Microsoft Patch Tuesday September 2020 has released September Patch Tuesday security updates with a total release of 129 vulnerabilities, In which 23 are classified as Critical with Remote Code Execution(RCE) 105 are classified as important and 1 is classified as moderate that reside in the Microsoft Windows, Microsoft Exchange Server, Internet Explorer (IE), Microsoft Edge (EdgeHTML-based and Chromium-based in IE Mode), ChakraCore, Visual Studio, Microsoft OneDrive, etc.
No zero-day vulnerabilities are reported and the bugs being patched were not publicly known or under active attack at the time of release.
Interesting Vulnerabilities :
Visual Studio Remote Code Execution Vulnerability | CVE-2020-16874 :
A Remote Code Execution(RCE) Vulnerability exists in Visual Studio, Manipulation with an unknown input leads to memory corruption. This vulnerability exists in multiple versions of Visual Studio dating back to 2012. To exploit the same, An Attacker has to convince the user to open a specially crafted file using an affected version of the software.
- Successful exploitation of the vulnerability could run arbitrary code in the context of the current user and gain the ability to install programs; view, change, or delete data; or create new accounts with full user rights. Users with administrative rights are highly impacted as compared to users having fewer rights.
Microsoft Exchange Server Remote Code Execution Vulnerability | CVE-2020-16875 :
A Remote Code Execution(RCE) vulnerability exists in Microsoft Exchange Server when it fails to properly validate cmdlet arguments. To exploit the vulnerability, an attacker can send a specially crafted email to the vulnerable Microsoft Exchange Server which will lead to memory corruption. Exploitation requires an authenticated user in a certain Exchange role to be compromised.
- Successful exploitation of the vulnerability could allow an attacker to execute code as SYSTEM. It is likely to see this one in the wild soon.
Microsoft SharePoint Remote Code Execution Vulnerability | CVE-2020-1210 :
A Remote Code Execution(RCE) vulnerability exists in Microsoft SharePoint due to failure to check the source markup of an application package. To exploit this vulnerability, an attacker needs to be able to upload a SharePoint Application package to a vulnerable SharePoint.
- Successful exploitation of the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint Server farm account.
GDI+ Remote Code Execution Vulnerability | CVE-2020-1285 :
A Remote Code Execution(RCE) vulnerability exists in Windows Graphic Device Interface due to failure in handling the objects in memory. There are two attack scenarios by which vulnerability can be exploited.
- In a web-based attack scenario, An attacker can host a website that is specially designed to exploit this vulnerability and then convince users to visit the website. An attacker can not force a user to view an attacker-controlled site. Instead, An attacker has to trick the user to take action by getting them to open an email attachment or click a link.
- In a file-sharing attack scenario, An attacker has to trick a user to open a specially crafted file designed to exploit the vulnerability.
- Successful exploitation of the vulnerability could run arbitrary code and gains the ability to install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Windows Codecs Library Remote Code Execution Vulnerability | CVE-2020-1129 :
A Remote Code Execution(RCE) Vulnerability exists in Microsoft Windows Codecs Library which is used by multiple applications and can affect a wide range of programs. The flaw exists within the parsing of HEVC streams, A crafted HEVC stream in a file can trigger an overflow of a fixed-length stack-based buffer. To exploit the vulnerability, An attacker has to trick the affected user to view a specially crafted image.
- Successful exploitation of the vulnerability could run the code on the affected system and could also obtain the information to further compromise the target.
Microsoft Security Bulletin Summary for September 2020:
- Microsoft Windows
- Microsoft Edge (EdgeHTML-based)
- Microsoft ChakraCore
- Internet Explorer
- Microsoft Office and Microsoft Office Services and Web Apps
- Visual Studio
- Microsoft Dynamics
- Microsoft Exchange Server
- SQL Server
Product: Microsoft Windows
CVEs/Advisory: CVE-2020-0908, CVE-2020-0922, CVE-2020-0997, CVE-2020-1129, CVE-2020-1252, CVE-2020-1285, CVE-2020-1319, CVE-2020-1508, CVE-2020-1593
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, Spoofing
KBs: 4570333, 4571756, 4574727, 4577015, 4577032, 4577038, 4577041, 4577048, 4577049, 4577066, 4577071
Product: Microsoft Edge (EdgeHTML-based)
CVEs/Advisory: CVE-2020-0878, CVE-2020-1057, CVE-2020-1172
Impact: Elevation of Privilege, Remote Code Execution, Spoofing, Information Disclosure
Product: Microsoft Office and Apps
CVEs/Advisory: CVE-2020-1200, CVE-2020-1210, CVE-2020-1452, CVE-2020-1453, CVE-2020-1460, CVE-2020-1576, CVE-2020-1595
Impact: Information Disclosure, Remote Code Execution, Spoofing
KBs: 3101523, 4484480, 4484488, 4484504, 4484505, 4484506, 4484512, 4484515, 4484525, 4486664, 4486667
Product: Visual Studio Code
Impact: Remote Code Execution
Product: ASP .NET
Impact: Security Feature Bypass
Product: SQL Server
Impact: Security Feature Bypass