Microsoft July 2020 Patch Tuesday – Patch Now!, (Tue, Jul 14th)

This month we got patches for 123 vulnerabilities. Of these, 17 are critical and 2 were previously disclosed.

Amongst critical vulnerabilities, there is a critical remote code execution (RCE) vulnerability (CVE-2020-1350) affecting Windows DNS Server on multiple Windows Server versions, including 2008, 2012, 2016 and 2019. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account.

The DNS Server vulnerability scores a perfect 10 CVSS and is considered wormable, which means it has the potential to spread via malware vulnerable computers without user interaction. Microsoft advises everyone running DNS servers to apply the security update as soon as possible. For those unable to apply the patch right way, Microsoft recommends the application of a workaround, described on the CVE-2020-1350 vulnerability advisory details. The workarround consists on a registry modification and requires just the service restart – no need to reboot the OS. There is a special guidance for the DNS Server vulnerability including further details about the workaround here: https://support.microsoft.com/en-us/help/4569509/windows-dns-server-remote-code-execution-vulnerability

There is also a critical RCE vulnerability affecting Windows Graphics Device Interface (GDI) (CVE-2020-1435). An attacker could exploit this vulnerability by convincing users to view a specially crafted website or sending them an e-mail attachment with a malicious attachment. The CVSS score for this one is 8.80.

A third RCE worth mentioning in today’s diary affects Hyper-V RemoteFX vGPU (CVE-2020-1036). To exploit this vulnerability, an attacker could run a specially crafted application on a guest operating system, attacking certain third-party video drivers running on the Hyper-V host. This could then cause the host operating system to execute arbitrary code. There is no patch for this vulnerability yet. According to the vulnerability FAQ, If you are running Windows Server 2016 or Windows Server 2019, Microsoft recommends the use of Discrete Device Assignment (DDA) as opposed to RemoteFX vGPU to enable graphics virtualization. For more details, read: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1036

