October Patch Tuesday: Microsoft Fixes a Near Zero-Day Vulnerability
Microsoft has fixed 87 vulnerabilities for this month's Patch Tuesday, including one flaw so severe that it should be considered zero-day.
October Patch Tuesday Fixes 87 Vulnerabilities
With 87 vulnerabilities remediated, October Patch Tuesday includes 11 Critical, 75 Important and 1 patch marked as Important.
Microsoft fixed less vulnerabilities this month, but we have identified 6 vulnerabilities that are publicly aware—one is so severe it should be considered Zero Day. There is still urgent work to do.
Additionally, there has been many Windows 7 and Windows Server 2008 (including R2) vulnerabilities for those subscribed to the ESU extension: Windows 7 has 23 vulnerabilities, 2 Critical, and 21 Important. Windows Server 2008 R2 also has 23 vulnerabilities: 2 Critical and 21 Important fixed.
Top October Patches and Vulnerabilities
CVE-2020-16898: Windows TCP/IP Remote Code Execution Vulnerability – has a CVSS Score of 9.8 making this as close to a zero-day vulnerability, however there is a countermeasure available:
- Affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
- Workaround:Â Disable ICMPv6 RDNSSÂ using a Powershell command. Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave this workaround in place
- No reboot is needed after implementing the workaround
CVE-2020-16891: Windows Hyper-V Remote Code Execution Vulnerability – has a CVSS score of 8.8 making this one of the top 3 highest vulnerabilities to prioritize this month, no countermeasure is available
- Affects Windows 7 through Windows Server 2019 including Server Core
- With so many IT users working from home and depending on their virtual environments, you really cannot afford not to patch this update
CVE-2020-16909: Windows Error Reporting Elevation of Privilege Vulnerability – has a CVSS score of 7.8 with no countermeasure.
- This vulnerability is publicly aware meaning weaponization could happen quickly
- The vulnerability affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
- An attacker who successfully exploited the vulnerability could gain greater access to sensitive information and system functionality. This has been exploited previously with fileless attacks, also known as zero-footprint attacks
- These types of attacks don’t install software or copy binaries on a user’s devices, so even some next-generation antivirus tools are more likely to miss it
Syxsense Recommendations
Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month; please pay close attention to any of these which are Publicly Aware and / or Weaponized.
| CVE | Description | Vendor Severity | CVSS Score | Publicly Aware | Weaponised | Countermeasure | Syxsense Recommended |
| CVE-2020-16909 | Windows Error Reporting Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | No | Yes |
| CVE-2020-16908 | Windows Setup Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | No | Yes |
| CVE-2020-16885 | Windows Storage VSP Driver Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | No | Yes |
| CVE-2020-16938 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 | Yes | No | No | Yes |
| CVE-2020-16901 | Windows Kernel Information Disclosure Vulnerability | Important | 5 | Yes | No | No | Yes |
| CVE-2020-16937 | .NET Framework Information Disclosure Vulnerability | Important | 4.7 | Yes | No | No | Yes |
| CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability | Critical | 9.8 | No | No | Yes | Yes |
| CVE-2020-16911 | GDI+ Remote Code Execution Vulnerability | Critical | 8.8 | No | No | No | Yes |
| CVE-2020-16891 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 8.8 | No | No | No | Yes |
| CVE-2020-16951 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | 8.6 | No | No | No | Yes |
| CVE-2020-16952 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | 8.6 | No | No | No | Yes |
| CVE-2020-16947 | Microsoft Outlook Remote Code Execution Vulnerability | Critical | 8.1 | No | No | No | Yes |
| CVE-2020-17003 | Base3D Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | Yes |
| CVE-2020-16915 | Media Foundation Memory Corruption Vulnerability | Critical | 7.8 | No | No | No | Yes |
| CVE-2020-16923 | Microsoft Graphics Components Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | Yes |
| CVE-2020-16967 | Windows Camera Codec Pack Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | Yes |
| CVE-2020-16968 | Windows Camera Codec Pack Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | Yes |
| CVE-2020-1080 | Windows Hyper-V Elevation of Privilege Vulnerability | Important | 8.8 | No | No | No | Yes |
| CVE-2020-16945 | Microsoft Office SharePoint XSS Vulnerability | Important | 8.7 | No | No | No | Yes |
| CVE-2020-16946 | Microsoft Office SharePoint XSS Vulnerability | Important | 8.7 | No | No | No | Yes |
| CVE-2020-16944 | Microsoft SharePoint Reflective XSS Vulnerability | Important | 8.7 | No | No | No | Yes |
