Zero-Day 2020 - Úvod Graf Katalog Zranitelností OWASP Webové útoky (103) Vulnerebility Web Vul. Top 50 in years CVE Defination ATT&CK Matrix for Enterprise
2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009
Microsoft Patch Tuesday - April 2020
This month the vendor has patched 113 vulnerabilities, 18 of which are rated
Critical.
As always, customers are advised to follow these security best practices:
Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining
functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless
specific access is required.
Microsoft's summary of the April 2020 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance
This month's update covers vulnerabilities in:
Internet Explorer
Edge
ChakraCore
Microsoft Office
Microsoft Windows
Microsoft Windows Kernel
Microsoft Graphics Component
Microsoft JET Database Engine
Windows Hyper-V
Visual Studio
Microsoft Dynamics
Microsoft Defender
Microsoft Remote Desktop App
Microsoft YourPhone Application for Android
Microsoft MSR JavaScript Cryptography Library
Microsoft OneDrive for Windows
The following is a breakdown of the issues being addressed this month:
1. Cumulative Security Updates for Microsoft Browsers
Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2020-0969) MS Rating: Critical
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0968) MS Rating: Critical
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0970) MS Rating: Critical
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
VBScript Remote Code Execution Vulnerability (CVE-2020-0967) MS Rating: Critical
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2020-0895) MS Rating: Important
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
VBScript Remote Code Execution Vulnerability (CVE-2020-0966) MS Rating: Important
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
2. Cumulative Security Updates for Microsoft Office
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-0974) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-0929) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-0931) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-0932) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0906) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0979) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability (CVE-2020-0961) MS Rating: Important
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Microsoft Office Remote Code Execution Vulnerability (CVE-2020-0760) MS Rating: Important
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0923) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0924) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0925) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0926) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0927) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0930) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0933) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0954) MS Rating: Moderate
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0978) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-0920) MS Rating: Important
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-0971) MS Rating: Important
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.
Microsoft SharePoint Spoofing Vulnerability (CVE-2020-0972) MS Rating: Important
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft SharePoint Spoofing Vulnerability (CVE-2020-0975) MS Rating: Important
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft SharePoint Spoofing Vulnerability (CVE-2020-0976) MS Rating: Important
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft SharePoint Spoofing Vulnerability (CVE-2020-0977) MS Rating: Important
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Microsoft (MAU) Office Privilege Escalation Vulnerability (CVE-2020-0984) MS Rating: Important
A privilege escalation vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them. An attacker who successfully exploited the vulnerability who already has the ability to execute code on a system could elevate privileges. Microsoft Office Remote Code Execution Vulnerability (CVE-2020-0991) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Microsoft Word Remote Code Execution Vulnerability (CVE-2020-0980) MS Rating: Important
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.
Outlook for Android Spoofing Vulnerability (CVE-2020-0973) MS Rating: Important
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
3. Cumulative Security Updates for Microsoft Windows
Adobe Font Manager Library Remote Code Execution Vulnerability (CVE-2020-1020) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely.
OpenType Font Parsing Remote Code Execution Vulnerability (CVE-2020-0938) MS Rating: Critical
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely.
Media Foundation Memory Corruption Vulnerability (CVE-2020-0948) MS Rating: Critical
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
Media Foundation Memory Corruption Vulnerability (CVE-2020-0949) MS Rating: Critical
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
Media Foundation Memory Corruption Vulnerability (CVE-2020-0950) MS Rating: Critical
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Windows Codecs Library Remote Code Execution Vulnerability (CVE-2020-0965) MS Rating: Critical
A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Windows Push Notification Service Privilege Escalation Vulnerability (CVE-2020-0940) MS Rating: Important
A privilege escalation vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Windows Push Notification Service Privilege Escalation Vulnerability (CVE-2020-1001) MS Rating: Important
A privilege escalation vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Windows Push Notification Service Privilege Escalation Vulnerability (CVE-2020-1006) MS Rating: Important
A privilege escalation vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Windows Push Notification Service Privilege Escalation Vulnerability (CVE-2020-1017) MS Rating: Important
A privilege escalation vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Windows Push Notification Service Information Disclosure Vulnerability (CVE-2020-1016) MS Rating: Important
An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Windows Scheduled Task Privilege Escalation Vulnerability (CVE-2020-0936) MS Rating: Important
A privilege escalation vulnerability exists when a Windows scheduled task improperly handles file redirections. An attacker who successfully exploited this vulnerability could delete a targeted file they would not have permissions to.
Windows Token Security Bypass Vulnerability (CVE-2020-0981) MS Rating: Important
A security bypass vulnerability exists when Windows fails to properly handle token relationships. An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.
Windows Update Stack Privilege Escalation Vulnerability (CVE-2020-0985) MS Rating: Important
A privilege escalation vulnerability exists when the Windows Update Stack fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Windows Update Stack Privilege Escalation Vulnerability (CVE-2020-0996) MS Rating: Important
A privilege escalation vulnerability exists when the Windows Update Stack fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Connected User Experiences and Telemetry Service Privilege Escalation Vulnerability (CVE-2020-0942) MS Rating: Important
A privilege escalation vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could overwrite files in arbitrary locations with elevated permissions.
Connected User Experiences and Telemetry Service Privilege Escalation Vulnerability (CVE-2020-0944) MS Rating: Important
A privilege escalation vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
DirectX Privilege Escalation Vulnerability (CVE-2020-0784) MS Rating: Important
A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
DirectX Privilege Escalation Vulnerability (CVE-2020-0888) MS Rating: Important
A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Microsoft Windows Update Client Privilege Escalation Vulnerability (CVE-2020-1014) MS Rating: Important
A privilege escalation vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Media Foundation Information Disclosure Vulnerability (CVE-2020-0937) MS Rating: Important
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Media Foundation Information Disclosure Vulnerability (CVE-2020-0939) MS Rating: Important
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Media Foundation Information Disclosure Vulnerability (CVE-2020-0945) MS Rating: Important
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Media Foundation Information Disclosure Vulnerability (CVE-2020-0946) MS Rating: Important
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Media Foundation Information Disclosure Vulnerability (CVE-2020-0947) MS Rating: Important
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Windows Delivery Optimization Service Privilege Escalation Vulnerability (CVE-2020-0983) MS Rating: Important
A privilege escalation vulnerability exists when the Windows Delivery Optimization service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.
Windows DNS Denial of Service Vulnerability (CVE-2020-0993) MS Rating: Important
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive.
Windows Privilege Escalation Vulnerability (CVE-2020-0934) MS Rating: Important
A privilege escalation vulnerability exists when the Windows WpcDesktopMonSvc improperly manages memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.
Windows Privilege Escalation Vulnerability (CVE-2020-1009) MS Rating: Important
A privilege escalation vulnerability exists in the way that the Microsoft Store Install Service handles file operations in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-1011) MS Rating: Important
A privilege escalation vulnerability exists when the Windows System Assessment Tool improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Windows Privilege Escalation Vulnerability (CVE-2020-1015) MS Rating: Important
A privilege escalation vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
Connected User Experiences and Telemetry Service Privilege Escalation Vulnerability (CVE-2020-1029) MS Rating: Important
A privilege escalation vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Windows Work Folder Service privilege Escalation Vulnerability (CVE-2020-1094) MS Rating: Important
A privilege escalation vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Windows Denial of Service Vulnerability (CVE-2020-0794) MS Rating: Important
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.
4. Cumulative Security Updates for Microsoft Windows Kernel
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0913) MS Rating: Important
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-1000) MS Rating: Important
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-1003) MS Rating: Important
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-1027) MS Rating: Important
A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
Windows Kernel Information Disclosure in CPU Memory Access (CVE-2020-0955) MS Rating: Important
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.
Windows Kernel Information Disclosure Vulnerability (CVE-2020-0821) MS Rating: Important
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Windows Kernel Information Disclosure Vulnerability (CVE-2020-1007) MS Rating: Important
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
Win32k Privilege Escalation Vulnerability (CVE-2020-0956) MS Rating: Important
A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0957) MS Rating: Important
A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0958) MS Rating: Important
A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Information Disclosure Vulnerability (CVE-2020-0699) MS Rating: Important
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
Win32k Information Disclosure Vulnerability (CVE-2020-0962) MS Rating: Important
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
5. Cumulative Security Updates for Microsoft Graphics Component
Microsoft Graphics Components Remote Code Execution Vulnerability (CVE-2020-0907) MS Rating: Critical
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.
Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2020-0982) MS Rating: Important
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2020-0987) MS Rating: Important
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2020-1005) MS Rating: Important
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
Microsoft Graphics Remote Code Execution Vulnerability (CVE-2020-0687) MS Rating: Critical
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.
GDI+ Remote Code Execution Vulnerability (CVE-2020-0964) MS Rating: Important
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Windows GDI Information Disclosure Vulnerability (CVE-2020-0952) MS Rating: Important
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-1004) MS Rating: Important
A privilege escalation vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
6. Cumulative Security Updates for Microsoft Jet Database Engine
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0889) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0953) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0959) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0960) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0988) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0992) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0994) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0995) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-0999) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1008) MS Rating: Important
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
7. Cumulative Security Updates for Windows Hyper-V
Windows Hyper-V Remote Code Execution Vulnerability (CVE-2020-0910) MS Rating: Critical
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.
Windows Hyper-V Privilege Escalation Vulnerability (CVE-2020-0917) MS Rating: Important
A privilege escalation vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.
Windows Hyper-V Privilege Escalation Vulnerability (CVE-2020-0918) MS Rating: Important
A privilege escalation vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.
8. Cumulative Security Updates for Microsoft Visual Studio
Visual Studio Extension Installer Service Privilege Escalation Vulnerability (CVE-2020-0900) MS Rating: Important
A privilege escalation vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations. An attacker who successfully exploited the vulnerability could delete files in arbitrary locations with elevated permissions.
Microsoft Visual Studio Privilege Escalation Vulnerability (CVE-2020-0899) MS Rating: Important
A privilege escalation vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions. An attacker who successfully exploited this vulnerability could overwrite arbitrary file content in the security context of the local system.
9. Cumulative Security Updates for Microsoft Dynamics
Dynamics Business Central Remote Code Execution Vulnerability (CVE-2020-1022) MS Rating: Critical
An remote code execution vulnerability exists in Microsoft Dynamics Business Central. An attacker who successfully exploited this vulnerability could execute arbitrary shell commands on victim's server.
Microsoft Dynamics Business Central/NAV Information Disclosure (CVE-2020-1018) MS Rating: Important
An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page. The attacker who successfully exploited the vulnerability could see the information that are in a masked field.
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability (CVE-2020-1049) MS Rating: Important
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability (CVE-2020-1050) MS Rating: Important
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.