See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability
%%cve:2020-1147%%	No	No	More Likely	More Likely	Critical
Azure DevOps Server Cross-site Scripting Vulnerability
%%cve:2020-1326%%	No	No	Less Likely	Less Likely	Important
Bond Denial of Service Vulnerability
%%cve:2020-1469%%	No	No	Less Likely	Less Likely	Important
Connected User Experiences and Telemetry Service Information Disclosure Vulnerability
%%cve:2020-1386%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
DirectWrite Remote Code Execution Vulnerability
%%cve:2020-1409%%	No	No	Less Likely	Less Likely	Critical	7.8	7.0
GDI+ Remote Code Execution Vulnerability
%%cve:2020-1435%%	No	No	Less Likely	Less Likely	Critical	8.8	7.9
Group Policy Services Policy Processing Elevation of Privilege Vulnerability
%%cve:2020-1333%%	No	No	Less Likely	Less Likely	Important	6.7	6.0
Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
%%cve:2020-1032%%	No	No	Less Likely	Less Likely	Critical	8.0	7.6
%%cve:2020-1036%%	No	No	Less Likely	Less Likely	Critical	8.0	7.6
%%cve:2020-1040%%	No	No	Less Likely	Less Likely	Critical	8.0	7.6
%%cve:2020-1041%%	No	No	Less Likely	Less Likely	Critical	8.0	7.6
%%cve:2020-1043%%	No	No	Less Likely	Less Likely	Critical	8.0	7.6
%%cve:2020-1042%%	No	No	Less Likely	Less Likely	Critical	8.0	7.6
Jet Database Engine Remote Code Execution Vulnerability
%%cve:2020-1400%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1401%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1407%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
LNK Remote Code Execution Vulnerability
%%cve:2020-1421%%	No	No	Less Likely	Less Likely	Critical	7.5	6.7
Local Security Authority Subsystem Service Denial of Service Vulnerability
%%cve:2020-1267%%	No	No	Less Likely	Less Likely	Important	4.9	4.4
Microsoft Defender Elevation of Privilege Vulnerability
%%cve:2020-1461%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Microsoft Edge PDF Information Disclosure Vulnerability
%%cve:2020-1433%%	No	No	Less Likely	Less Likely	Important	4.3	3.9
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2020-1240%%	No	No	Less Likely	Less Likely	Important
Microsoft Graphics Component Information Disclosure Vulnerability
%%cve:2020-1351%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
Microsoft Graphics Components Remote Code Execution Vulnerability
%%cve:2020-1412%%	No	No	Less Likely	Less Likely	Important	7.5	6.7
Microsoft Graphics Remote Code Execution Vulnerability
%%cve:2020-1408%%	No	No	Less Likely	Less Likely	Important	8.8	7.9
Microsoft Guidance for Enabling Request Smuggling Filter on IIS Servers
ADV200008	No	No	Less Likely	Less Likely	Important
Microsoft Office Elevation of Privilege Vulnerability
%%cve:2020-1025%%	No	No	Less Likely	Less Likely	Critical
Microsoft Office Information Disclosure Vulnerability
%%cve:2020-1342%%	No	No	Less Likely	Less Likely	Important
%%cve:2020-1445%%	No	No	Less Likely	Less Likely	Important
Microsoft Office Remote Code Execution Vulnerability
%%cve:2020-1458%%	No	No	Less Likely	Less Likely	Important
Microsoft Office SharePoint XSS Vulnerability
%%cve:2020-1456%%	No	No	Less Likely	Less Likely	Important
%%cve:2020-1450%%	No	No	Less Likely	Less Likely	Important
%%cve:2020-1451%%	No	No	Less Likely	Less Likely	Important
Microsoft OneDrive Elevation of Privilege Vulnerability
%%cve:2020-1465%%	No	No	Less Likely	Less Likely	Important
Microsoft Outlook Remote Code Execution Vulnerability
%%cve:2020-1349%%	No	No	Less Likely	Less Likely	Critical
Microsoft Project Remote Code Execution Vulnerability
%%cve:2020-1449%%	No	No	Less Likely	Less Likely	Important
Microsoft SharePoint Reflective XSS Vulnerability
%%cve:2020-1454%%	No	No	Less Likely	Less Likely	Important
Microsoft SharePoint Remote Code Execution Vulnerability
%%cve:2020-1444%%	No	No	Less Likely	Less Likely	Important
Microsoft SharePoint Spoofing Vulnerability
%%cve:2020-1443%%	No	No	Less Likely	Less Likely	Important
Microsoft Word Remote Code Execution Vulnerability
%%cve:2020-1446%%	No	No	Less Likely	Less Likely	Important
%%cve:2020-1447%%	No	No	Less Likely	Less Likely	Important
%%cve:2020-1448%%	No	No	Less Likely	Less Likely	Important
Office Web Apps XSS Vulnerability
%%cve:2020-1442%%	No	No	Less Likely	Less Likely	Important
PerformancePoint Services Remote Code Execution Vulnerability
%%cve:2020-1439%%	No	No	Less Likely	Less Likely	Critical
Remote Desktop Client Remote Code Execution Vulnerability
%%cve:2020-1374%%	No	No	More Likely	More Likely	Critical	7.5	6.7
Skype for Business via Internet Explorer Information Disclosure Vulnerability
%%cve:2020-1432%%	No	No	Less Likely	Less Likely	Important	2.4	2.2
Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability
%%cve:2020-1462%%	No	No	Less Likely	Less Likely	Important	4.3	3.9
VBScript Remote Code Execution Vulnerability
%%cve:2020-1403%%	No	No	More Likely	More Likely	Critical	6.4	5.8
Visual Studio Code ESLint Extention Remote Code Execution Vulnerability
%%cve:2020-1481%%	No	No	Less Likely	Less Likely	Important
Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability
%%cve:2020-1416%%	No	No	Less Likely	Less Likely	Important
Windows ALPC Elevation of Privilege Vulnerability
%%cve:2020-1396%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows ActiveX Installer Service Elevation of Privilege Vulnerability
%%cve:2020-1402%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Address Book Remote Code Execution Vulnerability
%%cve:2020-1410%%	No	No	Less Likely	Less Likely	Critical	7.8	7.0
Windows Agent Activation Runtime Information Disclosure Vulnerability
%%cve:2020-1391%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
%%cve:2020-1431%%	No	No	Less Likely	Less Likely	Important	7.1	6.4
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
%%cve:2020-1359%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1384%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows COM Server Elevation of Privilege Vulnerability
%%cve:2020-1375%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Credential Enrollment Manager Service Elevation of Privilege Vulnerability
%%cve:2020-1368%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Credential Picker Elevation of Privilege Vulnerability
%%cve:2020-1385%%	No	No	Less Likely	Less Likely	Important	4.5	4.1
Windows DNS Server Remote Code Execution Vulnerability
%%cve:2020-1350%%	No	No	More Likely	More Likely	Critical	10.0	9.0
Windows Diagnostics Hub Elevation of Privilege Vulnerability
