Microsoft August 2020 Patch Tuesday, (Tue, Aug 11th)

This month we got patches for 120 vulnerabilities total. According to Microsoft, two of them are being exploited (CVE-2020-1380 and CVE-2020-1464), and one was previously disclosed (CVE-2020-1464).

The previously known and already exploited vulnerability (CVE-2020-1464) is a Windows Spoofing Vulnerability, which may cause incorrect signature validation for files. An attacker could exploit this vulnerability to bypass security features and load improperly signed files.

The other exploited vulnerability (CVE-2020-1380) is a remote code execution (RCE) affecting Internet Explorer. It is related to the way the script engine handles objects in memory. An attacker who exploits this vulnerability could gain the same user privileges on the system.

The highest CVSS score this month (8.80) was associated with three vulnerabilities: CVE-2020-1509, CVE-2020-1585, and CVE-2020-1472. The CVE-2020-1509 is an LSASS Elevation of Privilege Vulnerability. An authenticated attacker could exploit this vulnerability by sending a specially crafted authentication request. The CVE-2020-1585 is a Microsoft Windows Codecs Library RCE Vulnerability. An attacker could exploit this vulnerability opening a specially crafted image file and take control of the affected system.

The third CVSS 8.80 (CVE-2020-1472) is a Netlogon Elevation of Privilege Vulnerability and is a little bit trickier to patch. An unauthenticated attacker would be required to use the Netlogon Remote Protocol (MS-NRPC) to connect to a domain controller to obtain domain administrator access. Microsoft is addressing this vulnerability in a two-part phase rollout and requires additional steps in addition to applying the updates. The second phase of the update will be available in February 2021. There is a special guideline on how to manage changes required for this vulnerability at https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc

See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Framework Remote Code Execution Vulnerability
%%cve:2020-1046%% No No Less Likely Less Likely Critical    
ASP.NET Core Denial of Service Vulnerability
%%cve:2020-1597%% No No Less Likely Less Likely Important    
ASP.NET and .NET Elevation of Privilege Vulnerability
%%cve:2020-1476%% No No Less Likely Less Likely Important    
Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
%%cve:2020-1511%% No No Less Likely Less Likely Important 7.8 7.0
DirectWrite Information Disclosure Vulnerability
%%cve:2020-1577%% No No Less Likely Less Likely Important 5.5 5.0
DirectX Elevation of Privilege Vulnerability
%%cve:2020-1479%% No No Less Likely Less Likely Important 7.0 6.3
Jet Database Engine Remote Code Execution Vulnerability
%%cve:2020-1473%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1557%% No No Less Likely Less Likely Important    
%%cve:2020-1558%% No No Less Likely Less Likely Important    
%%cve:2020-1564%% No No Less Likely Less Likely Important    
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
%%cve:2020-1509%% No No Less Likely Less Likely Important 8.8 7.9
MSHTML Engine Remote Code Execution Vulnerability
%%cve:2020-1567%% No No More Likely More Likely Critical 6.4 5.8
Media Foundation Information Disclosure Vulnerability
%%cve:2020-1487%% No No Less Likely Less Likely Important 5.5 5.0
Media Foundation Memory Corruption Vulnerability
%%cve:2020-1525%% No No Less Likely Less Likely Critical 7.8 7.0
%%cve:2020-1379%% No No Less Likely Less Likely Critical 7.8 7.0
%%cve:2020-1477%% No No Less Likely Less Likely Critical 7.8 7.0
%%cve:2020-1478%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1492%% No No Less Likely Less Likely Critical 7.8 7.0
%%cve:2020-1554%% No No Less Likely Less Likely Critical 8.0 7.6
Microsoft Access Remote Code Execution Vulnerability
%%cve:2020-1582%% No No Less Likely Less Likely Important    
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
%%cve:2020-1591%% No No Important    
Microsoft Edge Memory Corruption Vulnerability
%%cve:2020-1569%% No No Important 4.2 3.8
Microsoft Edge PDF Remote Code Execution Vulnerability
%%cve:2020-1568%% No No Critical 4.2 3.8
Microsoft Excel Information Disclosure Vulnerability
%%cve:2020-1497%% No No Less Likely Less Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2020-1494%% No No Less Likely Less Likely Important    
%%cve:2020-1495%% No No Less Likely Less Likely Important    
%%cve:2020-1496%% No No Less Likely Less Likely Important    
%%cve:2020-1498%% No No Less Likely Less Likely Important    
%%cve:2020-1504%% No No Important    
Microsoft Graphics Components Remote Code Execution Vulnerability
%%cve:2020-1561%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1562%% No No Less Likely Less Likely Important 7.8 7.0
Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
%%cve:2020-1581%% No No Less Likely Less Likely Important    
Microsoft Office Remote Code Execution Vulnerability
%%cve:2020-1563%% No No Less Likely Less Likely Important    
Microsoft Office SharePoint XSS Vulnerability
%%cve:2020-1573%% No No Less Likely Less Likely Important    
%%cve:2020-1580%% No No Less Likely Less Likely Important    
Microsoft Outlook Information Disclosure Vulnerability
%%cve:2020-1493%% No No Less Likely Less Likely Important    
Microsoft Outlook Memory Corruption Vulnerability
%%cve:2020-1483%% No No Less Likely Less Likely Critical    
Microsoft SQL Server Management Studio Denial of Service Vulnerability
%%cve:2020-1455%% No No Important    
Microsoft SharePoint Information Disclosure Vulnerability
%%cve:2020-1505%% No No Less Likely Less Likely Important    
Microsoft SharePoint Spoofing Vulnerability
%%cve:2020-1499%% No No Less Likely Less Likely Important    
%%cve:2020-1500%% No No Less Likely Less Likely Important    
%%cve:2020-1501%% No No Less Likely Less Likely Important    
Microsoft Windows Codecs Library Remote Code Execution Vulnerability
%%cve:2020-1560%% No No Critical 7.3 6.6
%%cve:2020-1574%% No No Less Likely Less Likely Critical 7.3 6.6
%%cve:2020-1585%% No No Critical 8.8 7.9
Microsoft Word Information Disclosure Vulnerability
%%cve:2020-1502%% No No Less Likely Less Likely Important    
%%cve:2020-1503%% No No Less Likely Less Likely Important    
%%cve:2020-1583%% No No Less Likely Less Likely Important    
Netlogon Elevation of Privilege Vulnerability
%%cve:2020-1472%% No No Less Likely Less Likely Critical 8.8 7.9
Scripting Engine Memory Corruption Vulnerability
%%cve:2020-1380%% Yes Yes Critical 6.4 5.8
%%cve:2020-1555%% No No Critical    
%%cve:2020-1570%% No No More Likely More Likely Critical 6.4 5.8
Visual Studio Code Remote Code Execution Vulnerability
%%cve:2020-0604%% No No Less Likely Less Likely Important    
Win32k Information Disclosure Vulnerability
%%cve:2020-1510%% No No Less Likely Less Likely Important 5.5 5.0
Windows ARM Information Disclosure Vulnerability
%%cve:2020-1459%% No No Less Likely Less Likely Important 5.5 5.0
Windows Accounts Control Elevation of Privilege Vulnerability
%%cve:2020-1531%% No No Less Likely Less Likely Important 7.8 7.0
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
%%cve:2020-1587%% No No More Likely More Likely Important 7.8 7.0
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
%%cve:2020-1488%% No No Less Likely Less Likely Important 7.8 7.0
Windows Backup Engine Elevation of Privilege Vulnerability