10. Cumulative Security Updates for Microsoft Defender
Microsoft Defender Privilege Escalation Vulnerability (CVE-2020-1002) MS Rating: Important
A privilege escalation vulnerability exists when the MpSigStub. exe for Defender allows file deletion in arbitrary locations.
Windows Defender Antimalware Platform Hard Link Privilege Escalation Vulnerability (CVE-2020-0835) MS Rating: Important
A privilege escalation vulnerability exists when Windows Defender antimalware platform improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.
11. Cumulative Security Updates for Microsoft Remote Desktop App
Microsoft Remote Desktop App for Mac Privilege Escalation Vulnerability (CVE-2020-0919) MS Rating: Important
A privilege escalation vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries. An attacker could then install programs; view, change, or delete data with the logged in user's privileges.
Microsoft RMS Sharing App for Mac Privilege Escalation Vulnerability (CVE-2020-1019) MS Rating: Important
A privilege escalation vulnerability exists in RMS Sharing App for Mac in the way it allows an attacker to load unsigned binaries. An attacker could then install programs; view, change, or delete data with the logged in user's privileges.
12. Security Update for Microsoft YourPhone Application for Android
Microsoft YourPhone Application for Android Authentication Bypass Vulnerability (CVE-2020-0943) MS Rating: Important
An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles. This could allow an unauthenticated attacker to view notifications.
13. Security Update for Microsoft MSR JavaScript Cryptography Library
MSR JavaScript Cryptography Library Security Bypass Vulnerability (CVE-2020-1026) MS Rating: Important
A security bypass vulnerability exists in the MSR JavaScript Cryptography Library that is caused by multiple bugs in the library's Elliptic Curve Cryptography (ECC) implementation. An attacker could potentially abuse these bugs to learn information about a server's private ECC key (a key leakage attack) or craft an invalid ECDSA signature that nevertheless passes as valid.
14. Security Update for Microsoft OneDrive for Windows
OneDrive for Windows Privilege Escalation Vulnerability (CVE-2020-0935) MS Rating: Important
A privilege escalation vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.
Microsoft Patch Tuesday – February 2020
This month the vendor has patched 99 vulnerabilities, 13 of which are rated
Critical.
This month the vendor has patched 99 vulnerabilities, 13 of which are rated
Critical.
As always, customers are advised to follow these security best practices:
Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining
functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless
specific access is required.
Microsoft's summary of the February 2020 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance
This month's update covers vulnerabilities in:
Internet Explorer
Edge
ChakraCore
Microsoft Office
Microsoft Windows
Microsoft Windows Kernel
Windows Hyper-V
Microsoft Graphics Component
Microsoft Exchange Server
SQL Server
The following is a breakdown of the issues being addressed this month:
Cumulative Security Updates for Microsoft Browsers
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0673) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the scripting engine
handles objects in memory in Internet Explorer. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the scripting engine
handles objects in memory in Internet Explorer. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0710) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0711) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0712) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0713) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0767) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Microsoft Edge Privilege Escalation Vulnerability (CVE-2020-0663) MS Rating:
Important
A
privilege escalation vulnerability exists when Microsoft Edge does not properly
enforce cross-domain policies, which could allow an attacker to access
information from one domain and inject it into another domain. In a web-based
attack scenario, an attacker could host a website that is used to attempt to
exploit the vulnerability.
Microsoft Browser Information Disclosure Vulnerability (CVE-2020-0706) MS
Rating: Important
An
information disclosure vulnerability exists in the way that affected Microsoft
browsers handle cross-origin requests. An attacker who successfully exploited
this vulnerability could determine the origin of all of the web pages in the
affected browser.
Cumulative Security Updates for Microsoft Office
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0693) MS Rating:
Important
A
cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server
does not properly sanitize a specially crafted web request to an affected
SharePoint server. An authenticated attacker could exploit the vulnerability by
sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0694) MS Rating:
Important
A
cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server
does not properly sanitize a specially crafted web request to an affected
SharePoint server. An authenticated attacker could exploit the vulnerability by
sending a specially crafted request to an affected SharePoint server.
Microsoft Office Online Server Spoofing Vulnerability (CVE-2020-0695) MS Rating:
Important
A
spoofing vulnerability exists when Office Online Server does not validate origin
in cross-origin communications correctly. An attacker could exploit the
vulnerability by sending a specially crafted request to an affected site.
Microsoft Outlook Security Bypass Vulnerability (CVE-2020-0696) MS Rating:
Important
A
security bypass vulnerability exists in Microsoft Outlook software when it
improperly handles the parsing of URI formats. The security bypass by itself
does not allow arbitrary code execution.
Microsoft Office Tampering Vulnerability (CVE-2020-0697) MS Rating: Important
A
privilege escalation vulnerability exists in Microsoft Office OLicenseHeartbeat
task, where an attacker who successfully exploited this vulnerability could run
this task as SYSTEM. To exploit the vulnerability, an authenticated attacker
would need to place a specially crafted file in a specific location, thereby
allowing arbitrary file corruption.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0759) MS Rating:
Important
A
remote code execution vulnerability exists in Microsoft Excel software when the
software fails to properly handle objects in memory. An attacker who
successfully exploited the vulnerability could run arbitrary code in the context
of the current user.
Cumulative Security Updates for Microsoft Windows
LNK Remote Code Execution Vulnerability (CVE-2020-0729) MS Rating: Critical
A
remote code execution vulnerability exists in Microsoft Windows that could allow
remote code execution if a . LNK file is processed.
Windows Remote Code Execution Vulnerability (CVE-2020-0662) MS Rating: Critical
A
remote code execution vulnerability exists in the way that Windows handles
objects in memory. An attacker who successfully exploited the vulnerability
could execute arbitrary code with elevated permissions on a target system.
Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0681) MS
Rating: Critical
A
remote code execution vulnerability exists in the Windows Remote Desktop Client
when a user connects to a malicious server. An attacker who successfully
exploited this vulnerability could execute arbitrary code on the computer of the
connecting client.
Media Foundation Memory Corruption Vulnerability (CVE-2020-0738) MS Rating:
Critical
A
memory corruption vulnerability exists when Windows Media Foundation improperly
handles objects in memory. An attacker who successfully exploited the
vulnerability could install programs; view, change, or delete data; or create
new accounts with full user rights.
Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0734) MS
Rating: Critical
A
remote code execution vulnerability exists in the Windows Remote Desktop Client
when a user connects to a malicious server. An attacker who successfully
exploited this vulnerability could execute arbitrary code on the computer of the
connecting client.
Windows Common Log File System Driver Privilege Escalation Vulnerability
(CVE-2020-0657) MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Common Log File
System (CLFS) driver improperly handles objects in memory. An attacker who
successfully exploited this vulnerability could run processes in an elevated
context.
Windows Common Log File System Driver Information Disclosure Vulnerability
(CVE-2020-0658) MS Rating: Important
An
information disclosure vulnerability exists in the Windows Common Log File
System (CLFS) driver when it fails to properly handle objects in memory. An
attacker who successfully exploited this vulnerability could potentially read
data that was not intended to be disclosed.
Remote Desktop Services Remote Code Execution Vulnerability (CVE-2020-0655) MS
Rating: Important
A
remote code execution vulnerability exists in Remote Desktop Services - formerly
known as Terminal Services - when an authenticated attacker abuses clipboard
redirection. An attacker who successfully exploited this vulnerability could
execute arbitrary code on the victim system.
Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2020-0659)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Data Sharing Service
improperly handles file operations. An attacker who successfully exploited this
vulnerability could run processes in an elevated context.
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
(CVE-2020-0660) MS Rating: Important
A
denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an
attacker connects to the target system using RDP and sends specially crafted
requests. An attacker who successfully exploited this vulnerability could cause
the RDP service on the target system to stop responding.
Active Directory Privilege Escalation Vulnerability (CVE-2020-0665) MS Rating:
Important
A
privilege escalation vulnerability exists in Active Directory Forest trusts due
to a default setting that lets an attacker in the trusting forest request
delegation of a TGT for an identity from the trusted forest. To exploit this
vulnerability, an attacker would first need to compromise an Active Directory
forest.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0666) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0667) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0675) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0676) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0677) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Error Reporting Manager Privilege Escalation Vulnerability
(CVE-2020-0678) MS Rating: Important
A
privilege escalation vulnerability exists when Windows Error Reporting manager
improperly handles hard links. An attacker who successfully exploited this
vulnerability could overwrite a targeted file leading to an elevated status.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0679) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0680) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0682) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Installer Privilege Escalation Vulnerability (CVE-2020-0683) MS Rating:
Important
A
privilege escalation vulnerability exists in the Windows Installer when MSI
packages process symbolic links. An attacker who successfully exploited this
vulnerability could bypass access restrictions to add or remove files.
Windows COM Server Privilege Escalation Vulnerability (CVE-2020-0685) MS Rating:
Important
A
privilege escalation vulnerability exists when Windows improperly handles COM
object creation. An attacker who successfully exploited the vulnerability could
run arbitrary code with elevated privileges.
Windows Installer Privilege Escalation Vulnerability (CVE-2020-0686) MS Rating:
Important
A
privilege escalation vulnerability exists in the Windows Installer when MSI
packages process symbolic links. An attacker who successfully exploited this
vulnerability could bypass access restrictions to add or remove files.
Microsoft Secure Boot Security Bypass Vulnerability (CVE-2020-0689) MS Rating:
Important
A
security bypass vulnerability exists in secure boot. An attacker who
successfully exploited the vulnerability can bypass secure boot and load
untrusted software.
Windows Information Disclosure Vulnerability (CVE-2020-0698) MS Rating:
Important
An
information disclosure vulnerability exists when the Telephony Service
improperly discloses the contents of its memory. An attacker who successfully
exploited the vulnerability could obtain information to further compromise a
user's system.
Windows Client License Service Privilege Escalation Vulnerability
(CVE-2020-0701) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Client
License Service (ClipSVC) handles objects in memory. An attacker who
successfully exploited the vulnerability could execute code with elevated
permissions.
Surface Hub Security Bypass Vulnerability (CVE-2020-0702) MS Rating: Important
A
security bypass vulnerability exists in Surface Hub when prompting for
credentials. Successful exploitation of the vulnerability could allow an
attacker to access settings which are restricted to Administrators.
Windows Backup Service Privilege Escalation Vulnerability (CVE-2020-0703) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Backup Service
improperly handles file operations. To exploit this vulnerability, an attacker
would first have to gain execution on the victim system.
Windows Wireless Network Manager Privilege Escalation Vulnerability
(CVE-2020-0704) MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Wireless Network
Manager improperly handles memory. To exploit this vulnerability, an attacker
would first have to gain execution on the victim system.
