Patching in Review – Week 38 of 2019

In last week’s blog post we covered a litany of issues plaguing September Patch Tuesday’s Windows 10 1903 (KB4515384) patch. It appears more issues are coming out in the week after Patch Tuesday. Bleeping Computer has reported on two additional issues (one that applies to all versions!):

1. Machines with certain Intel Centrino and Broadcom adapters have been rendered unusable on Windows 10 1903. While Microsoft reports this issue with a workaround, there is no current known resolution.
2. Systems that use Chinese IME have been experiencing scenarios where the system becomes unresponsive due to high CPU usage. All versions of Windows 10 are affected according to Microsoft so keep an eye out for a fix sooner than later.

Security Releases

Google Chrome released version 77.0.3865.90 this week with a total of four CVEs, including another rare “Critical” vulnerability for the month. CVE-2019-13685 details a use-after-free UI vulnerability where a specially crafted website could lead to code execution outside of the context of the browser.

Third-Party Updates

Of course, other vendors have been releasing updates for their respective software. While these updates might not have identified vulnerabilities, they still have helpful stability fixes as well as potential undisclosed security fixes: