Microsoft Patch Tuesday for February 2020
This month we got patches for 99 vulnerabilities total. Five of them have been previously disclosed, and one was being exploited, according to Microsoft.
One of the patches fixes the CVE-2020-0674, a 0-day affecting Script Engine on Internet Explorer that has been exploited in the wild. Microsoft released an out-of-band advisory for this vulnerability on Jan, 17 ADV200001 [1] suggesting mitigations for the vulnerability - now fixed. The vulnerability could allow a malicious content to corrupt the memory in such a way an attacker could execute arbitrary code in the context of the current user.
Among the other 16 RCE vulnerabilities, it's worth also mentioning CVE-2020-0738, a memory corruption vulnerability in Media Foundation. An attacker who successfully exploited the vulnerability could allow an attacker to run arbitrary code on the impacted system. The CVSS v3 for this vulnerability is 8.80 - the highest for this month's Patch Tuesday.
It's also worth mentioning an elevation of privilege vulnerability affecting Windows SSH (CVE-2020-0757). The way Windows improperly handles Security Shell remote commands may allow an attacker to exploit the vulnerability and run arbitrary code with elevated privileges. To exploit the vulnerability, the attacker would first log into the system and run a specially crafted application.
See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
Active Directory Elevation of Privilege Vulnerability | |||||||
CVE-2020-0665 | No | No | - | - | Important | 6.6 | 5.9 |
Connected Devices Platform Service Elevation of Privilege Vulnerability | |||||||
CVE-2020-0740 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0741 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0742 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0743 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0749 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0750 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability | |||||||
CVE-2020-0727 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
DirectX Elevation of Privilege Vulnerability | |||||||
CVE-2020-0709 | No | No | - | - | Important | 7.0 | 6.3 |
CVE-2020-0732 | No | No | - | - | Important | 7.0 | 6.3 |
DirectX Information Disclosure Vulnerability | |||||||
CVE-2020-0714 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
February 2020 Adobe Flash Security Update | |||||||
ADV200003 | No | No | - | - | Important | ||
LNK Remote Code Execution Vulnerability | |||||||
CVE-2020-0729 | No | No | Less Likely | Less Likely | Critical | 7.5 | 6.7 |
Media Foundation Memory Corruption Vulnerability | |||||||
CVE-2020-0738 | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.9 |
Microsoft Browser Information Disclosure Vulnerability | |||||||
CVE-2020-0706 | Yes | No | Less Likely | Less Likely | Important | 4.3 | 3.9 |
Microsoft Edge Elevation of Privilege Vulnerability | |||||||
CVE-2020-0663 | No | No | - | - | Important | 4.2 | 3.8 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2020-0759 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Exchange Memory Corruption Vulnerability | |||||||
CVE-2020-0688 | No | No | More Likely | More Likely | Important | ||
Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||||
CVE-2020-0692 | No | No | More Likely | More Likely | Important | ||
Microsoft Graphics Components Information Disclosure Vulnerability | |||||||
CVE-2020-0746 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Microsoft Office Online Server Spoofing Vulnerability | |||||||
CVE-2020-0695 | No | No | - | - | Important | ||
Microsoft Office SharePoint XSS Vulnerability | |||||||
CVE-2020-0693 | No | No | Less Likely | Less Likely | Important | ||
CVE-2020-0694 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Office Tampering Vulnerability | |||||||
CVE-2020-0697 | No | No | - | - | Important | ||
Microsoft Outlook Security Feature Bypass Vulnerability | |||||||
CVE-2020-0696 | No | No | Less Likely | Less Likely | Important | ||
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability | |||||||
CVE-2020-0618 | No | No | - | - | Important | ||
Microsoft Secure Boot Security Feature Bypass Vulnerability | |||||||
CVE-2020-0689 | Yes | No | Less Likely | Less Likely | Important | 8.2 | 7.6 |
Remote Desktop Client Remote Code Execution Vulnerability | |||||||
CVE-2020-0681 | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
CVE-2020-0734 | No | No | More Likely | More Likely | Critical | 7.5 | 6.7 |
Remote Desktop Services Remote Code Execution Vulnerability | |||||||
CVE-2020-0655 | No | No | - | - | Important | 8.0 | 7.2 |
Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2020-0673 | No | No | - | - | Critical | 6.4 | 5.8 |
CVE-2020-0674 | Yes | Yes | Detected | Detected | Critical | 6.4 | 5.9 |
CVE-2020-0710 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2020-0711 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2020-0712 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2020-0713 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2020-0767 | No | No | - | - | Critical | 4.2 | 3.8 |
Surface Hub Security Feature Bypass Vulnerability | |||||||
CVE-2020-0702 | No | No | Less Likely | Less Likely | Important | ||
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2020-0691 | No | No | Unlikely | Unlikely | Important | 4.7 | 4.2 |