Windows Network Driver Interface Specification (NDIS) Information Disclosure
Vulnerability (CVE-2020-0705) MS Rating: Important
An
information disclosure vulnerability exists when the Windows Network Driver
Interface Specification (NDIS) improperly handles memory. To exploit this
vulnerability, an attacker would first have to gain execution on the victim
system.
Windows IME Privilege Escalation Vulnerability (CVE-2020-0707) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows IME improperly
handles memory. To exploit this vulnerability, an attacker would first have to
gain execution on the victim system.
Windows Imaging Library Remote Code Execution Vulnerability (CVE-2020-0708) MS
Rating: Important
A
remote code execution vulnerability exists when the Windows Imaging Library
improperly handles memory. To exploit this vulnerability, an attacker would
first have to coerce a victim to open a specially crafted file.
DirectX Privilege Escalation Vulnerability (CVE-2020-0709) MS Rating: Important
A
privilege escalation vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could run arbitrary code in kernel mode.
DirectX Information Disclosure Vulnerability (CVE-2020-0714) MS Rating:
Important
An
information disclosure vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could obtain information to further compromise the user's system.
Windows Diagnostics Tracking Service Privilege Escalation Vulnerability (CVE-2020-0727)
MS Rating: Important
A
privilege escalation vulnerability exists when the Connected User Experiences
and Telemetry Service improperly handles file operations. An attacker who
successfully exploited this vulnerability could gain elevated privileges on the
victim system.
Windows Modules Installer Service Information Disclosure Vulnerability (CVE-2020-0728)
MS Rating: Important
An
information vulnerability exists when Windows Modules Installer Service
improperly discloses file information. Successful exploitation of the
vulnerability could allow the attacker to read any file on the file system.
Windows User Profile Service Privilege Escalation Vulnerability (CVE-2020-0730)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows User Profile Service
(ProfSvc) improperly handles symlinks. An attacker who successfully exploited
this vulnerability could delete files and folders in an elevated context.
DirectX Privilege Escalation Vulnerability (CVE-2020-0732) MS Rating: Important
A
privilege escalation vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could run arbitrary code in kernel mode.
Windows Malicious Software Removal Tool Privilege Escalation Vulnerability (CVE-2020-0733)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Malicious Software
Removal Tool (MSRT) improperly handles junctions. To exploit this vulnerability,
an attacker would first have to gain execution on the victim system.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0735) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0737) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the tapisrv. dll
handles objects in memory.
Windows Privilege Escalation Vulnerability (CVE-2020-0739) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the dssvc. dll handles
file creation allowing for a file overwrite or creation in a secured location.
Windows Privilege Escalation Vulnerability (CVE-2020-0740) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0741) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0742) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0743) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2020-0747)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Data Sharing Service
improperly handles file operations. An attacker who successfully exploited this
vulnerability could run processes in an elevated context.
Windows Key Isolation Service Information Disclosure Vulnerability (CVE-2020-0748)
MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Connected Devices Platform Service Elevation of Privilege Vulnerability (CVE-2020-0749)
MS Rating: Important
An
elevation of privilege vulnerability exists in the way that the Connected
Devices Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Connected Devices Platform Service Elevation of Privilege Vulnerability
(CVE-2020-0750) MS Rating: Important
An
elevation of privilege vulnerability exists in the way that the Connected
Devices Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0752) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Error Reporting Privilege Escalation Vulnerability (CVE-2020-0753) MS
Rating: Important
A
privilege escalation vulnerability exists in Windows Error Reporting (WER) when
WER handles and executes files. The vulnerability could allow Privilege
Escalation if an attacker can successfully exploit it.
Windows Error Reporting Privilege Escalation Vulnerability (CVE-2020-0754) MS
Rating: Important
A
privilege escalation vulnerability exists in Windows Error Reporting (WER) when
WER handles and executes files. The vulnerability could allow Privilege
Escalation if an attacker can successfully exploit it.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0755) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0756) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows SSH Elevation of Privilege Vulnerability (CVE-2020-0757) MS Rating:
Important
An
elevation of privilege vulnerability exists when Windows improperly handles
Secure Socket Shell remote commands. An attacker who successfully exploited the
vulnerability could run arbitrary code with elevated privileges.
Cumulative Security Updates for Microsoft Windows Kernel
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0668) MS Rating:
Important
A
privilege escalation vulnerability exists in the way that the Windows Kernel
handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0669) MS Rating:
Important
A
privilege escalation vulnerability exists in the way that the Windows Kernel
handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0670) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0671) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0672) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0691) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Windows
kernel-mode driver fails to properly handle objects in memory. An attacker who
successfully exploited this vulnerability could run arbitrary code in kernel
mode.
Win32k Information Disclosure Vulnerability (CVE-2020-0716) MS Rating: Important
An
information disclosure vulnerability exists when the win32k component improperly
provides kernel information. An attacker who successfully exploited the
vulnerability could obtain information to further compromise the user's system.
Win32k Information Disclosure Vulnerability (CVE-2020-0717) MS Rating: Important
An
information disclosure vulnerability exists when the win32k component improperly
provides kernel information. An attacker who successfully exploited the
vulnerability could obtain information to further compromise the user's system.
Win32k Privilege Escalation Vulnerability (CVE-2020-0719) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0720) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0721) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0722) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0723) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0724) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0725) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0726) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0731) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Windows Kernel Information Disclosure Vulnerability (CVE-2020-0736) MS Rating:
Important
An
information disclosure vulnerability exists when the Windows kernel improperly
handles objects in memory. An attacker who successfully exploited this
vulnerability could obtain information to further compromise the user's system.
Cumulative Security Updates for Windows Hyper-V
Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0661) MS Rating:
Important
A
denial of service vulnerability exists when Microsoft Hyper-V on a host server
fails to properly validate input from a privileged user on a guest operating
system. To exploit the vulnerability, an attacker who already has a privileged
account on a guest operating system, running as a virtual machine, could run a
specially crafted application that causes a host machine to crash.
Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0751) MS Rating:
Important
A
denial of service vulnerability exists when Microsoft Hyper-V on a host server
fails to properly validate specific malicious data from a user on a guest
operating system. To exploit the vulnerability, an attacker who already has a
privileged account on a guest operating system, running as a virtual machine,
could run a specially crafted application.
Cumulative Security Updates for Microsoft Graphics Component
Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-0715) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Windows GDI Information Disclosure Vulnerability (CVE-2020-0744) MS Rating:
Important
An
information disclosure vulnerability exists in the way that the Windows Graphics
Device Interface (GDI) handles objects in memory, allowing an attacker to
retrieve information from a targeted system. By itself, the information
disclosure does not allow arbitrary code execution; however, it could allow
arbitrary code to be run if the attacker uses it in combination with another
vulnerability.
Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-0745) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2020-0746)
MS Rating: Important
An
information disclosure vulnerability exists in the way that Microsoft Graphics
Components handle objects in memory. An attacker who successfully exploited the
vulnerability could obtain information that could be useful for further
exploitation.
Windows Graphics Component Elevation of Privilege Vulnerability (CVE-2020-0792)
MS Rating: Important
An
elevation of privilege vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Cumulative Security Updates for Microsoft Exchange Server
Microsoft Exchange Memory Corruption Vulnerability (CVE-2020-0688) MS Rating:
Important
A
remote code execution vulnerability exists in Microsoft Exchange software when
the software fails to properly handle objects in memory. An attacker who
successfully exploited the vulnerability could run arbitrary code in the context
of the System user.
Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2020-0692) MS
Rating: Important
A
privilege escalation vulnerability exists in Microsoft Exchange Server. An
attacker who successfully exploited this vulnerability could gain the same
rights as any other user of the Exchange server.
Security Update for SQL Server
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)
MS Rating: Important
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.
Microsoft Patch Tuesday – February 2020
This month the vendor has patched 99 vulnerabilities, 13 of which are rated
Critical.
This month the vendor has patched 99 vulnerabilities, 13 of which are rated
Critical.
As always, customers are advised to follow these security best practices:
Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining
functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless
specific access is required.
Microsoft's summary of the February 2020 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance
This month's update covers vulnerabilities in:
Internet Explorer
Edge
ChakraCore
Microsoft Office
Microsoft Windows
Microsoft Windows Kernel
Windows Hyper-V
Microsoft Graphics Component
Microsoft Exchange Server
SQL Server
The following is a breakdown of the issues being addressed this month:
Cumulative Security Updates for Microsoft Browsers
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0673) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the scripting engine
handles objects in memory in Internet Explorer. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the scripting engine
handles objects in memory in Internet Explorer. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0710) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0711) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0712) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0713) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0767) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Microsoft Edge Privilege Escalation Vulnerability (CVE-2020-0663) MS Rating:
Important
A
privilege escalation vulnerability exists when Microsoft Edge does not properly
enforce cross-domain policies, which could allow an attacker to access
information from one domain and inject it into another domain. In a web-based
attack scenario, an attacker could host a website that is used to attempt to
exploit the vulnerability.
Microsoft Browser Information Disclosure Vulnerability (CVE-2020-0706) MS
Rating: Important
An
information disclosure vulnerability exists in the way that affected Microsoft
browsers handle cross-origin requests. An attacker who successfully exploited
this vulnerability could determine the origin of all of the web pages in the
affected browser.
Cumulative Security Updates for Microsoft Office
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0693) MS Rating:
Important
A
cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server
does not properly sanitize a specially crafted web request to an affected
SharePoint server. An authenticated attacker could exploit the vulnerability by
sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0694) MS Rating:
Important
A
cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server
does not properly sanitize a specially crafted web request to an affected
SharePoint server. An authenticated attacker could exploit the vulnerability by
sending a specially crafted request to an affected SharePoint server.
Microsoft Office Online Server Spoofing Vulnerability (CVE-2020-0695) MS Rating:
Important
A
spoofing vulnerability exists when Office Online Server does not validate origin
in cross-origin communications correctly. An attacker could exploit the
vulnerability by sending a specially crafted request to an affected site.
Microsoft Outlook Security Bypass Vulnerability (CVE-2020-0696) MS Rating:
Important
A
security bypass vulnerability exists in Microsoft Outlook software when it
improperly handles the parsing of URI formats. The security bypass by itself
does not allow arbitrary code execution.
Microsoft Office Tampering Vulnerability (CVE-2020-0697) MS Rating: Important
A
privilege escalation vulnerability exists in Microsoft Office OLicenseHeartbeat
task, where an attacker who successfully exploited this vulnerability could run
this task as SYSTEM. To exploit the vulnerability, an authenticated attacker
would need to place a specially crafted file in a specific location, thereby
allowing arbitrary file corruption.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0759) MS Rating:
Important
A
remote code execution vulnerability exists in Microsoft Excel software when the
software fails to properly handle objects in memory. An attacker who
successfully exploited the vulnerability could run arbitrary code in the context
of the current user.
Cumulative Security Updates for Microsoft Windows
LNK Remote Code Execution Vulnerability (CVE-2020-0729) MS Rating: Critical
A
remote code execution vulnerability exists in Microsoft Windows that could allow
remote code execution if a . LNK file is processed.
Windows Remote Code Execution Vulnerability (CVE-2020-0662) MS Rating: Critical
A
remote code execution vulnerability exists in the way that Windows handles
objects in memory. An attacker who successfully exploited the vulnerability
could execute arbitrary code with elevated permissions on a target system.
Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0681) MS
Rating: Critical
A
remote code execution vulnerability exists in the Windows Remote Desktop Client
when a user connects to a malicious server. An attacker who successfully
exploited this vulnerability could execute arbitrary code on the computer of the
connecting client.
Media Foundation Memory Corruption Vulnerability (CVE-2020-0738) MS Rating:
Critical
A
memory corruption vulnerability exists when Windows Media Foundation improperly
handles objects in memory. An attacker who successfully exploited the
vulnerability could install programs; view, change, or delete data; or create
new accounts with full user rights.
Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0734) MS
Rating: Critical
A
remote code execution vulnerability exists in the Windows Remote Desktop Client
when a user connects to a malicious server. An attacker who successfully
exploited this vulnerability could execute arbitrary code on the computer of the
connecting client.
Windows Common Log File System Driver Privilege Escalation Vulnerability
(CVE-2020-0657) MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Common Log File
System (CLFS) driver improperly handles objects in memory. An attacker who
successfully exploited this vulnerability could run processes in an elevated
context.
Windows Common Log File System Driver Information Disclosure Vulnerability
(CVE-2020-0658) MS Rating: Important
An
information disclosure vulnerability exists in the Windows Common Log File
System (CLFS) driver when it fails to properly handle objects in memory. An
attacker who successfully exploited this vulnerability could potentially read
data that was not intended to be disclosed.
Remote Desktop Services Remote Code Execution Vulnerability (CVE-2020-0655) MS
Rating: Important
A
remote code execution vulnerability exists in Remote Desktop Services - formerly
known as Terminal Services - when an authenticated attacker abuses clipboard
redirection. An attacker who successfully exploited this vulnerability could
execute arbitrary code on the victim system.
Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2020-0659)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Data Sharing Service
improperly handles file operations. An attacker who successfully exploited this
vulnerability could run processes in an elevated context.
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
(CVE-2020-0660) MS Rating: Important
A
denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an
attacker connects to the target system using RDP and sends specially crafted
requests. An attacker who successfully exploited this vulnerability could cause
the RDP service on the target system to stop responding.
Active Directory Privilege Escalation Vulnerability (CVE-2020-0665) MS Rating:
Important
A
privilege escalation vulnerability exists in Active Directory Forest trusts due
to a default setting that lets an attacker in the trusting forest request
delegation of a TGT for an identity from the trusted forest. To exploit this
vulnerability, an attacker would first need to compromise an Active Directory
forest.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0666) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0667) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0675) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0676) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0677) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Error Reporting Manager Privilege Escalation Vulnerability
(CVE-2020-0678) MS Rating: Important
A
privilege escalation vulnerability exists when Windows Error Reporting manager
improperly handles hard links. An attacker who successfully exploited this
vulnerability could overwrite a targeted file leading to an elevated status.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0679) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0680) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0682) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Installer Privilege Escalation Vulnerability (CVE-2020-0683) MS Rating:
Important
A
privilege escalation vulnerability exists in the Windows Installer when MSI
packages process symbolic links. An attacker who successfully exploited this
vulnerability could bypass access restrictions to add or remove files.
Windows COM Server Privilege Escalation Vulnerability (CVE-2020-0685) MS Rating:
Important
A
privilege escalation vulnerability exists when Windows improperly handles COM
object creation. An attacker who successfully exploited the vulnerability could
run arbitrary code with elevated privileges.
Windows Installer Privilege Escalation Vulnerability (CVE-2020-0686) MS Rating:
Important
A
privilege escalation vulnerability exists in the Windows Installer when MSI
packages process symbolic links. An attacker who successfully exploited this
vulnerability could bypass access restrictions to add or remove files.
Microsoft Secure Boot Security Bypass Vulnerability (CVE-2020-0689) MS Rating:
Important
A
security bypass vulnerability exists in secure boot. An attacker who
successfully exploited the vulnerability can bypass secure boot and load
untrusted software.
Windows Information Disclosure Vulnerability (CVE-2020-0698) MS Rating:
Important
An
information disclosure vulnerability exists when the Telephony Service
improperly discloses the contents of its memory. An attacker who successfully
exploited the vulnerability could obtain information to further compromise a
user's system.
Windows Client License Service Privilege Escalation Vulnerability
(CVE-2020-0701) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Client
License Service (ClipSVC) handles objects in memory. An attacker who
successfully exploited the vulnerability could execute code with elevated
permissions.
Surface Hub Security Bypass Vulnerability (CVE-2020-0702) MS Rating: Important
A
security bypass vulnerability exists in Surface Hub when prompting for
credentials. Successful exploitation of the vulnerability could allow an
attacker to access settings which are restricted to Administrators.
Windows Backup Service Privilege Escalation Vulnerability (CVE-2020-0703) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Backup Service
improperly handles file operations. To exploit this vulnerability, an attacker
would first have to gain execution on the victim system.
Windows Wireless Network Manager Privilege Escalation Vulnerability
(CVE-2020-0704) MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Wireless Network
Manager improperly handles memory. To exploit this vulnerability, an attacker
would first have to gain execution on the victim system.
Windows Network Driver Interface Specification (NDIS) Information Disclosure
Vulnerability (CVE-2020-0705) MS Rating: Important
An
information disclosure vulnerability exists when the Windows Network Driver
Interface Specification (NDIS) improperly handles memory. To exploit this
vulnerability, an attacker would first have to gain execution on the victim
system.
Windows IME Privilege Escalation Vulnerability (CVE-2020-0707) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows IME improperly
handles memory. To exploit this vulnerability, an attacker would first have to
gain execution on the victim system.
Windows Imaging Library Remote Code Execution Vulnerability (CVE-2020-0708) MS
Rating: Important
A
remote code execution vulnerability exists when the Windows Imaging Library
improperly handles memory. To exploit this vulnerability, an attacker would
first have to coerce a victim to open a specially crafted file.
DirectX Privilege Escalation Vulnerability (CVE-2020-0709) MS Rating: Important
A
privilege escalation vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could run arbitrary code in kernel mode.
DirectX Information Disclosure Vulnerability (CVE-2020-0714) MS Rating:
Important
An
information disclosure vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could obtain information to further compromise the user's system.
Windows Diagnostics Tracking Service Privilege Escalation Vulnerability
(CVE-2020-0727) MS Rating: Important
A
privilege escalation vulnerability exists when the Connected User Experiences
and Telemetry Service improperly handles file operations. An attacker who
successfully exploited this vulnerability could gain elevated privileges on the
victim system.
Windows Modules Installer Service Information Disclosure Vulnerability
(CVE-2020-0728) MS Rating: Important
An
information vulnerability exists when Windows Modules Installer Service
improperly discloses file information. Successful exploitation of the
vulnerability could allow the attacker to read any file on the file system.
Windows User Profile Service Privilege Escalation Vulnerability (CVE-2020-0730)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows User Profile Service
(ProfSvc) improperly handles symlinks. An attacker who successfully exploited
this vulnerability could delete files and folders in an elevated context.
DirectX Privilege Escalation Vulnerability (CVE-2020-0732) MS Rating: Important
A
privilege escalation vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could run arbitrary code in kernel mode.
Windows Malicious Software Removal Tool Privilege Escalation Vulnerability
(CVE-2020-0733) MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Malicious Software
Removal Tool (MSRT) improperly handles junctions. To exploit this vulnerability,
an attacker would first have to gain execution on the victim system.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0735) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0737) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the tapisrv. dll
handles objects in memory.
Windows Privilege Escalation Vulnerability (CVE-2020-0739) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the dssvc. dll handles
file creation allowing for a file overwrite or creation in a secured location.
Windows Privilege Escalation Vulnerability (CVE-2020-0740) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0741) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0742) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0743) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2020-0747)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Data Sharing Service
improperly handles file operations. An attacker who successfully exploited this
vulnerability could run processes in an elevated context.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0748) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Connected Devices Platform Service Elevation of Privilege Vulnerability
(CVE-2020-0749) MS Rating: Important
An
elevation of privilege vulnerability exists in the way that the Connected
Devices Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Connected Devices Platform Service Elevation of Privilege Vulnerability
(CVE-2020-0750) MS Rating: Important
An
elevation of privilege vulnerability exists in the way that the Connected
Devices Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0752) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Error Reporting Privilege Escalation Vulnerability (CVE-2020-0753) MS
Rating: Important
A
privilege escalation vulnerability exists in Windows Error Reporting (WER) when
WER handles and executes files. The vulnerability could allow Privilege
Escalation if an attacker can successfully exploit it.
Windows Error Reporting Privilege Escalation Vulnerability (CVE-2020-0754) MS
Rating: Important
A
privilege escalation vulnerability exists in Windows Error Reporting (WER) when
WER handles and executes files. The vulnerability could allow Privilege
Escalation if an attacker can successfully exploit it.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0755) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0756) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows SSH Elevation of Privilege Vulnerability (CVE-2020-0757) MS Rating:
Important
An
elevation of privilege vulnerability exists when Windows improperly handles
Secure Socket Shell remote commands. An attacker who successfully exploited the
vulnerability could run arbitrary code with elevated privileges.
Cumulative Security Updates for Microsoft Windows Kernel
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0668) MS Rating:
Important
A
privilege escalation vulnerability exists in the way that the Windows Kernel
handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0669) MS Rating:
Important
A
privilege escalation vulnerability exists in the way that the Windows Kernel
handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0670) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0671) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0672) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0691) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Windows
kernel-mode driver fails to properly handle objects in memory. An attacker who
successfully exploited this vulnerability could run arbitrary code in kernel
mode.
Win32k Information Disclosure Vulnerability (CVE-2020-0716) MS Rating: Important
An
information disclosure vulnerability exists when the win32k component improperly
provides kernel information. An attacker who successfully exploited the
vulnerability could obtain information to further compromise the user's system.
Win32k Information Disclosure Vulnerability (CVE-2020-0717) MS Rating: Important
An
information disclosure vulnerability exists when the win32k component improperly
provides kernel information. An attacker who successfully exploited the
vulnerability could obtain information to further compromise the user's system.