%%cve:2020-1535%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1536%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1539%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1540%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1541%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1542%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1543%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1544%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1545%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1546%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1547%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1551%% No No Less Likely Less Likely Important 7.8 7.0
Windows Backup Service Elevation of Privilege Vulnerability
%%cve:2020-1534%% No No Less Likely Less Likely Important 7.8 7.0
Windows CDP User Components Elevation of Privilege Vulnerability
%%cve:2020-1549%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1550%% No No Less Likely Less Likely Important 7.8 7.0
Windows CSC Service Elevation of Privilege Vulnerability
%%cve:2020-1489%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1513%% No No Less Likely Less Likely Important 7.8 7.0
Windows Custom Protocol Engine Elevation of Privilege Vulnerability
%%cve:2020-1527%% No No Less Likely Less Likely Important 7.8 7.0
Windows Elevation of Privilege Vulnerability
%%cve:2020-1565%% No No Less Likely Less Likely Important    
Windows File Server Resource Management Service Elevation of Privilege Vulnerability
%%cve:2020-1517%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1518%% No No Less Likely Less Likely Important 7.8 7.0
Windows Font Driver Host Remote Code Execution Vulnerability
%%cve:2020-1520%% No No Less Likely Less Likely Important 7.8 7.0
Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability
%%cve:2020-1579%% No No Less Likely Less Likely Important 7.8 7.0
Windows GDI Elevation of Privilege Vulnerability
%%cve:2020-1529%% No No More Likely More Likely Important 7.8 7.0
%%cve:2020-1480%% No No More Likely More Likely Important 7.8 7.0
Windows Hard Link Elevation of Privilege Vulnerability
%%cve:2020-1467%% No No Less Likely Less Likely Important 7.8 7.0
Windows Image Acquisition Service Information Disclosure Vulnerability
%%cve:2020-1474%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2020-1485%% No No Less Likely Less Likely Important 5.0 4.5
Windows Kernel Elevation of Privilege Vulnerability
%%cve:2020-1417%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1486%% No No Less Likely Less Likely Important    
%%cve:2020-1566%% No No More Likely More Likely Important    
Windows Kernel Information Disclosure Vulnerability
%%cve:2020-1578%% No No More Likely More Likely Important 5.5 5.0
Windows Media Remote Code Execution Vulnerability
%%cve:2020-1339%% No No Less Likely Less Likely Critical 7.3 6.6
Windows Network Connection Broker Elevation of Privilege Vulnerability
%%cve:2020-1526%% No No Less Likely Less Likely Important 7.8 7.0
Windows Print Spooler Elevation of Privilege Vulnerability
%%cve:2020-1337%% No No Less Likely Less Likely Important 7.8 7.0
Windows RRAS Service Information Disclosure Vulnerability
%%cve:2020-1383%% No No Less Likely Less Likely Important 5.5 5.0
Windows Radio Manager API Elevation of Privilege Vulnerability
%%cve:2020-1528%% No No Less Likely Less Likely Important 7.8 7.0
Windows Registry Elevation of Privilege Vulnerability
%%cve:2020-1377%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1378%% No No Less Likely Less Likely Important 7.8 7.0
Windows Remote Access Elevation of Privilege Vulnerability
%%cve:2020-1530%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1537%% No No Less Likely Less Likely Important 7.8 7.0
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
%%cve:2020-1466%% No No Important 7.5 6.7
Windows Runtime Elevation of Privilege Vulnerability
%%cve:2020-1553%% No No Less Likely Less Likely Important 7.8 7.0
Windows Server Resource Management Service Elevation of Privilege Vulnerability
%%cve:2020-1475%% No No Less Likely Less Likely Important 7.0 6.3
Windows Setup Elevation of Privilege Vulnerability
%%cve:2020-1571%% No No Less Likely Less Likely Important 7.8 7.0
Windows Speech Runtime Elevation of Privilege Vulnerability
%%cve:2020-1521%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1522%% No No Less Likely Less Likely Important 7.8 7.0
Windows Speech Shell Components Elevation of Privilege Vulnerability
%%cve:2020-1524%% No No Less Likely Less Likely Important 7.8 7.0
Windows Spoofing Vulnerability
%%cve:2020-1464%% Yes No Detected Detected Important 5.3 5.1
Windows State Repository Service Information Disclosure Vulnerability
%%cve:2020-1512%% No No Less Likely Less Likely Important 5.5 5.0
Windows Storage Service Elevation of Privilege Vulnerability
%%cve:2020-1490%% No No Less Likely Less Likely Important 7.0 6.3
Windows Telephony Server Elevation of Privilege Vulnerability
%%cve:2020-1515%% No No Less Likely Less Likely Important 7.8 7.0
Windows UPnP Device Host Elevation of Privilege Vulnerability
%%cve:2020-1519%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1538%% No No Less Likely Less Likely Important 7.8 7.0
Windows WaasMedic Service Information Disclosure Vulnerability
%%cve:2020-1548%% No No Less Likely Less Likely Important 7.8 7.0
Windows WalletService Elevation of Privilege Vulnerability
%%cve:2020-1533%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1556%% No No Less Likely Less Likely Important    
Windows Work Folder Service Elevation of Privilege Vulnerability
%%cve:2020-1552%% No No Less Likely Less Likely Important    
Windows Work Folders Service Elevation of Privilege Vulnerability
%%cve:2020-1470%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1516%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1484%% No No Less Likely Less Likely Important 7.8 7.0
Windows dnsrslvr.dll Elevation of Privilege Vulnerability
%%cve:2020-1584%% No No More Likely More Likely Important 7.8 7.0


Renato Marinho
Morphus Labs| LinkedIn|Twitter

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

CyberSafe-WP-Admin