Skip to main content
Patch ManagementPatch Tuesday

October Patch Tuesday: Microsoft Fixes a Near Zero-Day Vulnerability

By October 13, 2020June 22nd, 2022No Comments
||

October Patch Tuesday: Microsoft Fixes a Near Zero-Day Vulnerability

Microsoft has fixed 87 vulnerabilities for this month's Patch Tuesday, including one flaw so severe that it should be considered zero-day.

[vc_empty_space]
[vc_single_image image=”160214″ img_size=”full”]

October Patch Tuesday Fixes 87 Vulnerabilities

With 87 vulnerabilities remediated, October Patch Tuesday includes 11 Critical, 75 Important and 1 patch marked as Important.

Microsoft fixed less vulnerabilities this month, but we have identified 6 vulnerabilities that are publicly aware—one is so severe it should be considered Zero Day. There is still urgent work to do.

Additionally, there has been many Windows 7 and Windows Server 2008 (including R2) vulnerabilities for those subscribed to the ESU extension: Windows 7 has 23 vulnerabilities, 2 Critical, and 21 Important. Windows Server 2008 R2 also has 23 vulnerabilities: 2 Critical and 21 Important fixed.

Top October Patches and Vulnerabilities

CVE-2020-16898: Windows TCP/IP Remote Code Execution Vulnerability – has a CVSS Score of 9.8 making this as close to a zero-day vulnerability, however there is a countermeasure available:

  • Affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
  • Workaround: Disable ICMPv6 RDNSS using a Powershell command. Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave this workaround in place
  • No reboot is needed after implementing the workaround

 

CVE-2020-16891: Windows Hyper-V Remote Code Execution Vulnerability – has a CVSS score of 8.8 making this one of the top 3 highest vulnerabilities to prioritize this month, no countermeasure is available

  • Affects Windows 7 through Windows Server 2019 including Server Core
  • With so many IT users working from home and depending on their virtual environments, you really cannot afford not to patch this update

 

CVE-2020-16909: Windows Error Reporting Elevation of Privilege Vulnerability – has a CVSS score of 7.8 with no countermeasure.

  • This vulnerability is publicly aware meaning weaponization could happen quickly
  • The vulnerability affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
  • An attacker who successfully exploited the vulnerability could gain greater access to sensitive information and system functionality. This has been exploited previously with fileless attacks, also known as zero-footprint attacks
  • These types of attacks don’t install software or copy binaries on a user’s devices, so even some next-generation antivirus tools are more likely to miss it
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month; please pay close attention to any of these which are Publicly Aware and / or Weaponized.

 