Win32k Privilege Escalation Vulnerability (CVE-2020-0719) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0720) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0721) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0722) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0723) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0724) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0725) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0726) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0731) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Windows Kernel Information Disclosure Vulnerability (CVE-2020-0736) MS Rating:
Important
An
information disclosure vulnerability exists when the Windows kernel improperly
handles objects in memory. An attacker who successfully exploited this
vulnerability could obtain information to further compromise the user's system.
Cumulative Security Updates for Windows Hyper-V
Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0661) MS Rating:
Important
A
denial of service vulnerability exists when Microsoft Hyper-V on a host server
fails to properly validate input from a privileged user on a guest operating
system. To exploit the vulnerability, an attacker who already has a privileged
account on a guest operating system, running as a virtual machine, could run a
specially crafted application that causes a host machine to crash.
Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0751) MS Rating:
Important
A
denial of service vulnerability exists when Microsoft Hyper-V on a host server
fails to properly validate specific malicious data from a user on a guest
operating system. To exploit the vulnerability, an attacker who already has a
privileged account on a guest operating system, running as a virtual machine,
could run a specially crafted application.
Cumulative Security Updates for Microsoft Graphics Component
Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-0715) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Windows GDI Information Disclosure Vulnerability (CVE-2020-0744) MS Rating:
Important
An
information disclosure vulnerability exists in the way that the Windows Graphics
Device Interface (GDI) handles objects in memory, allowing an attacker to
retrieve information from a targeted system. By itself, the information
disclosure does not allow arbitrary code execution; however, it could allow
arbitrary code to be run if the attacker uses it in combination with another
vulnerability.
Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-0745) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2020-0746)
MS Rating: Important
An
information disclosure vulnerability exists in the way that Microsoft Graphics
Components handle objects in memory. An attacker who successfully exploited the
vulnerability could obtain information that could be useful for further
exploitation.
Windows Graphics Component Elevation of Privilege Vulnerability (CVE-2020-0792)
MS Rating: Important
An
elevation of privilege vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Cumulative Security Updates for Microsoft Exchange Server
Microsoft Exchange Memory Corruption Vulnerability (CVE-2020-0688) MS Rating:
Important
A
remote code execution vulnerability exists in Microsoft Exchange software when
the software fails to properly handle objects in memory. An attacker who
successfully exploited the vulnerability could run arbitrary code in the context
of the System user.
Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2020-0692) MS
Rating: Important
A
privilege escalation vulnerability exists in Microsoft Exchange Server. An
attacker who successfully exploited this vulnerability could gain the same
rights as any other user of the Exchange server.
Security Update for SQL Server
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)
MS Rating: Important
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.
Microsoft Patch Tuesday – February 2020
This month the vendor has patched 99 vulnerabilities, 13 of which are rated
Critical.
This month the vendor has patched 99 vulnerabilities, 13 of which are rated
Critical.
As always, customers are advised to follow these security best practices:
Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining
functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless
specific access is required.
Microsoft's summary of the February 2020 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance
This month's update covers vulnerabilities in:
Internet Explorer
Edge
ChakraCore
Microsoft Office
Microsoft Windows
Microsoft Windows Kernel
Windows Hyper-V
Microsoft Graphics Component
Microsoft Exchange Server
SQL Server
The following is a breakdown of the issues being addressed this month:
Cumulative Security Updates for Microsoft Browsers
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0673) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the scripting engine
handles objects in memory in Internet Explorer. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the scripting engine
handles objects in memory in Internet Explorer. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0710) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0711) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0712) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0713) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Scripting Engine Memory Corruption Vulnerability (CVE-2020-0767) MS Rating:
Critical
A
remote code execution vulnerability exists in the way that the ChakraCore
scripting engine handles objects in memory. The vulnerability could corrupt
memory in such a way that an attacker could execute arbitrary code in the
context of the current user.
Microsoft Edge Privilege Escalation Vulnerability (CVE-2020-0663) MS Rating:
Important
A
privilege escalation vulnerability exists when Microsoft Edge does not properly
enforce cross-domain policies, which could allow an attacker to access
information from one domain and inject it into another domain. In a web-based
attack scenario, an attacker could host a website that is used to attempt to
exploit the vulnerability.
Microsoft Browser Information Disclosure Vulnerability (CVE-2020-0706) MS
Rating: Important
An
information disclosure vulnerability exists in the way that affected Microsoft
browsers handle cross-origin requests. An attacker who successfully exploited
this vulnerability could determine the origin of all of the web pages in the
affected browser.
Cumulative Security Updates for Microsoft Office
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0693) MS Rating:
Important
A
cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server
does not properly sanitize a specially crafted web request to an affected
SharePoint server. An authenticated attacker could exploit the vulnerability by
sending a specially crafted request to an affected SharePoint server.
Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0694) MS Rating:
Important
A
cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server
does not properly sanitize a specially crafted web request to an affected
SharePoint server. An authenticated attacker could exploit the vulnerability by
sending a specially crafted request to an affected SharePoint server.
Microsoft Office Online Server Spoofing Vulnerability (CVE-2020-0695) MS Rating:
Important
A
spoofing vulnerability exists when Office Online Server does not validate origin
in cross-origin communications correctly. An attacker could exploit the
vulnerability by sending a specially crafted request to an affected site.
Microsoft Outlook Security Bypass Vulnerability (CVE-2020-0696) MS Rating:
Important
A
security bypass vulnerability exists in Microsoft Outlook software when it
improperly handles the parsing of URI formats. The security bypass by itself
does not allow arbitrary code execution.
Microsoft Office Tampering Vulnerability (CVE-2020-0697) MS Rating: Important
A
privilege escalation vulnerability exists in Microsoft Office OLicenseHeartbeat
task, where an attacker who successfully exploited this vulnerability could run
this task as SYSTEM. To exploit the vulnerability, an authenticated attacker
would need to place a specially crafted file in a specific location, thereby
allowing arbitrary file corruption.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0759) MS Rating:
Important
A
remote code execution vulnerability exists in Microsoft Excel software when the
software fails to properly handle objects in memory. An attacker who
successfully exploited the vulnerability could run arbitrary code in the context
of the current user.
Cumulative Security Updates for Microsoft Windows
LNK Remote Code Execution Vulnerability (CVE-2020-0729) MS Rating: Critical
A
remote code execution vulnerability exists in Microsoft Windows that could allow
remote code execution if a . LNK file is processed.
Windows Remote Code Execution Vulnerability (CVE-2020-0662) MS Rating: Critical
A
remote code execution vulnerability exists in the way that Windows handles
objects in memory. An attacker who successfully exploited the vulnerability
could execute arbitrary code with elevated permissions on a target system.
Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0681) MS
Rating: Critical
A
remote code execution vulnerability exists in the Windows Remote Desktop Client
when a user connects to a malicious server. An attacker who successfully
exploited this vulnerability could execute arbitrary code on the computer of the
connecting client.
Media Foundation Memory Corruption Vulnerability (CVE-2020-0738) MS Rating:
Critical
A
memory corruption vulnerability exists when Windows Media Foundation improperly
handles objects in memory. An attacker who successfully exploited the
vulnerability could install programs; view, change, or delete data; or create
new accounts with full user rights.
Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0734) MS
Rating: Critical
A
remote code execution vulnerability exists in the Windows Remote Desktop Client
when a user connects to a malicious server. An attacker who successfully
exploited this vulnerability could execute arbitrary code on the computer of the
connecting client.
Windows Common Log File System Driver Privilege Escalation Vulnerability
(CVE-2020-0657) MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Common Log File
System (CLFS) driver improperly handles objects in memory. An attacker who
successfully exploited this vulnerability could run processes in an elevated
context.
Windows Common Log File System Driver Information Disclosure Vulnerability
(CVE-2020-0658) MS Rating: Important
An
information disclosure vulnerability exists in the Windows Common Log File
System (CLFS) driver when it fails to properly handle objects in memory. An
attacker who successfully exploited this vulnerability could potentially read
data that was not intended to be disclosed.
Remote Desktop Services Remote Code Execution Vulnerability (CVE-2020-0655) MS
Rating: Important
A
remote code execution vulnerability exists in Remote Desktop Services - formerly
known as Terminal Services - when an authenticated attacker abuses clipboard
redirection. An attacker who successfully exploited this vulnerability could
execute arbitrary code on the victim system.
Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2020-0659)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Data Sharing Service
improperly handles file operations. An attacker who successfully exploited this
vulnerability could run processes in an elevated context.
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
(CVE-2020-0660) MS Rating: Important
A
denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an
attacker connects to the target system using RDP and sends specially crafted
requests. An attacker who successfully exploited this vulnerability could cause
the RDP service on the target system to stop responding.
Active Directory Privilege Escalation Vulnerability (CVE-2020-0665) MS Rating:
Important
A
privilege escalation vulnerability exists in Active Directory Forest trusts due
to a default setting that lets an attacker in the trusting forest request
delegation of a TGT for an identity from the trusted forest. To exploit this
vulnerability, an attacker would first need to compromise an Active Directory
forest.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0666) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0667) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0675) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0676) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0677) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Error Reporting Manager Privilege Escalation Vulnerability
(CVE-2020-0678) MS Rating: Important
A
privilege escalation vulnerability exists when Windows Error Reporting manager
improperly handles hard links. An attacker who successfully exploited this
vulnerability could overwrite a targeted file leading to an elevated status.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0679) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0680) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Function Discovery Service Privilege Escalation Vulnerability
(CVE-2020-0682) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Function
Discovery Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Installer Privilege Escalation Vulnerability (CVE-2020-0683) MS Rating:
Important
A
privilege escalation vulnerability exists in the Windows Installer when MSI
packages process symbolic links. An attacker who successfully exploited this
vulnerability could bypass access restrictions to add or remove files.
Windows COM Server Privilege Escalation Vulnerability (CVE-2020-0685) MS Rating:
Important
A
privilege escalation vulnerability exists when Windows improperly handles COM
object creation. An attacker who successfully exploited the vulnerability could
run arbitrary code with elevated privileges.
Windows Installer Privilege Escalation Vulnerability (CVE-2020-0686) MS Rating:
Important
A
privilege escalation vulnerability exists in the Windows Installer when MSI
packages process symbolic links. An attacker who successfully exploited this
vulnerability could bypass access restrictions to add or remove files.
Microsoft Secure Boot Security Bypass Vulnerability (CVE-2020-0689) MS Rating:
Important
A
security bypass vulnerability exists in secure boot. An attacker who
successfully exploited the vulnerability can bypass secure boot and load
untrusted software.
Windows Information Disclosure Vulnerability (CVE-2020-0698) MS Rating:
Important
An
information disclosure vulnerability exists when the Telephony Service
improperly discloses the contents of its memory. An attacker who successfully
exploited the vulnerability could obtain information to further compromise a
user's system.
Windows Client License Service Privilege Escalation Vulnerability
(CVE-2020-0701) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Client
License Service (ClipSVC) handles objects in memory. An attacker who
successfully exploited the vulnerability could execute code with elevated
permissions.
