Patch Tuesday: Microsoft Security Bulletin Summary for October 2020

Overview

Microsoft Patch Tuesday October 2020 has released October Patch Tuesday security updates, addressing a total of 87 vulnerabilities in the family of Windows operating systems and related products. In which, 11 are classified as Critical that can be used by the attackers to get complete control over an unpatched victim system. This realization was made by using their vulnerability management system.All of the critical bugs are remote code execution, Overall updates in Patch Tuesday includes fixes for Microsoft Windows, Azure Functions, Open Source Software, Office and Office Services and Web Apps, .NET Framework, Microsoft Dynamics, Exchange Server, Visual Studio, and the Windows Codecs Library. At the time of the release of updates, there were no zero-days and no vulnerabilities that had been publicly disclosed or under active attack.

Windows TCP/IP Remote Code Execution Vulnerability | CVE-2020-16898 :

A remote code execution vulnerability(RCE) exists in the TCP/IP stack, This vulnerability can be exploited by attackers without any authentication and it is potentially therefore wormable. A specially crafted ICMPv6 router advertisement could therefore cause code execution on an unpatched system. It is being assumed that code execution with elevated privileges hence could be possible as the code execution occurs in the TCP/IP stack.

• Successful exploitation of the vulnerability could additionally run arbitrary code with elevated privileges on the affected system.

A remote code execution(RCE) vulnerability exists in the affected versions of Outlook. The flaw exists in the parsing of HTML content within an email, flaw results due to a lack of proper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer.

• Successful exploitation of the vulnerability could run arbitrary code in the context of the current user and therefore gain the ability to install programs; view, change, or delete data; or create new accounts with full user rights. Users with administrative rights are highly impacted as compared to users having fewer rights.

Windows Hyper-V Remote Code Execution Vulnerability | CVE-2020-16891 :

A remote code execution(RCE) vulnerability exists in Windows Hyper-V. The flaw exists due to Hyper-v on a host server fails to properly validate input from an authenticated user on a guest operating system. An attacker can run a specially crafted program on an affected guest OS to get arbitrary code execution on the host OS.

• Successful exploitation of the vulnerability additionally could run arbitrary code on the host operating system.

Windows Error Reporting Elevation of Privilege Vulnerability | CVE-2020-16909 :

An elevation of privilege vulnerability exists in Windows Error Reporting (WER). The flaw exists in the way WER handles and hence executes files. Components of Windows Error Reporting could allow an authenticated attacker to finally execute arbitrary code with escalated privileges. To exploit the flaw, an attacker could therefore run a specially crafted application.

• Successful exploitation of the vulnerability could run arbitrary code with escalated privileges and therefore  could gain greater access to sensitive information and system functionality.

• Microsoft Windows
• Microsoft Office and Microsoft Office Services and Web Apps
• Azure Functions
• Microsoft Exchange Server
• Visual Studio
• Microsoft .NET Framework
• Microsoft Dynamics
• Adobe Flash Player

Product: Microsoft WindowsCVEs/Advisory: CVE-2020-16891, CVE-2020-16898, CVE-2020-16911, CVE-2020-16915, CVE-2020-16923, CVE-2020-16967, CVE-2020-16968Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, SpoofingSeverity: CriticalKBs:4577668, 4577671, 4579311, 4580327, 4580328, 4580330, 4580346, 4580347, 4580353, 4580358, 4580382

Product: Microsoft Office and Microsoft Office Services and Web AppsCVEs/Advisory: CVE-2020-16947, CVE-2020-16951, CVE-2020-16952, CVE-2020-17003Impact: Elevation of Privilege, Remote Code Execution, Spoofing, Information DisclosureSeverity: CriticalKBs:4486671, 4486676, 4486677, 4486694

Product: Azure FunctionsCVEs/Advisory: CVE-2020-16904Impact: Elevation of PrivilegeSeverity: Important

Product: Microsoft Exchange ServerCVEs/Advisory: CVE-2020-16969Impact: Information DisclosureSeverity: ImportantKBs:4581424

Product: Visual Studio CodeCVEs/Advisory: CVE-2020-16977Impact: Remote Code ExecutionSeverity: Important

Product: Microsoft .NET FrameworkCVEs/Advisory: CVE-2020-16937Impact: Information DisclosureSeverity: ImportantKBs:4578968, 4578969, 4578971, 4578972, 4578974, 4579976, 4579977, 4579978, 4579979, 4579980, 4580328, 4580330, 4580346, 4580467, 4580468, 4580469, 4580470

Product: Microsoft DynamicsCVEs/Advisory: CVE-2020-16956, CVE-2020-16978Impact: SpoofingSeverity: ImportantKBs:4578105, 4578106

Product: Adobe Flash PlayerCVEs/Advisory: ADV200012Impact: Remote Code ExecutionSeverity: CriticalKBs:4580325

SanerNow detects these vulnerabilities and hence automatically fixes it by applying security updates. Therefore Download SanerNow and keep your systems updated and secure.