Below are key resources documenting this recent monthly Microsoft Patch Tuesday release

https://isc.sans.edu/forums/diary/Microsoft+October+2019+Patch+Tuesday/25396/

https://blog.talosintelligence.com/2019/10/microsoft-patch-tuesday-oct-2019.html

https://www.thezdi.com/blog/2019/10/8/the-october-security-update-review

https://patchtuesdaydashboard.com/

https://portal.msrc.microsoft.com/en-us/security-guidance/summary

QUOTE from TALOSMicrosoft disclosed nine critical vulnerabilities this month, eight of which we will highlight below.

CVE-2019-1333 is a client-side remote execution vulnerability in Remote Desktop Services (RDP) that occurs when a user visits a malicious server.

CVE-2019-1238 and CVE-2019-1239 are remote code execution vulnerabilities that exist in the way VBScript handles objects in memory. An attacker could exploit these vulnerabilities by tricking a user into visiting a specially crafted, malicious website through Internet Explorer.

CVE-2019-1307CVE-2019-1308CVE-2019-1335 and CVE-2019-1366 are all memory corruption vulnerabilities in the Chakra Scripting Engine inside of the Microsoft Edge web browser.

CVE-2019-1372 is an elevation of privilege vulnerability on Azure Stack when the Azure App Service fails to properly check the length of a buffer prior to copying memory to it.

There is also CVE-2019-1060, a remote code execution vulnerability in  Microsoft XML Core Services.