October Patch Tuesday: Microsoft Fixes a Near Zero-Day Vulnerability
October Patch Tuesday Fixes 87 Vulnerabilities
With 87 vulnerabilities remediated, October Patch Tuesday includes 11 Critical, 75 Important and 1 patch marked as Important.
Microsoft fixed less vulnerabilities this month, but we have identified 6 vulnerabilities that are publicly awareone is so severe it should be considered Zero Day. There is still urgent work to do.
Additionally, there has been many Windows 7 and Windows Server 2008 (including R2) vulnerabilities for those subscribed to the ESU extension: Windows 7 has 23 vulnerabilities, 2 Critical, and 21 Important. Windows Server 2008 R2 also has 23 vulnerabilities: 2 Critical and 21 Important fixed.
Top October Patches and Vulnerabilities
CVE-2020-16898: Windows TCP/IP Remote Code Execution Vulnerability has a CVSS Score of 9.8 making this as close to a zero-day vulnerability, however there is a countermeasure available:
- Affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
- Workaround: Disable ICMPv6 RDNSS using a Powershell command. Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave this workaround in place
- No reboot is needed after implementing the workaround
CVE-2020-16891: Windows Hyper-V Remote Code Execution Vulnerability has a CVSS score of 8.8 making this one of the top 3 highest vulnerabilities to prioritize this month, no countermeasure is available
- Affects Windows 7 through Windows Server 2019 including Server Core
- With so many IT users working from home and depending on their virtual environments, you really cannot afford not to patch this update
CVE-2020-16909: Windows Error Reporting Elevation of Privilege Vulnerability has a CVSS score of 7.8 with no countermeasure.
- This vulnerability is publicly aware meaning weaponization could happen quickly
- The vulnerability affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
- An attacker who successfully exploited the vulnerability could gain greater access to sensitive information and system functionality. This has been exploited previously with fileless attacks, also known as zero-footprint attacks
- These types of attacks don’t install software or copy binaries on a user’s devices, so even some next-generation antivirus tools are more likely to miss it
Syxsense Recommendations
Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month; please pay close attention to any of these which are Publicly Aware and / or Weaponized.
CVE | Description | Vendor Severity | CVSS Score | Publicly Aware | Weaponised | Countermeasure | Syxsense Recommended |
CVE-2020-16909 | Windows Error Reporting Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | No | Yes |
CVE-2020-16908 | Windows Setup Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | No | Yes |
CVE-2020-16885 | Windows Storage VSP Driver Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | No | Yes |
CVE-2020-16938 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 | Yes | No | No | Yes |
CVE-2020-16901 | Windows Kernel Information Disclosure Vulnerability | Important | 5 | Yes | No | No | Yes |
CVE-2020-16937 | .NET Framework Information Disclosure Vulnerability | Important | 4.7 | Yes | No | No | Yes |
CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability | Critical | 9.8 | No | No | Yes | Yes |
CVE-2020-16911 | GDI+ Remote Code Execution Vulnerability | Critical | 8.8 | No | No | No | Yes |
CVE-2020-16891 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 8.8 | No | No | No | Yes |
CVE-2020-16951 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | 8.6 | No | No | No | Yes |
CVE-2020-16952 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | 8.6 | No | No | No | Yes |
CVE-2020-16947 | Microsoft Outlook Remote Code Execution Vulnerability | Critical | 8.1 | No | No | No | Yes |
CVE-2020-17003 | Base3D Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | Yes |
CVE-2020-16915 | Media Foundation Memory Corruption Vulnerability | Critical | 7.8 | No | No | No | Yes |
CVE-2020-16923 | Microsoft Graphics Components Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | Yes |
CVE-2020-16967 | Windows Camera Codec Pack Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | Yes |
CVE-2020-16968 | Windows Camera Codec Pack Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | Yes |
CVE-2020-1080 | Windows Hyper-V Elevation of Privilege Vulnerability | Important | 8.8 | No | No | No | Yes |
CVE-2020-16945 | Microsoft Office SharePoint XSS Vulnerability | Important | 8.7 | No | No | No | Yes |
CVE-2020-16946 | Microsoft Office SharePoint XSS Vulnerability | Important | 8.7 | No | No | No | Yes |
CVE-2020-16944 | Microsoft SharePoint Reflective XSS Vulnerability | Important | 8.7 | No | No | No | Yes |
