October Patch Tuesday: Microsoft Fixes a Near Zero-Day Vulnerability

October Patch Tuesday: Microsoft Fixes a Near Zero-Day Vulnerability

October Patch Tuesday Fixes 87 Vulnerabilities

With 87 vulnerabilities remediated, October Patch Tuesday includes 11 Critical, 75 Important and 1 patch marked as Important.

Microsoft fixed less vulnerabilities this month, but we have identified 6 vulnerabilities that are publicly aware—one is so severe it should be considered Zero Day. There is still urgent work to do.

Additionally, there has been many Windows 7 and Windows Server 2008 (including R2) vulnerabilities for those subscribed to the ESU extension: Windows 7 has 23 vulnerabilities, 2 Critical, and 21 Important. Windows Server 2008 R2 also has 23 vulnerabilities: 2 Critical and 21 Important fixed.

Top October Patches and Vulnerabilities

CVE-2020-16898: Windows TCP/IP Remote Code Execution Vulnerability – has a CVSS Score of 9.8 making this as close to a zero-day vulnerability, however there is a countermeasure available:

  • Affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
  • Workaround: Disable ICMPv6 RDNSS using a Powershell command. Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave this workaround in place
  • No reboot is needed after implementing the workaround

 

CVE-2020-16891: Windows Hyper-V Remote Code Execution Vulnerability – has a CVSS score of 8.8 making this one of the top 3 highest vulnerabilities to prioritize this month, no countermeasure is available

  • Affects Windows 7 through Windows Server 2019 including Server Core
  • With so many IT users working from home and depending on their virtual environments, you really cannot afford not to patch this update

 

CVE-2020-16909: Windows Error Reporting Elevation of Privilege Vulnerability – has a CVSS score of 7.8 with no countermeasure.

  • This vulnerability is publicly aware meaning weaponization could happen quickly
  • The vulnerability affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
  • An attacker who successfully exploited the vulnerability could gain greater access to sensitive information and system functionality. This has been exploited previously with fileless attacks, also known as zero-footprint attacks
  • These types of attacks don’t install software or copy binaries on a user’s devices, so even some next-generation antivirus tools are more likely to miss it

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month; please pay close attention to any of these which are Publicly Aware and / or Weaponized.

 