Surface Hub Security Bypass Vulnerability (CVE-2020-0702) MS Rating: Important
A
security bypass vulnerability exists in Surface Hub when prompting for
credentials. Successful exploitation of the vulnerability could allow an
attacker to access settings which are restricted to Administrators.
Windows Backup Service Privilege Escalation Vulnerability (CVE-2020-0703) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Backup Service
improperly handles file operations. To exploit this vulnerability, an attacker
would first have to gain execution on the victim system.
Windows Wireless Network Manager Privilege Escalation Vulnerability
(CVE-2020-0704) MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Wireless Network
Manager improperly handles memory. To exploit this vulnerability, an attacker
would first have to gain execution on the victim system.
Windows Network Driver Interface Specification (NDIS) Information Disclosure
Vulnerability (CVE-2020-0705) MS Rating: Important
An
information disclosure vulnerability exists when the Windows Network Driver
Interface Specification (NDIS) improperly handles memory. To exploit this
vulnerability, an attacker would first have to gain execution on the victim
system.
Windows IME Privilege Escalation Vulnerability (CVE-2020-0707) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows IME improperly
handles memory. To exploit this vulnerability, an attacker would first have to
gain execution on the victim system.
Windows Imaging Library Remote Code Execution Vulnerability (CVE-2020-0708) MS
Rating: Important
A
remote code execution vulnerability exists when the Windows Imaging Library
improperly handles memory. To exploit this vulnerability, an attacker would
first have to coerce a victim to open a specially crafted file.
DirectX Privilege Escalation Vulnerability (CVE-2020-0709) MS Rating: Important
A
privilege escalation vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could run arbitrary code in kernel mode.
DirectX Information Disclosure Vulnerability (CVE-2020-0714) MS Rating:
Important
An
information disclosure vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could obtain information to further compromise the user's system.
Windows Diagnostics Tracking Service Privilege Escalation Vulnerability
(CVE-2020-0727) MS Rating: Important
A
privilege escalation vulnerability exists when the Connected User Experiences
and Telemetry Service improperly handles file operations. An attacker who
successfully exploited this vulnerability could gain elevated privileges on the
victim system.
Windows Modules Installer Service Information Disclosure Vulnerability
(CVE-2020-0728) MS Rating: Important
An
information vulnerability exists when Windows Modules Installer Service
improperly discloses file information. Successful exploitation of the
vulnerability could allow the attacker to read any file on the file system.
Windows User Profile Service Privilege Escalation Vulnerability (CVE-2020-0730)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows User Profile Service
(ProfSvc) improperly handles symlinks. An attacker who successfully exploited
this vulnerability could delete files and folders in an elevated context.
DirectX Privilege Escalation Vulnerability (CVE-2020-0732) MS Rating: Important
A
privilege escalation vulnerability exists when DirectX improperly handles
objects in memory. An attacker who successfully exploited this vulnerability
could run arbitrary code in kernel mode.
Windows Malicious Software Removal Tool Privilege Escalation Vulnerability
(CVE-2020-0733) MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Malicious Software
Removal Tool (MSRT) improperly handles junctions. To exploit this vulnerability,
an attacker would first have to gain execution on the victim system.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0735) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0737) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the tapisrv. dll
handles objects in memory.
Windows Privilege Escalation Vulnerability (CVE-2020-0739) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the dssvc. dll handles
file creation allowing for a file overwrite or creation in a secured location.
Windows Privilege Escalation Vulnerability (CVE-2020-0740) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0741) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0742) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Privilege Escalation Vulnerability (CVE-2020-0743) MS Rating: Important
A
privilege escalation vulnerability exists in the way that the Connected Devices
Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2020-0747)
MS Rating: Important
A
privilege escalation vulnerability exists when the Windows Data Sharing Service
improperly handles file operations. An attacker who successfully exploited this
vulnerability could run processes in an elevated context.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0748) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Connected Devices Platform Service Elevation of Privilege Vulnerability
(CVE-2020-0749) MS Rating: Important
An
elevation of privilege vulnerability exists in the way that the Connected
Devices Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Connected Devices Platform Service Elevation of Privilege Vulnerability
(CVE-2020-0750) MS Rating: Important
An
elevation of privilege vulnerability exists in the way that the Connected
Devices Platform Service handles objects in memory. An attacker who successfully
exploited the vulnerability could execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0752) MS
Rating: Important
A
privilege escalation vulnerability exists in the way that the Windows Search
Indexer handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Error Reporting Privilege Escalation Vulnerability (CVE-2020-0753) MS
Rating: Important
A
privilege escalation vulnerability exists in Windows Error Reporting (WER) when
WER handles and executes files. The vulnerability could allow Privilege
Escalation if an attacker can successfully exploit it.
Windows Error Reporting Privilege Escalation Vulnerability (CVE-2020-0754) MS
Rating: Important
A
privilege escalation vulnerability exists in Windows Error Reporting (WER) when
WER handles and executes files. The vulnerability could allow Privilege
Escalation if an attacker can successfully exploit it.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0755) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows Key Isolation Service Information Disclosure Vulnerability
(CVE-2020-0756) MS Rating: Important
An
information disclosure vulnerability exists in the Cryptography Next Generation
(CNG) service when it fails to properly handle objects in memory. To exploit
this vulnerability, an attacker would have to log on to an affected system and
run a specially crafted application.
Windows SSH Elevation of Privilege Vulnerability (CVE-2020-0757) MS Rating:
Important
An
elevation of privilege vulnerability exists when Windows improperly handles
Secure Socket Shell remote commands. An attacker who successfully exploited the
vulnerability could run arbitrary code with elevated privileges.
Cumulative Security Updates for Microsoft Windows Kernel
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0668) MS Rating:
Important
A
privilege escalation vulnerability exists in the way that the Windows Kernel
handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0669) MS Rating:
Important
A
privilege escalation vulnerability exists in the way that the Windows Kernel
handles objects in memory. An attacker who successfully exploited the
vulnerability could execute code with elevated permissions.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0670) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0671) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0672) MS Rating:
Important
A
privilege escalation vulnerability exists when the Windows kernel fails to
properly handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0691) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Windows
kernel-mode driver fails to properly handle objects in memory. An attacker who
successfully exploited this vulnerability could run arbitrary code in kernel
mode.
Win32k Information Disclosure Vulnerability (CVE-2020-0716) MS Rating: Important
An
information disclosure vulnerability exists when the win32k component improperly
provides kernel information. An attacker who successfully exploited the
vulnerability could obtain information to further compromise the user's system.
Win32k Information Disclosure Vulnerability (CVE-2020-0717) MS Rating: Important
An
information disclosure vulnerability exists when the win32k component improperly
provides kernel information. An attacker who successfully exploited the
vulnerability could obtain information to further compromise the user's system.
Win32k Privilege Escalation Vulnerability (CVE-2020-0719) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0720) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0721) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0722) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0723) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0724) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0725) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0726) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Win32k Privilege Escalation Vulnerability (CVE-2020-0731) MS Rating: Important
A
privilege escalation vulnerability exists in Windows when the Win32k component
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could run arbitrary code in kernel mode.
Windows Kernel Information Disclosure Vulnerability (CVE-2020-0736) MS Rating:
Important
An
information disclosure vulnerability exists when the Windows kernel improperly
handles objects in memory. An attacker who successfully exploited this
vulnerability could obtain information to further compromise the user's system.
Cumulative Security Updates for Windows Hyper-V
Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0661) MS Rating:
Important
A
denial of service vulnerability exists when Microsoft Hyper-V on a host server
fails to properly validate input from a privileged user on a guest operating
system. To exploit the vulnerability, an attacker who already has a privileged
account on a guest operating system, running as a virtual machine, could run a
specially crafted application that causes a host machine to crash.
Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0751) MS Rating:
Important
A
denial of service vulnerability exists when Microsoft Hyper-V on a host server
fails to properly validate specific malicious data from a user on a guest
operating system. To exploit the vulnerability, an attacker who already has a
privileged account on a guest operating system, running as a virtual machine,
could run a specially crafted application.
Cumulative Security Updates for Microsoft Graphics Component
Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-0715) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Windows GDI Information Disclosure Vulnerability (CVE-2020-0744) MS Rating:
Important
An
information disclosure vulnerability exists in the way that the Windows Graphics
Device Interface (GDI) handles objects in memory, allowing an attacker to
retrieve information from a targeted system. By itself, the information
disclosure does not allow arbitrary code execution; however, it could allow
arbitrary code to be run if the attacker uses it in combination with another
vulnerability.
Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-0745) MS
Rating: Important
A
privilege escalation vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2020-0746)
MS Rating: Important
An
information disclosure vulnerability exists in the way that Microsoft Graphics
Components handle objects in memory. An attacker who successfully exploited the
vulnerability could obtain information that could be useful for further
exploitation.
Windows Graphics Component Elevation of Privilege Vulnerability (CVE-2020-0792)
MS Rating: Important
An
elevation of privilege vulnerability exists when the Windows Graphics Component
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Cumulative Security Updates for Microsoft Exchange Server
Microsoft Exchange Memory Corruption Vulnerability (CVE-2020-0688) MS Rating:
Important
A
remote code execution vulnerability exists in Microsoft Exchange software when
the software fails to properly handle objects in memory. An attacker who
successfully exploited the vulnerability could run arbitrary code in the context
of the System user.
Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2020-0692) MS
Rating: Important
A
privilege escalation vulnerability exists in Microsoft Exchange Server. An
attacker who successfully exploited this vulnerability could gain the same
rights as any other user of the Exchange server.
Security Update for SQL Server
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)
MS Rating: Important
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.
Microsoft Patch Tuesday – January
2020
This month the vendor has patched 49 vulnerabilities, 8 of which are rated
Critical.
This month the vendor has patched 49 vulnerabilities, 8 of which are rated
Critical.
As always, customers are advised to follow these security best practices:
Install vendor patches as soon as
they are available.
Run all software with the least privileges required while still maintaining
functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless
specific access is required.
Microsoft's summary of the January 2020 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance
This month's update covers vulnerabilities in:
Internet Explorer
Microsoft Office
Microsoft Windows
Microsoft Windows Kernel
Windows Hyper-V
Microsoft Graphics Component
ASP .NET
.NET Framework
Microsoft Dynamics
Microsoft OneDrive for Android
The following is a breakdown of the issues being addressed this month:
Security Update for Internet Explorer
Internet Explorer Memory Corruption Vulnerability (CVE-2020-0640) MS Rating: Critical
A remote code execution
vulnerability exists when Internet Explorer improperly accesses objects in
memory. The vulnerability could corrupt memory in such a way that an attacker
could execute arbitrary code in the context of the current user.
