october-patch-tuesday

Microsoft has released October Patch Tuesday security updates, addressing a total of 87 vulnerabilities in the family of Windows operating systems and related products. In which, 11 are classified as Critical that can be used by the attackers to get complete control over an unpatched victim system.

All of the critical bugs are remote code execution, Overall updates in Patch Tuesday includes fixes for Microsoft Windows, Azure Functions, Open Source Software, Office and Office Services and Web Apps, .NET Framework, Microsoft Dynamics, Exchange Server, Visual Studio, and the Windows Codecs Library. At the time of the release of updates, there were no zero-days and no vulnerabilities that had been publicly disclosed or under active attack.


Interesting Vulnerabilities :

Windows TCP/IP Remote Code Execution Vulnerability | CVE-2020-16898 :

A remote code execution vulnerability(RCE) exists in the TCP/IP stack, This vulnerability can be exploited by attackers without any authentication and it is potentially wormable. A specially crafted ICMPv6 router advertisement could cause code execution on an unpatched system. It is being assumed that code execution with elevated privileges could be possible as the code execution occurs in the TCP/IP stack.

  • Successful exploitation of the vulnerability could run arbitrary code with elevated privileges on the affected system.

Microsoft Outlook Remote Code Execution Vulnerability | CVE-2020-16947 :

A remote code execution(RCE) vulnerability exists in the affected versions of Outlook. The flaw exists in the parsing of HTML content within an email, flaw results due to a lack of proper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer.

  • Successful exploitation of the vulnerability could run arbitrary code in the context of the current user and gain the ability to install programs; view, change, or delete data; or create new accounts with full user rights. Users with administrative rights are highly impacted as compared to users having fewer rights.

Windows Hyper-V Remote Code Execution Vulnerability | CVE-2020-16891 :

A remote code execution(RCE) vulnerability exists in Windows Hyper-V. The flaw exists due to Hyper-v on a host server fails to properly validate input from an authenticated user on a guest operating system. An attacker can run a specially crafted program on an affected guest OS to get arbitrary code execution on the host OS.

  • Successful exploitation of the vulnerability could run arbitrary code on the host operating system.

Windows Error Reporting Elevation of Privilege Vulnerability | CVE-2020-16909 :

An elevation of privilege vulnerability exists in Windows Error Reporting (WER). The flaw exists in the way WER handles and executes files. Components of Windows Error Reporting could allow an authenticated attacker to execute arbitrary code with escalated privileges. To exploit the flaw, an attacker could run a specially crafted application.

  • Successful exploitation of the vulnerability could run arbitrary code with escalated privileges and could gain greater access to sensitive information and system functionality.

Microsoft Security Bulletin Summary for October 2020:

  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Azure Functions
  • Microsoft Exchange Server
  • Visual Studio
  • Microsoft .NET Framework
  • Microsoft Dynamics
  • Adobe Flash Player

Product: Microsoft Windows
CVEs/Advisory: CVE-2020-16891, CVE-2020-16898, CVE-2020-16911, CVE-2020-16915, CVE-2020-16923, CVE-2020-16967, CVE-2020-16968
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, Spoofing
Severity: Critical
KBs: 4577668, 4577671, 4579311, 4580327, 4580328, 4580330, 4580346, 4580347, 4580353, 4580358, 4580382


Product: Microsoft Office and Microsoft Office Services and Web Apps
CVEs/Advisory: CVE-2020-16947, CVE-2020-16951, CVE-2020-16952, CVE-2020-17003
Impact: Elevation of Privilege, Remote Code Execution, Spoofing, Information Disclosure
Severity: Critical
KBs: 4486671, 4486676, 4486677, 4486694


Product: Azure Functions
CVEs/Advisory: CVE-2020-16904
Impact: Elevation of Privilege
Severity: Important


Product: Microsoft Exchange Server
CVEs/Advisory: CVE-2020-16969
Impact: Information Disclosure
Severity: Important
KBs: 4581424


Product: Visual Studio Code
CVEs/Advisory: CVE-2020-16977
Impact: Remote Code Execution
Severity: Important


Product: Microsoft .NET Framework
CVEs/Advisory: CVE-2020-16937
Impact: Information Disclosure
Severity: Important
KBs: 4578968, 4578969, 4578971, 4578972, 4578974, 4579976, 4579977, 4579978, 4579979, 4579980, 4580328, 4580330, 4580346, 4580467, 4580468, 4580469, 4580470


Product: Microsoft Dynamics
CVEs/Advisory: CVE-2020-16956, CVE-2020-16978
Impact: Spoofing
Severity: Important
KBs: 4578105, 4578106


Product: Adobe Flash Player
CVEs/Advisory: ADV200012
Impact: Remote Code Execution
Severity: Critical
KBs: 4580325


SanerNow detects these vulnerabilities and automatically fixes it by applying security updates. Download SanerNow and keep your systems updated and secure.


 

Subscribe For Latest Updates

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
Summary
Author
Publisher Name
SecPod Technologies
Publisher Logo

Leave a Reply

Your email address will not be published. Required fields are marked *