CVE-2020-0719 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2020-0720 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2020-0721 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2020-0722 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2020-0723 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2020-0724 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2020-0725 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2020-0726 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2020-0731 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
Win32k Information Disclosure Vulnerability | |||||||
CVE-2020-0716 | No | No | - | - | Important | 5.5 | 5.0 |
CVE-2020-0717 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Backup Service Elevation of Privilege Vulnerability | |||||||
CVE-2020-0703 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows COM Server Elevation of Privilege Vulnerability | |||||||
CVE-2020-0685 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
Windows Client License Service Elevation of Privilege Vulnerability | |||||||
CVE-2020-0701 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
CVE-2020-0657 | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
Windows Common Log File System Driver Information Disclosure Vulnerability | |||||||
CVE-2020-0658 | No | No | - | - | Important | 5.5 | 5.0 |
Windows Data Sharing Service Elevation of Privilege Vulnerability | |||||||
CVE-2020-0659 | No | No | - | - | Important | 7.8 | 7.0 |
CVE-2020-0747 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Elevation of Privilege Vulnerability | |||||||
CVE-2020-0737 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0739 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Error Reporting Elevation of Privilege Vulnerability | |||||||
CVE-2020-0753 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0754 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Error Reporting Manager Elevation of Privilege Vulnerability | |||||||
CVE-2020-0678 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Function Discovery Service Elevation of Privilege Vulnerability | |||||||
CVE-2020-0679 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0680 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0682 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows GDI Information Disclosure Vulnerability | |||||||
CVE-2020-0744 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Graphics Component Elevation of Privilege Vulnerability | |||||||
CVE-2020-0715 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2020-0745 | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
CVE-2020-0792 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2020-0661 | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
CVE-2020-0751 | No | No | - | - | Important | 6.0 | 5.4 |
Windows IME Elevation of Privilege Vulnerability | |||||||
CVE-2020-0707 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Imaging Library Remote Code Execution Vulnerability | |||||||
CVE-2020-0708 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Information Disclosure Vulnerability | |||||||
CVE-2020-0698 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2020-0683 | Yes | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2020-0686 | Yes | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2020-0668 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0669 | No | No | - | - | Important | 7.8 | 7.0 |
CVE-2020-0670 | No | No | - | - | Important | 7.8 | 7.0 |
CVE-2020-0671 | No | No | - | - | Important | 7.8 | 7.0 |
CVE-2020-0672 | No | No | - | - | Important | 7.8 | 7.0 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2020-0736 | No | No | - | - | Important | 5.5 | 5.0 |
Windows Key Isolation Service Information Disclosure Vulnerability | |||||||
CVE-2020-0675 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
CVE-2020-0676 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
CVE-2020-0677 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
CVE-2020-0748 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
CVE-2020-0755 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
CVE-2020-0756 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability | |||||||
CVE-2020-0733 | No | No | - | - | Important | ||
Windows Modules Installer Service Information Disclosure Vulnerability | |||||||
CVE-2020-0728 | No | No | Less Likely | Less Likely | Important | 3.3 | 3.0 |
Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability | |||||||
CVE-2020-0705 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Remote Code Execution Vulnerability | |||||||
CVE-2020-0662 | No | No | - | - | Critical | 8.6 | 7.7 |
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | |||||||
CVE-2020-0660 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
Windows SSH Elevation of Privilege Vulnerability | |||||||
CVE-2020-0757 | No | No | Less Likely | Less Likely | Important | 8.2 | 7.4 |
Windows Search Indexer Elevation of Privilege Vulnerability | |||||||
CVE-2020-0666 | No | No | - | - | Important | 7.8 | 7.0 |
CVE-2020-0667 | No | No | - | - | Important | 7.8 | 7.0 |
CVE-2020-0735 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2020-0752 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows User Profile Service Elevation of Privilege Vulnerability | |||||||
CVE-2020-0730 | No | No | Less Likely | Less Likely | Important | 6.3 | 5.7 |
Windows Wireless Network Manager Elevation of Privilege Vulnerability | |||||||
CVE-2020-0704 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Total Vulnerabilities: 99
References:
[1] https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200001
--
Renato Marinho
Morphus Labs| LinkedIn| Twitter
Comments