Cumulative Security Updates for Microsoft Office
Microsoft Office Online Spoofing Vulnerability (CVE-2020-0647) MS Rating: Important
A spoofing vulnerability exists
when Office Online does not validate origin in cross-origin communications
correctly. An attacker could exploit the vulnerability by sending a specially
crafted request to an affected site.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0650) MS Rating:
Important
A remote code execution
vulnerability exists in Microsoft Excel software when the software fails to
properly handle objects in memory. An attacker who successfully exploited the
vulnerability could run arbitrary code in the context of the current user.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0651) MS Rating:
Important
A remote code execution
vulnerability exists in Microsoft Excel software when the software fails to
properly handle objects in memory. An attacker who successfully exploited the
vulnerability could run arbitrary code in the context of the current user.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0652) MS Rating:
Important
A remote code execution
vulnerability exists in Microsoft Office software when the software fails to
properly handle objects in memory. An attacker who successfully exploited the
vulnerability could run arbitrary code in the context of the current user.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0653) MS Rating:
Important
A remote code execution
vulnerability exists in Microsoft Excel software when the software fails to
properly handle objects in memory. An attacker who successfully exploited the
vulnerability could run arbitrary code in the context of the current user.
Cumulative Security Updates for Microsoft Windows
Windows RDP Gateway Server Remote Code Execution Vulnerability (CVE-2020-0610) MS Rating: Critical
A remote code execution
vulnerability exists in the Windows Remote Desktop Protocol (RDP) Gateway Server
when an unauthenticated attacker connects to the target system using RDP and
sends specially crafted requests. This vulnerability is pre-authentication and
requires no user interaction.
Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0611) MS
Rating: Critical
A remote code execution
vulnerability exists in the Windows Remote Desktop Client when a user connects
to a malicious server. An attacker who successfully exploited this vulnerability
could execute arbitrary code on the computer of the connecting client.
Windows RDP Gateway Server Remote Code Execution Vulnerability (CVE-2020-0609)
MS Rating: Critical
A remote code execution
vulnerability exists in the Windows Remote Desktop Protocol (RDP) Gateway Server
when an unauthenticated attacker connects to the target system using RDP and
sends specially crafted requests. This vulnerability is pre-authentication and
requires no user interaction.
Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) MS Rating: Important
A spoofing vulnerability exists in
the way Windows CryptoAPI (Crypt32. dll) validates Elliptic Curve Cryptography
(ECC) certificates.
Windows Remote Desktop Protocol (RDP) Gateway Server Denial of Service
Vulnerability (CVE-2020-0612) MS Rating: Important
A denial of service vulnerability
exists in Remote Desktop Protocol (RDP) Gateway Server when an attacker connects
to the target system using RDP and sends specially crafted requests. An attacker
who successfully exploited this vulnerability could cause the RDP Gateway
service on the target system to stop responding.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0613) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0614) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Common Log File System Driver Information Disclosure Vulnerability
(CVE-2020-0615) MS Rating: Important
An information disclosure
vulnerability exists in the Windows Common Log File System (CLFS) driver when it
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could potentially read data that was not intended
to be disclosed.
Microsoft Windows Denial of Service Vulnerability (CVE-2020-0616) MS Rating:
Important
A denial of service vulnerability
exists when Windows improperly handles hard links. An attacker who successfully
exploited the vulnerability could cause a target system to stop responding.
Microsoft Cryptographic Services Privilege Escalation Vulnerability
(CVE-2020-0620) MS Rating: Important
A privilege escalation
vulnerability exists when Microsoft Cryptographic Services improperly handles
files. An attacker could exploit the vulnerability to overwrite or modify a
protected file leading to a privilege escalation.
Windows Security Bypass Vulnerability (CVE-2020-0621) MS Rating: Important
A security bypass vulnerability
exists in Windows 10 when third party filters are called during a password
update. Successful exploitation of the vulnerability could allow a user to make
use of a blocked password for their account.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0623) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0625) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0626) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0627) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0628) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0629) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0630) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0631) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0632) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0633) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Common Log File System Driver Privilege Escalation Vulnerability
(CVE-2020-0634) MS Rating: Important
A privilege escalation
vulnerability exists when the Windows Common Log File System (CLFS) driver
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Windows Privilege Escalation Vulnerability (CVE-2020-0635) MS Rating: Important
A privilege escalation
vulnerability exists in Microsoft Windows when Windows fails to properly handle
certain symbolic links. An attacker who successfully exploited this
vulnerability could potentially set certain items to run at a higher level and
thereby elevate permissions.
Windows Subsystem for Linux Privilege Escalation Vulnerability (CVE-2020-0636)
MS Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Subsystem for Linux handles
files. An attacker who successfully exploited the vulnerability could execute
code with elevated privileges.
Remote Desktop Web Access Information Disclosure Vulnerability (CVE-2020-0637)
MS Rating: Important
An information disclosure
vulnerability exists when Remote Desktop Web Access improperly handles
credential information. An attacker who successfully exploited this
vulnerability could obtain legitimate users' credentials.
Update Notification Manager Privilege Escalation Vulnerability (CVE-2020-0638)
MS Rating: Important
A privilege escalation
vulnerability exists in the way the Update Notification Manager handles files.
To exploit this vulnerability, an attacker would first have to gain execution on
the victim system. An attacker could then run a specially crafted application to
elevate privileges.
Windows Common Log File System Driver Information Disclosure Vulnerability
(CVE-2020-0639) MS Rating: Important
An information disclosure
vulnerability exists in the Windows Common Log File System (CLFS) driver when it
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could potentially read data that was not intended
to be disclosed.
Microsoft Windows Privilege Escalation Vulnerability (CVE-2020-0641) MS Rating:
Important
A privilege escalation
vulnerability exists in Windows Media Service that allows file creation in
arbitrary locations.
Windows Privilege Escalation Vulnerability (CVE-2020-0644) MS Rating: Important
A privilege escalation
vulnerability exists when Microsoft Windows implements predictable memory
section names. An attacker who successfully exploited this vulnerability could
run arbitrary code as system. An attacker could then install programs; view,
change, or delete data; or create new accounts with full user rights.
Cumulative Security Updates for Microsoft Windows Kernel
Win32k Information Disclosure Vulnerability (CVE-2020-0608) MS Rating: Important
An information disclosure
vulnerability exists when the win32k component improperly provides kernel
information. An attacker who successfully exploited the vulnerability could
obtain information to further compromise the user's system.
Win32k Privilege Escalation Vulnerability (CVE-2020-0642) MS Rating: Important
An information disclosure
vulnerability exists in the way that the Windows Graphics Device Interface Plus
(GDI+) handles objects in memory, allowing an attacker to retrieve information
from a targeted system. By itself, the information disclosure does not allow
arbitrary code execution; however, it could allow arbitrary code to be run if
the attacker uses it in combination with another vulnerability.
Win32k Privilege Escalation Vulnerability (CVE-2020-0624) MS Rating: Important
A privilege escalation
vulnerability exists in Windows when the Win32k component fails to properly
handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Security Update for Windows Hyper-V
Hyper-V Denial of Service Vulnerability (CVE-2020-0617) MS Rating: Important
A denial of service vulnerability
exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly
validate input from a privileged user on a guest operating system. To exploit
the vulnerability, an attacker who already has a privileged account on a guest
operating system, running as a virtual machine, could run a specially crafted
application that causes a host machine to crash.
Cumulative Security Updates for Microsoft Graphics Component
Microsoft Graphics Components Information Disclosure Vulnerability ( CVE-2020-0607 ) MS Rating: Important
An information disclosure
vulnerability exists in the way that Microsoft Graphics Components handle
objects in memory. An attacker who successfully exploited the vulnerability
could obtain information that could be useful for further exploitation.
Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2020-0622) MS Rating: Important
An information disclosure
vulnerability exists when the Microsoft Windows Graphics Component improperly
handles objects in memory. An attacker who successfully exploited the
vulnerability could obtain information to further compromise the user's system.
Windows GDI+ Information Disclosure Vulnerability (CVE-2020-0643) MS Rating:
Important
A privilege escalation
vulnerability exists when Microsoft Windows implements predictable memory
section names. An attacker who successfully exploited this vulnerability could
run arbitrary code as system.
Cumulative Security Updates for ASP .NET
ASP.NET Core Remote Code Execution Vulnerability (CVE-2020-0603) MS Rating: Critical
A remote code execution
vulnerability exists in ASP. NET Core software when the software fails to handle
objects in memory. An attacker who successfully exploited the vulnerability
could run arbitrary code in the context of the current user.
ASP.NET Core Denial of Service Vulnerability (CVE-2020-0602) MS Rating:
Important
A denial of service vulnerability
exists when ASP. NET Core improperly handles web requests. An attacker who
successfully exploited this vulnerability could cause a denial of service
against an ASP.NET Core web application.
Cumulative Security Updates for .NET Framework
.NET Core Remote Code Execution Vulnerability (CVE-2020-0605) MS Rating: Critical
A remote code execution
vulnerability exists in . NET software when the software fails to check the
source markup of a file.
.NET Framework Remote Code Execution Injection Vulnerability (CVE-2020-0606) MS
Rating: Critical
A remote code execution
vulnerability exists in .NET software when the software fails to check the
source markup of a file.
.NET Framework Remote Code Execution Injection Vulnerability (CVE-2020-0646) MS
Rating: Critical
A remote code execution
vulnerability exists when the Microsoft . NET Framework fails to validate input
properly.
Security Update for Microsoft Dynamics
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability (CVE-2020-0656) MS Rating: Important
A cross site scripting
vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly
sanitize a specially crafted web request to an affected Dynamics server. An
authenticated attacker could exploit the vulnerability by sending a specially
crafted request to an affected Dynamics server.
Security Update for Microsoft OneDrive for Android
Microsoft OneDrive for Android Security Bypass Vulnerability (CVE-2020-0654) MS Rating: Important
A security bypass vulnerability exists in Microsoft OneDrive App for Android. This could allow an attacker to bypass the passcode or fingerprint requirements of the App.
Microsoft Patch Tuesday – January
2020
This month the vendor has patched 49 vulnerabilities, 8 of which are rated
Critical.
As always, customers are advised to follow these security best practices:
Install vendor patches as soon as
they are available.
Run all software with the least privileges required while still maintaining
functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless
specific access is required.
Microsoft's summary of the January 2020 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance
This month's update covers vulnerabilities in:
Internet Explorer
Microsoft Office
Microsoft Windows
Microsoft Windows Kernel
Windows Hyper-V
Microsoft Graphics Component
ASP .NET
.NET Framework
Microsoft Dynamics
Microsoft OneDrive for Android
The following is a breakdown of the issues being addressed this month:
Security Update for Internet Explorer
Internet Explorer Memory Corruption Vulnerability (CVE-2020-0640) MS Rating: Critical
A remote code execution
vulnerability exists when Internet Explorer improperly accesses objects in
memory. The vulnerability could corrupt memory in such a way that an attacker
could execute arbitrary code in the context of the current user.