CVE Description Vendor Severity CVSS Score Publicly Aware Weaponised Countermeasure Syxsense Recommended
CVE-2020-16909 Windows Error Reporting Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2020-16908 Windows Setup Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2020-16885 Windows Storage VSP Driver Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2020-16938 Windows Kernel Information Disclosure Vulnerability Important 5.5 Yes No No Yes
CVE-2020-16901 Windows Kernel Information Disclosure Vulnerability Important 5 Yes No No Yes
CVE-2020-16937 .NET Framework Information Disclosure Vulnerability Important 4.7 Yes No No Yes
CVE-2020-16898 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.8 No No Yes Yes
CVE-2020-16911 GDI+ Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2020-16891 Windows Hyper-V Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2020-16951 Microsoft SharePoint Remote Code Execution Vulnerability Critical 8.6 No No No Yes
CVE-2020-16952 Microsoft SharePoint Remote Code Execution Vulnerability Critical 8.6 No No No Yes
CVE-2020-16947 Microsoft Outlook Remote Code Execution Vulnerability Critical 8.1 No No No Yes
CVE-2020-17003 Base3D Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-16915 Media Foundation Memory Corruption Vulnerability Critical 7.8 No No No Yes
CVE-2020-16923 Microsoft Graphics Components Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-16967 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-16968 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-1080 Windows Hyper-V Elevation of Privilege Vulnerability Important 8.8 No No No Yes
CVE-2020-16945 Microsoft Office SharePoint XSS Vulnerability Important 8.7 No No No Yes
CVE-2020-16946 Microsoft Office SharePoint XSS Vulnerability Important 8.7 No No No Yes
CVE-2020-16944 Microsoft SharePoint Reflective XSS Vulnerability Important 8.7 No No No Yes
CVE-2020-16918 Base3D Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16939 Group Policy Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16924 Jet Database Engine Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16978 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important 7.8 No No No
CVE-2020-16929 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16930 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16931 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16932 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-1167 Microsoft Graphics Components Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16957 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16928 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16955 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16954 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16995 Network Watcher Agent virtual machine extension for Linux Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16907 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16913 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16940 Windows – User Profile Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16920 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16912 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16936 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16972 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16973 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16974 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16975 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16976 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16916 Windows COM Server Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16935 Windows COM Server Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16895 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-1243 Windows Hyper-V Denial of Service Vulnerability Important 7.8 No No No
CVE-2020-1047 Windows Hyper-V Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16892 Windows Image Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16902 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16980 Windows iSCSI Target Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16890 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16887 Windows Network Connections Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-0764 Windows Storage Services Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16894 Windows NAT Remote Code Execution Vulnerability Important 7.7 No No No
CVE-2020-16927 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important 7.5 No No No
CVE-2020-16896 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important 7.5 No No Yes
CVE-2020-16863 Windows Remote Desktop Service Denial of Service Vulnerability Important 7.5 No No No
CVE-2020-16899 Windows TCP/IP Denial of Service Vulnerability Important 7.5 No No Yes
CVE-2020-16969 Microsoft Exchange Information Disclosure Vulnerability Important 7.1 No No No
CVE-2020-16876 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability Important 7.1 No No No
CVE-2020-16877 Windows Elevation of Privilege Vulnerability Important 7.1 No No No
CVE-2020-16934 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-16933 Microsoft Word Security Feature Bypass Vulnerability Important 7 No No No
CVE-2020-16977 Visual Studio Code Python Extension Remote Code Execution Vulnerability Important 7 No No No
CVE-2020-16900 Windows Event System Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-16905 Windows Error Reporting Elevation of Privilege Vulnerability Important 6.8 No No No
CVE-2020-16943 Dynamics 365 Commerce Elevation of Privilege Vulnerability Important 6.5 No No No
CVE-2020-16948 Microsoft SharePoint Information Disclosure Vulnerability Important 6.5 No No No
CVE-2020-16953 Microsoft SharePoint Information Disclosure Vulnerability Important 6.5 No No No
CVE-2020-16910 Windows Security Feature Bypass Vulnerability Important 6.2 No No No
CVE-2020-16897 NetBT Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-16919 Windows Enterprise App Management Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-16914 Windows GDI+ Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-16889 Windows Kernel Stream Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-16956 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important 5.4 No No No
CVE-2020-16904 Azure Functions Elevation of Privilege Vulnerability Important 5.3 No No No
CVE-2020-16886 Power Shell Get Module WDAC Security Feature Bypass Vulnerability Important 5.3 No No No
CVE-2020-16922 Windows Spoofing Vulnerability Important 5.3 No No No
CVE-2020-16950 Microsoft SharePoint Information Disclosure Vulnerability Important 5 No No No
CVE-2020-16949 Microsoft Outlook Denial of Service Vulnerability Moderate 4.7 No No No
CVE-2020-16941 Microsoft SharePoint Information Disclosure Vulnerability Important 4.1 No No No
CVE-2020-16942 Microsoft SharePoint Information Disclosure Vulnerability Important 4.1 No No No
CVE-2020-16921 Windows Text Services Framework Information Disclosure Vulnerability Important TBC No No No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

September Patch Tuesday Updates

Based on the vendor severity and CVSS score, we have made a few patch recommendations. Pay close attention to any patches which are publicly aware or weaponized.

 

Leave a Reply

CVE Reference Description Severity CVSS Score Publicly Aware Weaponised Counter-measure Syxsense Recommended
CVE-2020-1210 Microsoft SharePoint Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2020-1595 Microsoft SharePoint Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2020-16875 Microsoft Exchange Memory Corruption Vulnerability Critical 9.1 No No No Yes
CVE-2020-0922 Microsoft COM for Windows Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2020-1129 Microsoft Windows Codecs Library Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2020-1200 Microsoft SharePoint Remote Code Execution Vulnerability Critical 8.6 No No No Yes
CVE-2020-1452 Microsoft SharePoint Remote Code Execution Vulnerability Critical 8.6 No