves a security feature bypass vulnerability that exists if Microsoft Office does not validate URLs; an information disclosure vulnerability that exists in Microsoft SharePoint if an attacker uploads a specially crafted file; and an information disclosure vulnerability that exists if Microsoft Excel incorrectly discloses the contents of its memory. This bulletin is based on 6 KB articles.  Impact: Security Feature Bypass and Information Disclosure  Fixes 3 Vulnerabilities: CVE-2019-1442, CVE-2019-1443, CVE-2019-1446  Restart Required: Requires Restart  Known Issues: None reported
  • 34. Copyright©2019Ivanti.Allrightsreserved Between Patch Tuesday’s New Product Support: CrowdStrike Falcon Sensor, Morphisec Protector Security Updates: Adobe (6), Apple (3), CCleaner (1), Amazon Corretto (2), DropBox (3), FireFox (5), Foxit (2), GIMP (1), Google Chrome (4), GOM Player (1), GoodSync (2), GoToMeeting (4), LibreOffice (2), Microsoft (2), Nitro Pro (2), Node.JS (6), Oracle (3), Notepad++ (2), Opera (5), Plex (3), PowerBI (3), Skype (1), Slack (2), Snagit (2), Splunk Forwarder (1), Tableau (11), Thunderbird (4), Tomcat (2), ToroiseGit (1), TortoiseSVN (1), TeamViewer (4), VMware Tools (1), VMware Workstation (1), WinSCP (1), Wireshark (2) Non-Security Updates: AIMP (2), Azure Information Protection (1), Box Edit (1), Beyond Compare (3), CrowdStrike (1), Google Drive (1), GoTo Opener (1), Google Backup and Sync (2), BlueJeans (1), Mouse and Keyboard Center (1), Morphisec Protector (1), Microsoft (44), PDF-Xchange PRO (1), Plex Media Player (1), Royal TS (1), TreeSize Free (1), TightVNC (1), Zoom Client (2), Zoom Outlook Plugin (1)
  • 35. Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information  iTunes 12.10.2.3  AI19-007, QAI121023  Fixes 16 Vulnerabilities: CVE-2019-8782, CVE-2019-8783, CVE-2019-8784, CVE- 2019-8801, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE- 2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE- 2019-8821, CVE-2019-8822, CVE-2019-8823  Apple iCloud 7.15.0.10  ICLOUD-022, QICLOUD715010  Fixes 11 Vulnerabilities: CVE-2019-8783, CVE-2019-8784, CVE-2019-8811, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE- 2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823  WinSCP 5.15.5  WINSCP-031, QWINSCP5155  Fixes 2 Vulnerabilities: CVE-2019-17068, CVE-2019-17069
  • 36. Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Acrobat and Reader  APSB19-49, QADC1902120047, QADC1701130150, QADC1500630504, QARDC1902120047, QARDC1902120047MUI, QARDC1902120047MUI, QARDC1701130150MUI, QARDC1500630504MUI  Fixes 68 Vulnerabilities: CVE-2019-8064, CVE-2019-8160, CVE-2019-8161, CVE- 2019-8162, CVE-2019-8163, CVE-2019-8164, CVE-2019-8165, CVE-2019-8166, CVE- 2019-8167, CVE-2019-8168, CVE-2019-8169, CVE-2019-8170, CVE-2019-8171, CVE- 2019-8172, CVE-2019-8173, CVE-2019-8174, CVE-2019-8175, CVE-2019-8176, CVE- 2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, CVE- 2019-8182, CVE-2019-8183, CVE-2019-8184, CVE-2019-8185, CVE-2019-8186, CVE- 2019-8187, CVE-2019-8188, CVE-2019-8189, CVE-2019-8190, CVE-2019-8191, CVE- 2019-8192, CVE-2019-8193, CVE-2019-8194, CVE-2019-8195, CVE-2019-8196, CVE- 2019-8197, CVE-2019-8198, CVE-2019-8199, CVE-2019-8200, CVE-2019-8201, CVE- 2019-8202, CVE-2019-8203, CVE-2019-8204, CVE-2019-8205, CVE-2019-8206, CVE- 2019-8207, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, CVE-2019-8211, CVE- 2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8216, CVE- 2019-8217, CVE-2019-8218, CVE-2019-8219, CVE-2019-8220, CVE-2019-8221, CVE- 2019-8222, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225, CVE-2019-8226