Cumulative Security Updates for Microsoft Office
Microsoft Office Online Spoofing Vulnerability (CVE-2020-0647) MS Rating: Important
A spoofing vulnerability exists
when Office Online does not validate origin in cross-origin communications
correctly. An attacker could exploit the vulnerability by sending a specially
crafted request to an affected site.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0650) MS Rating:
Important
A remote code execution
vulnerability exists in Microsoft Excel software when the software fails to
properly handle objects in memory. An attacker who successfully exploited the
vulnerability could run arbitrary code in the context of the current user.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0651) MS Rating:
Important
A remote code execution
vulnerability exists in Microsoft Excel software when the software fails to
properly handle objects in memory. An attacker who successfully exploited the
vulnerability could run arbitrary code in the context of the current user.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0652) MS Rating:
Important
A remote code execution
vulnerability exists in Microsoft Office software when the software fails to
properly handle objects in memory. An attacker who successfully exploited the
vulnerability could run arbitrary code in the context of the current user.
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0653) MS Rating:
Important
A remote code execution
vulnerability exists in Microsoft Excel software when the software fails to
properly handle objects in memory. An attacker who successfully exploited the
vulnerability could run arbitrary code in the context of the current user.
Cumulative Security Updates for Microsoft Windows
Windows RDP Gateway Server Remote Code Execution Vulnerability (CVE-2020-0610) MS Rating: Critical
A remote code execution
vulnerability exists in the Windows Remote Desktop Protocol (RDP) Gateway Server
when an unauthenticated attacker connects to the target system using RDP and
sends specially crafted requests. This vulnerability is pre-authentication and
requires no user interaction.
Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0611) MS
Rating: Critical
A remote code execution
vulnerability exists in the Windows Remote Desktop Client when a user connects
to a malicious server. An attacker who successfully exploited this vulnerability
could execute arbitrary code on the computer of the connecting client.
Windows RDP Gateway Server Remote Code Execution Vulnerability (CVE-2020-0609)
MS Rating: Critical
A remote code execution
vulnerability exists in the Windows Remote Desktop Protocol (RDP) Gateway Server
when an unauthenticated attacker connects to the target system using RDP and
sends specially crafted requests. This vulnerability is pre-authentication and
requires no user interaction.
Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) MS Rating: Important
A spoofing vulnerability exists in
the way Windows CryptoAPI (Crypt32. dll) validates Elliptic Curve Cryptography
(ECC) certificates.
Windows Remote Desktop Protocol (RDP) Gateway Server Denial of Service
Vulnerability (CVE-2020-0612) MS Rating: Important
A denial of service vulnerability
exists in Remote Desktop Protocol (RDP) Gateway Server when an attacker connects
to the target system using RDP and sends specially crafted requests. An attacker
who successfully exploited this vulnerability could cause the RDP Gateway
service on the target system to stop responding.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0613) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0614) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Common Log File System Driver Information Disclosure Vulnerability
(CVE-2020-0615) MS Rating: Important
An information disclosure
vulnerability exists in the Windows Common Log File System (CLFS) driver when it
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could potentially read data that was not intended
to be disclosed.
Microsoft Windows Denial of Service Vulnerability (CVE-2020-0616) MS Rating:
Important
A denial of service vulnerability
exists when Windows improperly handles hard links. An attacker who successfully
exploited the vulnerability could cause a target system to stop responding.
Microsoft Cryptographic Services Privilege Escalation Vulnerability
(CVE-2020-0620) MS Rating: Important
A privilege escalation
vulnerability exists when Microsoft Cryptographic Services improperly handles
files. An attacker could exploit the vulnerability to overwrite or modify a
protected file leading to a privilege escalation.
Windows Security Bypass Vulnerability (CVE-2020-0621) MS Rating: Important
A security bypass vulnerability
exists in Windows 10 when third party filters are called during a password
update. Successful exploitation of the vulnerability could allow a user to make
use of a blocked password for their account.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0623) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0625) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0626) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0627) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0628) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0629) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0630) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0631) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0632) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0633) MS
Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Search Indexer handles objects
in memory. An attacker who successfully exploited the vulnerability could
execute code with elevated permissions.
Windows Common Log File System Driver Privilege Escalation Vulnerability
(CVE-2020-0634) MS Rating: Important
A privilege escalation
vulnerability exists when the Windows Common Log File System (CLFS) driver
improperly handles objects in memory. An attacker who successfully exploited
this vulnerability could run processes in an elevated context.
Windows Privilege Escalation Vulnerability (CVE-2020-0635) MS Rating: Important
A privilege escalation
vulnerability exists in Microsoft Windows when Windows fails to properly handle
certain symbolic links. An attacker who successfully exploited this
vulnerability could potentially set certain items to run at a higher level and
thereby elevate permissions.
Windows Subsystem for Linux Privilege Escalation Vulnerability (CVE-2020-0636)
MS Rating: Important
A privilege escalation
vulnerability exists in the way that the Windows Subsystem for Linux handles
files. An attacker who successfully exploited the vulnerability could execute
code with elevated privileges.
Remote Desktop Web Access Information Disclosure Vulnerability (CVE-2020-0637)
MS Rating: Important
An information disclosure
vulnerability exists when Remote Desktop Web Access improperly handles
credential information. An attacker who successfully exploited this
vulnerability could obtain legitimate users' credentials.
Update Notification Manager Privilege Escalation Vulnerability (CVE-2020-0638)
MS Rating: Important
A privilege escalation
vulnerability exists in the way the Update Notification Manager handles files.
To exploit this vulnerability, an attacker would first have to gain execution on
the victim system. An attacker could then run a specially crafted application to
elevate privileges.
Windows Common Log File System Driver Information Disclosure Vulnerability
(CVE-2020-0639) MS Rating: Important
An information disclosure
vulnerability exists in the Windows Common Log File System (CLFS) driver when it
fails to properly handle objects in memory. An attacker who successfully
exploited this vulnerability could potentially read data that was not intended
to be disclosed.
Microsoft Windows Privilege Escalation Vulnerability (CVE-2020-0641) MS Rating:
Important
A privilege escalation
vulnerability exists in Windows Media Service that allows file creation in
arbitrary locations.
Windows Privilege Escalation Vulnerability (CVE-2020-0644) MS Rating: Important
A privilege escalation
vulnerability exists when Microsoft Windows implements predictable memory
section names. An attacker who successfully exploited this vulnerability could
run arbitrary code as system. An attacker could then install programs; view,
change, or delete data; or create new accounts with full user rights.
Cumulative Security Updates for Microsoft Windows Kernel
Win32k Information Disclosure Vulnerability (CVE-2020-0608) MS Rating: Important
An information disclosure
vulnerability exists when the win32k component improperly provides kernel
information. An attacker who successfully exploited the vulnerability could
obtain information to further compromise the user's system.
Win32k Privilege Escalation Vulnerability (CVE-2020-0642) MS Rating: Important
An information disclosure
vulnerability exists in the way that the Windows Graphics Device Interface Plus
(GDI+) handles objects in memory, allowing an attacker to retrieve information
from a targeted system. By itself, the information disclosure does not allow
arbitrary code execution; however, it could allow arbitrary code to be run if
the attacker uses it in combination with another vulnerability.
Win32k Privilege Escalation Vulnerability (CVE-2020-0624) MS Rating: Important
A privilege escalation
vulnerability exists in Windows when the Win32k component fails to properly
handle objects in memory. An attacker who successfully exploited this
vulnerability could run arbitrary code in kernel mode.
Security Update for Windows Hyper-V
Hyper-V Denial of Service Vulnerability (CVE-2020-0617) MS Rating: Important
A denial of service vulnerability
exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly
validate input from a privileged user on a guest operating system. To exploit
the vulnerability, an attacker who already has a privileged account on a guest
operating system, running as a virtual machine, could run a specially crafted
application that causes a host machine to crash.
Cumulative Security Updates for Microsoft Graphics Component
Microsoft Graphics Components Information Disclosure Vulnerability ( CVE-2020-0607 ) MS Rating: Important
An information disclosure
vulnerability exists in the way that Microsoft Graphics Components handle
objects in memory. An attacker who successfully exploited the vulnerability
could obtain information that could be useful for further exploitation.
Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2020-0622) MS Rating: Important
An information disclosure
vulnerability exists when the Microsoft Windows Graphics Component improperly
handles objects in memory. An attacker who successfully exploited the
vulnerability could obtain information to further compromise the user's system.
Windows GDI+ Information Disclosure Vulnerability (CVE-2020-0643) MS Rating:
Important
A privilege escalation
vulnerability exists when Microsoft Windows implements predictable memory
section names. An attacker who successfully exploited this vulnerability could
run arbitrary code as system.
Cumulative Security Updates for ASP .NET
ASP.NET Core Remote Code Execution Vulnerability (CVE-2020-0603) MS Rating: Critical
A remote code execution
vulnerability exists in ASP. NET Core software when the software fails to handle
objects in memory. An attacker who successfully exploited the vulnerability
could run arbitrary code in the context of the current user.
ASP.NET Core Denial of Service Vulnerability (CVE-2020-0602) MS Rating:
Important
A denial of service vulnerability
exists when ASP. NET Core improperly handles web requests. An attacker who
successfully exploited this vulnerability could cause a denial of service
against an ASP.NET Core web application.
Cumulative Security Updates for .NET Framework
.NET Core Remote Code Execution Vulnerability (CVE-2020-0605) MS Rating: Critical
A remote code execution
vulnerability exists in . NET software when the software fails to check the
source markup of a file.
.NET Framework Remote Code Execution Injection Vulnerability (CVE-2020-0606) MS
Rating: Critical
A remote code execution
vulnerability exists in .NET software when the software fails to check the
source markup of a file.
.NET Framework Remote Code Execution Injection Vulnerability (CVE-2020-0646) MS
Rating: Critical
A remote code execution
vulnerability exists when the Microsoft . NET Framework fails to validate input
properly.
Security Update for Microsoft Dynamics
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability (CVE-2020-0656) MS Rating: Important
A cross site scripting
vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly
sanitize a specially crafted web request to an affected Dynamics server. An
authenticated attacker could exploit the vulnerability by sending a specially
crafted request to an affected Dynamics server.
Security Update for Microsoft OneDrive for Android
Microsoft OneDrive for Android Security Bypass Vulnerability (CVE-2020-0654) MS Rating: Important
A security bypass vulnerability exists in Microsoft OneDrive App for Android. This could allow an attacker to bypass the passcode or fingerprint requirements of the App.