CVE Description Vendor Severity CVSS Score Publicly Aware Weaponised Countermeasure Syxsense Recommended
CVE-2020-16909 Windows Error Reporting Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2020-16908 Windows Setup Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2020-16885 Windows Storage VSP Driver Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2020-16938 Windows Kernel Information Disclosure Vulnerability Important 5.5 Yes No No Yes
CVE-2020-16901 Windows Kernel Information Disclosure Vulnerability Important 5 Yes No No Yes
CVE-2020-16937 .NET Framework Information Disclosure Vulnerability Important 4.7 Yes No No Yes
CVE-2020-16898 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.8 No No Yes Yes
CVE-2020-16911 GDI+ Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2020-16891 Windows Hyper-V Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2020-16951 Microsoft SharePoint Remote Code Execution Vulnerability Critical 8.6 No No No Yes
CVE-2020-16952 Microsoft SharePoint Remote Code Execution Vulnerability Critical 8.6 No No No Yes
CVE-2020-16947 Microsoft Outlook Remote Code Execution Vulnerability Critical 8.1 No No No Yes
CVE-2020-17003 Base3D Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-16915 Media Foundation Memory Corruption Vulnerability Critical 7.8 No No No Yes
CVE-2020-16923 Microsoft Graphics Components Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-16967 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-16968 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-1080 Windows Hyper-V Elevation of Privilege Vulnerability Important 8.8 No No No Yes
CVE-2020-16945 Microsoft Office SharePoint XSS Vulnerability Important 8.7 No No No Yes
CVE-2020-16946 Microsoft Office SharePoint XSS Vulnerability Important 8.7 No No No Yes
CVE-2020-16944 Microsoft SharePoint Reflective XSS Vulnerability Important 8.7 No No No Yes
CVE-2020-16918 Base3D Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16939 Group Policy Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16924 Jet Database Engine Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16978 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important 7.8 No No No
CVE-2020-16929 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16930 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16931 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16932 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-1167 Microsoft Graphics Components Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16957 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16928 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16955 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16954 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-16995 Network Watcher Agent virtual machine extension for Linux Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16907 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16913 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16940 Windows – User Profile Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16920 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16912 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16936 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16972 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16973 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16974 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16975 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16976 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16916 Windows COM Server Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16935 Windows COM Server Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16895 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-1243 Windows Hyper-V Denial of Service Vulnerability Important 7.8 No No No
CVE-2020-1047 Windows Hyper-V Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16892 Windows Image Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16902 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16980 Windows iSCSI Target Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16890 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16887 Windows Network Connections Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-0764 Windows Storage Services Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16894 Windows NAT Remote Code Execution Vulnerability Important 7.7 No No No
CVE-2020-16927 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important 7.5 No No No
CVE-2020-16896 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important 7.5 No No Yes
CVE-2020-16863 Windows Remote Desktop Service Denial of Service Vulnerability Important 7.5 No No No
CVE-2020-16899 Windows TCP/IP Denial of Service Vulnerability Important 7.5 No No Yes
CVE-2020-16969 Microsoft Exchange Information Disclosure Vulnerability Important 7.1 No No No
CVE-2020-16876 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability Important 7.1 No No No
CVE-2020-16877 Windows Elevation of Privilege Vulnerability Important 7.1 No No No
CVE-2020-16934 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-16933 Microsoft Word Security Feature Bypass Vulnerability Important 7 No No No
CVE-2020-16977 Visual Studio Code Python Extension Remote Code Execution Vulnerability Important 7 No No No
CVE-2020-16900 Windows Event System Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-16905 Windows Error Reporting Elevation of Privilege Vulnerability Important 6.8 No No No
CVE-2020-16943 Dynamics 365 Commerce Elevation of Privilege Vulnerability Important 6.5 No No No
CVE-2020-16948 Microsoft SharePoint Information Disclosure Vulnerability Important 6.5 No No No
CVE-2020-16953 Microsoft SharePoint Information Disclosure Vulnerability Important 6.5 No No No
CVE-2020-16910 Windows Security Feature Bypass Vulnerability Important 6.2 No No No
CVE-2020-16897 NetBT Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-16919 Windows Enterprise App Management Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-16914 Windows GDI+ Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-16889 Windows Kernel Stream Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-16956 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important 5.4 No No No
CVE-2020-16904 Azure Functions Elevation of Privilege Vulnerability Important 5.3 No No No
CVE-2020-16886 Power Shell Get Module WDAC Security Feature Bypass Vulnerability Important 5.3 No No No
CVE-2020-16922 Windows Spoofing Vulnerability Important 5.3 No No No
CVE-2020-16950 Microsoft SharePoint Information Disclosure Vulnerability Important 5 No No No
CVE-2020-16949 Microsoft Outlook Denial of Service Vulnerability Moderate 4.7 No No No
CVE-2020-16941 Microsoft SharePoint Information Disclosure Vulnerability Important 4.1 No No No
CVE-2020-16942 Microsoft SharePoint Information Disclosure Vulnerability Important 4.1 No No No
CVE-2020-16921 Windows Text Services Framework Information Disclosure Vulnerability Important TBC No No No

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Related Posts

If Vulnerabilities Can Take Down Even the Most Prepared, What Can You Do?

If Vulnerabilities Can Take Down Even the Most Prepared, What Can You Do?

April 20, 2024
April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 9, 2024
Automating Patch and Vulnerability Management for Compliance Success

Automating Patch and Vulnerability Management for Compliance Success

March 21, 2024
March 2024 Patch Tuesday: Microsoft releases 59 fixes this month including 2 Critical Threats and 2 with CVSS Score of 9.0 or Above

March 2024 Patch Tuesday: Microsoft releases 59 fixes this month including 2 Critical Threats and 2 with CVSS Score of 9.0 or Above

March 12, 2024