  • 37. Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Google Chrome 78.0.3904.87  CHROME-264, QGC780390470  CHROME-265, QGC780390487  Fixes 23 Vulnerabilities: CVE-2019-13720, CVE-2019-13721, CVE-2019-13699, CVE- 2019-13700, CVE-2019-13701, CVE-2019-13702, CVE-2019-13703, CVE-2019-13704, CVE-2019-13705, CVE-2019-13706, CVE-2019-13707, CVE-2019-13708, CVE-2019- 13709, CVE-2019-13710, CVE-2019-13711, CVE-2019-13713, CVE-2019-13714, CVE- 2019-13715, CVE-2019-13716, CVE-2019-13717, CVE-2019-13718, CVE-2019-13719, CVE-2019-15903  Corretto 11.0.5.10.1  CORRETTO11-005, QCORRETTO1105  Fixes 18 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE- 2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019- 2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999
  • 38. Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Amazon Corretto 8 Update 232  CORRETTO8-232, QCORRETTO8232  Fixes 17 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE- 2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE- 2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE- 2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999  Firefox 70.0  FF19-023, QFF700  Fixes 13 Vulnerabilities: CVE-2018-6156, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-11765, CVE-2019-15903, CVE-2019-17000, CVE-2019-17001, CVE-2019-17002  Firefox ESR 68.2.0  FFE19-6820, QFFE6820  Fixes 8 Vulnerabilities: CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE- 2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903
  • 39. Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Foxit PhantomPDF 9.7.0.29478  FIP-023, QFIP97029478  Fixes 11 Vulnerabilities: CVE-2019-5031, CVE-2019-13123, CVE-2019-13124, CVE-2019-13326, CVE-2019-13327, CVE-2019-13328, CVE-2019-13329, CVE-2019-13330, CVE-2019-13331, CVE-2019-13332, CVE-2019-17183  Foxit PhantomPDF 8.3.12.47136  FIP-025, QFIP831247136  Fixes 15 Vulnerabilities: CVE-2019-5031, CVE-2019-13123, CVE-2019- 13124, CVE-2019-13326, CVE-2019-13327, CVE-2019-13328, CVE-2019- 13329, CVE-2019-13330, CVE-2019-13331, CVE-2019-13332, CVE-2019- 17139, CVE-2019-17140, CVE-2019-17141, CVE-2019-17142, CVE-2019- 17183
  • 40. Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Java 8 Update 231  JAVA8-231, QJAVA8U231  Fixes 18 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE- 2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019- 2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999, CVE-2019-11068  Java Development Kit 8 Update 231  JDK8-231, QJDK8U231  Fixes 18 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE- 2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019- 2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999, CVE-2019-11068
  • 41. Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  Java Development Kit 11 Update 11.0.5  JDK11-002, QJDK11U1105  Fixes 18 Vulnerabilities: CVE-2019-2894, CVE-2019-2933, CVE-2019-2945, CVE-2019-2949, CVE-2019-2958, CVE-2019-2962, CVE-2019-2964, CVE- 2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019- 2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999  Thunderbird 68.2.0  TB19-6820, QTB6820  Fixes 9 Vulnerabilities: CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903
  • 42. Copyright©2019Ivanti.Allrightsreserved Third Party CVE Information (cont)  VirtualBox 5.2.34  OVB-027, QOVB5234  Fixes 10 Vulnerabilities: CVE-2019-1547, CVE-2019-2926, CVE-2019-2944, CVE-2019-2984, CVE-2019-3002, CVE-2019-3005, CVE-2019-3017, CVE- 2019-3021, CVE-2019-3026, CVE-2019-3028, CVE-2019-3031  VirtualBox 6.0.14  OVB-028, QOVB6014  Fixes 10 Vulnerabilities: CVE-2019-1547, CVE-2019-2926, CVE-2019-2944, CVE-2019-2984, CVE-2019-3002, CVE-2019-3005, CVE-2019-3017, CVE- 2019-3021, CVE-2019-3026, CVE-2019-3028, CVE-2019-3031