CVE-2020-16918 | Base3D Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16939 | Group Policy Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16924 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16978 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16929 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16930 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16931 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16932 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-1167 | Microsoft Graphics Components Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16957 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16928 | Microsoft Office Click-to-Run Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16955 | Microsoft Office Click-to-Run Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16954 | Microsoft Office Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16995 | Network Watcher Agent virtual machine extension for Linux Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16907 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16913 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16940 | Windows – User Profile Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16920 | Windows Application Compatibility Client Library Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16912 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16936 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16972 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16973 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16974 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16975 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16976 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16916 | Windows COM Server Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16935 | Windows COM Server Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16895 | Windows Error Reporting Manager Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-1243 | Windows Hyper-V Denial of Service Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-1047 | Windows Hyper-V Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16892 | Windows Image Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16902 | Windows Installer Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16980 | Windows iSCSI Target Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16890 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16887 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-0764 | Windows Storage Services Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
CVE-2020-16894 | Windows NAT Remote Code Execution Vulnerability | Important | 7.7 | No | No | No | |
CVE-2020-16927 | Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | Important | 7.5 | No | No | No | |
CVE-2020-16896 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Important | 7.5 | No | No | Yes | |
CVE-2020-16863 | Windows Remote Desktop Service Denial of Service Vulnerability | Important | 7.5 | No | No | No | |
CVE-2020-16899 | Windows TCP/IP Denial of Service Vulnerability | Important | 7.5 | No | No | Yes | |
CVE-2020-16969 | Microsoft Exchange Information Disclosure Vulnerability | Important | 7.1 | No | No | No | |
CVE-2020-16876 | Windows Application Compatibility Client Library Elevation of Privilege Vulnerability | Important | 7.1 | No | No | No | |
CVE-2020-16877 | Windows Elevation of Privilege Vulnerability | Important | 7.1 | No | No | No | |
CVE-2020-16934 | Microsoft Office Click-to-Run Elevation of Privilege Vulnerability | Important | 7 | No | No | No | |
CVE-2020-16933 | Microsoft Word Security Feature Bypass Vulnerability | Important | 7 | No | No | No | |
CVE-2020-16977 | Visual Studio Code Python Extension Remote Code Execution Vulnerability | Important | 7 | No | No | No | |
CVE-2020-16900 | Windows Event System Elevation of Privilege Vulnerability | Important | 7 | No | No | No | |
CVE-2020-16905 | Windows Error Reporting Elevation of Privilege Vulnerability | Important | 6.8 | No | No | No | |
CVE-2020-16943 | Dynamics 365 Commerce Elevation of Privilege Vulnerability | Important | 6.5 | No | No | No | |
CVE-2020-16948 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 6.5 | No | No | No | |
CVE-2020-16953 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 6.5 | No | No | No | |
CVE-2020-16910 | Windows Security Feature Bypass Vulnerability | Important | 6.2 | No | No | No | |
CVE-2020-16897 | NetBT Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
CVE-2020-16919 | Windows Enterprise App Management Service Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
CVE-2020-16914 | Windows GDI+ Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
CVE-2020-16889 | Windows Kernel Stream Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
CVE-2020-16956 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | 5.4 | No | No | No | |
CVE-2020-16904 | Azure Functions Elevation of Privilege Vulnerability | Important | 5.3 | No | No | No | |
CVE-2020-16886 | Power Shell Get Module WDAC Security Feature Bypass Vulnerability | Important | 5.3 | No | No | No | |
CVE-2020-16922 | Windows Spoofing Vulnerability | Important | 5.3 | No | No | No | |
CVE-2020-16950 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 5 | No | No | No | |
CVE-2020-16949 | Microsoft Outlook Denial of Service Vulnerability | Moderate | 4.7 | No | No | No | |
CVE-2020-16941 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 4.1 | No | No | No | |
CVE-2020-16942 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 4.1 | No | No | No | |
CVE-2020-16921 | Windows Text Services Framework Information Disclosure Vulnerability | Important | TBC | No | No | No |
Experience the Power of Syxsense
Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.