| CVE-2020-16918 | Base3D Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16939 | Group Policy Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16924 | Jet Database Engine Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16978 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16929 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16930 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16931 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16932 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-1167 | Microsoft Graphics Components Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16957 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16928 | Microsoft Office Click-to-Run Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16955 | Microsoft Office Click-to-Run Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16954 | Microsoft Office Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16995 | Network Watcher Agent virtual machine extension for Linux Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16907 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16913 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16940 | Windows – User Profile Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16920 | Windows Application Compatibility Client Library Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16912 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16936 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16972 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16973 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16974 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16975 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16976 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16916 | Windows COM Server Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16935 | Windows COM Server Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16895 | Windows Error Reporting Manager Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-1243 | Windows Hyper-V Denial of Service Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-1047 | Windows Hyper-V Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16892 | Windows Image Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16902 | Windows Installer Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16980 | Windows iSCSI Target Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16890 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16887 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-0764 | Windows Storage Services Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2020-16894 | Windows NAT Remote Code Execution Vulnerability | Important | 7.7 | No | No | No | |
| CVE-2020-16927 | Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | Important | 7.5 | No | No | No | |
| CVE-2020-16896 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Important | 7.5 | No | No | Yes | |
| CVE-2020-16863 | Windows Remote Desktop Service Denial of Service Vulnerability | Important | 7.5 | No | No | No | |
| CVE-2020-16899 | Windows TCP/IP Denial of Service Vulnerability | Important | 7.5 | No | No | Yes | |
| CVE-2020-16969 | Microsoft Exchange Information Disclosure Vulnerability | Important | 7.1 | No | No | No | |
| CVE-2020-16876 | Windows Application Compatibility Client Library Elevation of Privilege Vulnerability | Important | 7.1 | No | No | No | |
| CVE-2020-16877 | Windows Elevation of Privilege Vulnerability | Important | 7.1 | No | No | No | |
| CVE-2020-16934 | Microsoft Office Click-to-Run Elevation of Privilege Vulnerability | Important | 7 | No | No | No | |
| CVE-2020-16933 | Microsoft Word Security Feature Bypass Vulnerability | Important | 7 | No | No | No | |
| CVE-2020-16977 | Visual Studio Code Python Extension Remote Code Execution Vulnerability | Important | 7 | No | No | No | |
| CVE-2020-16900 | Windows Event System Elevation of Privilege Vulnerability | Important | 7 | No | No | No | |
| CVE-2020-16905 | Windows Error Reporting Elevation of Privilege Vulnerability | Important | 6.8 | No | No | No | |
| CVE-2020-16943 | Dynamics 365 Commerce Elevation of Privilege Vulnerability | Important | 6.5 | No | No | No | |
| CVE-2020-16948 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 6.5 | No | No | No | |
| CVE-2020-16953 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 6.5 | No | No | No | |
| CVE-2020-16910 | Windows Security Feature Bypass Vulnerability | Important | 6.2 | No | No | No | |
| CVE-2020-16897 | NetBT Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
| CVE-2020-16919 | Windows Enterprise App Management Service Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
| CVE-2020-16914 | Windows GDI+ Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
| CVE-2020-16889 | Windows Kernel Stream Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
| CVE-2020-16956 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | 5.4 | No | No | No | |
| CVE-2020-16904 | Azure Functions Elevation of Privilege Vulnerability | Important | 5.3 | No | No | No | |
| CVE-2020-16886 | Power Shell Get Module WDAC Security Feature Bypass Vulnerability | Important | 5.3 | No | No | No | |
| CVE-2020-16922 | Windows Spoofing Vulnerability | Important | 5.3 | No | No | No | |
| CVE-2020-16950 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 5 | No | No | No | |
| CVE-2020-16949 | Microsoft Outlook Denial of Service Vulnerability | Moderate | 4.7 | No | No | No | |
| CVE-2020-16941 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 4.1 | No | No | No | |
| CVE-2020-16942 | Microsoft SharePoint Information Disclosure Vulnerability | Important | 4.1 | No | No | No | |
| CVE-2020-16921 | Windows Text Services Framework Information Disclosure Vulnerability | Important | TBC | No | No | No |
Experience the Power of Syxsense
Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
