Exploring the Latest Patch Tuesday Updates

For the first month of the decade, Microsoft released 49 updates.

There are 8 Critical with the remaining 41 marked Important and 2 which we would consider Zero Day / 0-Day. Of the 41 Important updates, 21 are marked as CVSS score High.

End of an Era

Windows 7 and Windows Server 2008 (including R2) has become end-of-life for general release of patches as of today.

In this release, there is a modest number of these, which we highly recommend you install as soon as possible. If you have not already done so, you should be looking at migrating to another operating systems (e.g. Windows 10 for continued support).

Zero Day Patches for Windows Remote Desktop Gateway

CVE-2020-0609 and CVE-2020-0610 have CVSS scores of 9.8. These are urgent because this vulnerability is pre-authentication and requires no user interaction—it impacts Windows Server from 2012 onwards.

There are no counter measures available for this threat, therefore deploying these updates should be your IT Security Managers highest priority.

Urgent Patch Priority

The following patches have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these between 7.8 and up to 8.1. This would indicate these are important enough to prioritize.

• CVE-2020-0601
• CVE-2020-0613
• CVE-2020-0614
• CVE-2020-0620
• CVE-2020-0623
• CVE-2020-0624
• CVE-2020-0625

• CVE-2020-0626
• CVE-2020-0627
• CVE-2020-0628
• CVE-2020-0629
• CVE-2020-0630
• CVE-2020-0631
• CVE-2020-0632

• CVE-2020-0633
• CVE-2020-0634
• CVE-2020-0635
• CVE-2020-0636
• CVE-2020-0638
• CVE-2020-0641
• CVE-2020-0642

Based on those CVSS scores, these patches rank alongside some of Critical ones ranked by Microsoft.

Robert Brown, Director of Services for Syxsense said, “CVE-2020-0601 relates to CryptoAPI spoofing vulnerability, which has a CVSS score of 8.1. Cybersecurity and Infrastructure Security Agency (CISA) strongly recommends organizations install these critical patches as soon as possible.”

Latest Adobe Updates

Adobe have released only 2 Critical updates for Illustrator CC and Experience Manager today. Both Syxsense and Adobe recommend these Critical updates be deployed within the next 7 days.

January 2020 Patch Tuesday Update

Based on the vendor severity and CVSS score, we have made a few recommendations to prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

 

CVE Ref.	Description	Vendor Severity	CVSS Base Score	Counter-measure	Publicly Aware	Weaponised	Syxsense Recommended
CVE-2020-0609	Windows RDP Gateway Server Remote Code Execution Vulnerability	Critical	9.8	No	No	No	Yes
CVE-2020-0610	Windows RDP Gateway Server Remote Code Execution Vulnerability	Critical	9.8	No	No	No	Yes
CVE-2020-0611	Remote Desktop Client Remote Code Execution Vulnerability	Critical	7.5	No	No	No	Yes
CVE-2020-0640	Internet Explorer Memory Corruption Vulnerability	Critical	7.5	No	No	No	Yes
CVE-2020-0603	ASP.NET Core Remote Code Execution Vulnerability	Critical	TBC	No	No	No	Yes
CVE-2020-0605	.NET Framework Remote Code Execution Vulnerability	Critical	TBC	No	No	No	Yes
CVE-2020-0606	.NET Framework Remote Code Execution Injection Vulnerability	Critical	TBC	No	No	No	Yes
CVE-2020-0646	.NET Framework Remote Code Execution Injection Vulnerability	Critical	TBC	No	No	No	Yes
CVE-2020-0601	Windows CryptoAPI Spoofing Vulnerability	Important	8.1	No	No	No	Yes
CVE-2020-0613	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0614	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0620	Microsoft Cryptographic Services Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0623	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0624	Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0625	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0626	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0627	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0628	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0629	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0630	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0631	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0632	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0633	Windows Search Indexer Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0634	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0635	Windows Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0636	Windows Subsystem for Linux Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0638	Update Notification Manager Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0641	Microsoft Windows Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0642	Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0644	Windows Elevation of Privilege Vulnerability	Important	7.8	No	No	No	Yes
CVE-2020-0612	Windows Remote Desktop Protocol (RDP) Gateway Server Denial of Service Vulnerability	Important	7.5	No	No	No
CVE-2020-0637	Remote Desktop Web Access Information Disclosure Vulnerability	Important	5.7	No	No	No
CVE-2020-0607	Microsoft Graphics Components Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-0608	Win32k Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-0615	Windows Common Log File System Driver Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-0616	Microsoft Windows Denial of Service Vulnerability	Important	5.5	No	No	No
CVE-2020-0622	Microsoft Graphics Component Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-0639	Windows Common Log File System Driver Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-0643	Windows GDI+ Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-0617	Hyper-V Denial of Service Vulnerability	Important	5.3	No	No	No
CVE-2020-0621	Windows Security Feature Bypass Vulnerability	Important	4.4	No	No	No
CVE-2020-0602	ASP.NET Core Denial of Service Vulnerability	Important	TBC	No	No	No
CVE-2020-0647	Microsoft Office Online Spoofing Vulnerability	Important	TBC	No	No	No
CVE-2020-0650	Microsoft Excel Remote Code Execution Vulnerability	Important	TBC	No	No	No
CVE-2020-0651	Microsoft Excel Remote Code Execution Vulnerability	Important	TBC	No	No	No
CVE-2020-0652	Microsoft Office Memory Corruption Vulnerability	Important	TBC	No	No	No
CVE-2020-0653	Microsoft Excel Remote Code Execution Vulnerability	Important	TBC	No	No	No
CVE-2020-0654	Microsoft OneDrive for Android Security Feature Bypass Vulnerability	Important	TBC	No	No	No
CVE-2020-0656	Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability	Important	TBC	No	No	No