This month we got patches for 87 vulnerabilities. Of these, 12 are critical, 6 were previously disclosed and none of them are being exploited according to Microsoft.
Amongst critical vulnerabilities, there is a CVSSv3 9.8 remote code execution in Windows TCP/IP stack (CVE-2020-16898) due to the way it improperly handles ICMPv6 Router Advertisement packets. To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows host (client or server). Several Windows 10 versions, Windows Server (core installation), and Windows Server 2019 are affected by this vulnerability. There is a workaround for Windows 1709 and above that consists in disabling ICMPV6 RDNSS. For more details, check the vulnerability advisory at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898
There is also a remote code execution in Windows Graphics Device Interface (GDI+) (CVE-2020-16911). An attacker could exploit this vulnerability by convincing users to view a specially crafted website or sending them an e-mail attachment with a malicious attachment. The CVSS v3 score for this vulnerability is 8.8.
A third vulnerability worth mentioning is an elevation of privilege affecting Windows Hyper-V (CVE-2020-1080). If successfully exploited, this vulnerability could give an attacker elevated privileges on the target system. The CVSSv3 for this vulnerability is 8.8 as well.
See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| .NET Framework Information Disclosure Vulnerability | |||||||
| %%cve:2020-16937%% | Yes | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
| Azure Functions Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16904%% | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
| Base3D Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16918%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-17003%% | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| Dynamics 365 Commerce Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16943%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
| GDI+ Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16911%% | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.9 |
| Group Policy Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16939%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Jet Database Engine Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16924%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Media Foundation Memory Corruption Vulnerability | |||||||
| %%cve:2020-16915%% | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | |||||||
| %%cve:2020-16956%% | No | No | Less Likely | Less Likely | Important | 5.4 | 4.9 |
| %%cve:2020-16978%% | No | No | Less Likely | Less Likely | Important | 5.4 | 4.9 |
| Microsoft Excel Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16929%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16930%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16931%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16932%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Microsoft Exchange Information Disclosure Vulnerability | |||||||
| %%cve:2020-16969%% | No | No | Less Likely | Less Likely | Important | 7.1 | 6.4 |
| Microsoft Graphics Components Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16923%% | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| %%cve:2020-1167%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16957%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Microsoft Office Click-to-Run Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16928%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16934%% | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
| %%cve:2020-16955%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Microsoft Office Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16954%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Microsoft Office SharePoint XSS Vulnerability | |||||||
| %%cve:2020-16945%% | No | No | Less Likely | Less Likely | Important | 8.7 | 7.8 |
| %%cve:2020-16946%% | No | No | Less Likely | Less Likely | Important | 8.7 | 7.8 |
| Microsoft Outlook Denial of Service Vulnerability | |||||||
| %%cve:2020-16949%% | No | No | Less Likely | Less Likely | Moderate | 4.7 | 4.2 |
| Microsoft Outlook Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16947%% | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.3 |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||||
| %%cve:2020-16941%% | No | No | Less Likely | Less Likely | Important | 4.1 | 3.7 |
| %%cve:2020-16942%% | No | No | Less Likely | Less Likely | Important | 4.1 | 3.7 |
| %%cve:2020-16948%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
| %%cve:2020-16953%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
| %%cve:2020-16950%% | No | No | Less Likely | Less Likely | Important | 5.0 | 4.5 |
| Microsoft SharePoint Reflective XSS Vulnerability | |||||||
| %%cve:2020-16944%% | No | No | Less Likely | Less Likely | Important | 8.7 | 7.8 |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16951%% | No | No | Less Likely | Less Likely | Critical | 8.6 | 7.7 |
| %%cve:2020-16952%% | No | No | Less Likely | Less Likely | Critical | 8.6 | 7.7 |
| Microsoft Word Security Feature Bypass Vulnerability | |||||||
| %%cve:2020-16933%% | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
| NetBT Information Disclosure Vulnerability | |||||||
| %%cve:2020-16897%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Network Watcher Agent Virtual Machine Extension for Linux Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16995%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| October 2020 Adobe Flash Security Update | |||||||
| ADV200012 | No | No | Less Likely | Less Likely | Critical | ||
| PowerShellGet Module WDAC Security Feature Bypass Vulnerability | |||||||
| %%cve:2020-16886%% | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