%%cve:2020-1418%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1393%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Elevation of Privilege Vulnerability
%%cve:2020-1388%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
%%cve:2020-1392%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1394%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1395%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Error Reporting Information Disclosure Vulnerability
%%cve:2020-1420%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Error Reporting Manager Elevation of Privilege Vulnerability
%%cve:2020-1429%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows Event Logging Service Elevation of Privilege Vulnerability
%%cve:2020-1365%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1371%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Font Driver Host Remote Code Execution Vulnerability
%%cve:2020-1355%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Font Library Remote Code Execution Vulnerability
%%cve:2020-1436%%	No	No	Less Likely	Less Likely	Critical	8.8	7.9
Windows Function Discovery Service Elevation of Privilege Vulnerability
%%cve:2020-1085%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows GDI Information Disclosure Vulnerability
%%cve:2020-1468%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Graphics Component Elevation of Privilege Vulnerability
%%cve:2020-1381%%	No	No	More Likely	More Likely	Important	7.8	7.0
%%cve:2020-1382%%	No	No	More Likely	More Likely	Important	7.8	7.0
Windows Imaging Component Information Disclosure Vulnerability
%%cve:2020-1397%%	No	No	Less Likely	Less Likely	Important	4.3	3.9
Windows Kernel Elevation of Privilege Vulnerability
%%cve:2020-1336%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1411%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Kernel Information Disclosure Vulnerability
%%cve:2020-1419%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
%%cve:2020-1367%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
%%cve:2020-1389%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
%%cve:2020-1426%%	No	No	More Likely	More Likely	Important	5.5	5.0
Windows Lockscreen Elevation of Privilege Vulnerability
%%cve:2020-1398%%	No	No	Less Likely	Less Likely	Important	6.8	6.1
Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability
%%cve:2020-1372%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1405%%	No	No	Less Likely	Less Likely	Important	7.1	6.4
Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability
%%cve:2020-1330%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Modules Installer Elevation of Privilege Vulnerability
%%cve:2020-1346%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Network Connections Service Elevation of Privilege Vulnerability
%%cve:2020-1373%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1390%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1427%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
%%cve:2020-1428%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
%%cve:2020-1438%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows Network List Service Elevation of Privilege Vulnerability
%%cve:2020-1406%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows Network Location Awareness Service Elevation of Privilege Vulnerability
%%cve:2020-1437%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows Picker Platform Elevation of Privilege Vulnerability
%%cve:2020-1363%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Print Workflow Service Elevation of Privilege Vulnerability
%%cve:2020-1366%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows Profile Service Elevation of Privilege Vulnerability
%%cve:2020-1360%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Push Notification Service Elevation of Privilege Vulnerability
%%cve:2020-1387%%	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows Resource Policy Information Disclosure Vulnerability
%%cve:2020-1358%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Runtime Elevation of Privilege Vulnerability
%%cve:2020-1422%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1353%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1370%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1399%%	No	No	More Likely	More Likely	Important	7.8	7.0
%%cve:2020-1404%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1413%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1414%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1415%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1249%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows SharedStream Library Elevation of Privilege Vulnerability
%%cve:2020-1463%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Storage Services Elevation of Privilege Vulnerability
%%cve:2020-1347%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Subsystem for Linux Elevation of Privilege Vulnerability
%%cve:2020-1423%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Sync Host Service Elevation of Privilege Vulnerability
%%cve:2020-1434%%	No	No	Less Likely	Less Likely	Important	4.5	4.1
Windows System Events Broker Elevation of Privilege Vulnerability
%%cve:2020-1357%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows UPnP Device Host Elevation of Privilege Vulnerability
%%cve:2020-1354%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1430%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows USO Core Worker Elevation of Privilege Vulnerability
%%cve:2020-1352%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Update Stack Elevation of Privilege Vulnerability
%%cve:2020-1424%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows WalletService Denial of Service Vulnerability
%%cve:2020-1364%%	No	No	Less Likely	Less Likely	Important	7.1	6.4
Windows WalletService Elevation of Privilege Vulnerability
%%cve:2020-1344%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1362%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
%%cve:2020-1369%%	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows WalletService Information Disclosure Vulnerability
%%cve:2020-1361%%	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows iSCSI Target Service Elevation of Privilege Vulnerability
%%cve:2020-1356%%	No	No	Less Likely	Less Likely	Important	7.8	7.0

—
Renato Marinho
Morphus Labs| LinkedIn|Twitter

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

Cyber Safe NV

Microsoft July 2020 Patch Tuesday – Patch Now!, (Tue, Jul 14th)

Related Posts

CyberSafe-WP-Admin