| Visual Studio Code Python Extension Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16977%% | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
| Win32k Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16907%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16913%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows – User Profile Service Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16940%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Application Compatibility Client Library Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16876%% | No | No | Less Likely | Less Likely | Important | 7.1 | 6.4 |
| %%cve:2020-16920%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Backup Service Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16976%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16912%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16936%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16972%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16973%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16974%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16975%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows COM Server Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16935%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-16916%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Camera Codec Pack Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16967%% | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| %%cve:2020-16968%% | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| Windows Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16877%% | No | No | Less Likely | Less Likely | Important | 7.1 | 6.4 |
| Windows Enterprise App Management Service Information Disclosure Vulnerability | |||||||
| %%cve:2020-16919%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Windows Error Reporting Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16905%% | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
| %%cve:2020-16909%% | Yes | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Error Reporting Manager Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16895%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Event System Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16900%% | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
| Windows GDI+ Information Disclosure Vulnerability | |||||||
| %%cve:2020-16914%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Windows Hyper-V Denial of Service Vulnerability | |||||||
| %%cve:2020-1243%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Hyper-V Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-1047%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| %%cve:2020-1080%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.9 |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16891%% | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.9 |
| Windows Image Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16892%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Installer Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16902%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Kernel Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16890%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Kernel Information Disclosure Vulnerability | |||||||
| %%cve:2020-16938%% | Yes | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| %%cve:2020-16901%% | Yes | No | Less Likely | Less Likely | Important | 5.0 | 4.5 |
| Windows KernelStream Information Disclosure Vulnerability | |||||||
| %%cve:2020-16889%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Windows NAT Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16894%% | No | No | Less Likely | Less Likely | Important | 7.7 | 6.9 |
| Windows Network Connections Service Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16887%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | |||||||
| %%cve:2020-16927%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||||||
| %%cve:2020-16896%% | No | No | More Likely | More Likely | Important | 7.5 | 6.7 |
| Windows Remote Desktop Service Denial of Service Vulnerability | |||||||
| %%cve:2020-16863%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
| Windows Security Feature Bypass Vulnerability | |||||||
| %%cve:2020-16910%% | No | No | Less Likely | Less Likely | Important | 6.2 | 5.6 |
| Windows Setup Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16908%% | Yes | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Spoofing Vulnerability | |||||||
| %%cve:2020-16922%% | No | No | More Likely | More Likely | Important | 5.3 | 4.8 |
| Windows Storage Services Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-0764%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Storage VSP Driver Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16885%% | Yes | No | Less Likely | Less Likely | Important | 7.8 | 7.2 |
| Windows TCP/IP Denial of Service Vulnerability | |||||||
| %%cve:2020-16899%% | No | No | More Likely | More Likely | Important | 7.5 | 6.7 |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||||
| %%cve:2020-16898%% | No | No | More Likely | More Likely | Critical | 9.8 | 8.8 |
| Windows Text Services Framework Information Disclosure Vulnerability | |||||||
| %%cve:2020-16921%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Windows iSCSI Target Service Elevation of Privilege Vulnerability | |||||||
| %%cve:2020-16980%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
—
Renato Marinho
Morphus Labs| LinkedIn|Twitter
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More
The post Microsoft October 2020 Patch Tuesday, (Tue, Oct 13th) appeared first on Malware Devil.
https://malwaredevil.com/2020/10/13/microsoft-october-2020-patch-tuesday-tue-oct-13th/?utm_source=rss&utm_medium=rss&utm_campaign=microsoft-october-2020-patch-tuesday-tue-oct-13th
No comments:
Post a Comment