October Patch Tuesday Fixes 87 Vulnerabilities

With 87 vulnerabilities remediated, October Patch Tuesday includes 11 Critical, 75 Important and 1 patch marked as Important.

Microsoft fixed less vulnerabilities this month, but we have identified 6 vulnerabilities that are publicly aware—one is so severe it should be considered Zero Day. There is still urgent work to do.

Additionally, there has been many Windows 7 and Windows Server 2008 (including R2) vulnerabilities for those subscribed to the ESU extension: Windows 7 has 23 vulnerabilities, 2 Critical, and 21 Important. Windows Server 2008 R2 also has 23 vulnerabilities: 2 Critical and 21 Important fixed.

Top October Patches and Vulnerabilities

CVE-2020-16898: Windows TCP/IP Remote Code Execution Vulnerability – has a CVSS Score of 9.8 making this as close to a zero-day vulnerability, however there is a countermeasure available:

• Affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
• Workaround: Disable ICMPv6 RDNSS using a Powershell command. Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave this workaround in place
• No reboot is needed after implementing the workaround

 

CVE-2020-16891: Windows Hyper-V Remote Code Execution Vulnerability – has a CVSS score of 8.8 making this one of the top 3 highest vulnerabilities to prioritize this month, no countermeasure is available

• Affects Windows 7 through Windows Server 2019 including Server Core
• With so many IT users working from home and depending on their virtual environments, you really cannot afford not to patch this update

 

CVE-2020-16909: Windows Error Reporting Elevation of Privilege Vulnerability – has a CVSS score of 7.8 with no countermeasure.

• This vulnerability is publicly aware meaning weaponization could happen quickly
• The vulnerability affects Windows 10, Windows Server 2016, Windows Server 2019 and Server Core
• An attacker who successfully exploited the vulnerability could gain greater access to sensitive information and system functionality. This has been exploited previously with fileless attacks, also known as zero-footprint attacks
• These types of attacks don’t install software or copy binaries on a user’s devices, so even some next-generation antivirus tools are more likely to miss it

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month; please pay close attention to any of these which are Publicly Aware and / or Weaponized.

 

CVE	Description	Vendor Severity	CVSS Score	Publicly Aware	Weaponised	Countermeasure	Syxsense Recommended
CVE-2020-16909	Windows Error Reporting Elevation of Privilege Vulnerability	Important	7.8	Yes	No	No	Yes
CVE-2020-16908	Windows Setup Elevation of Privilege Vulnerability	Important	7.8	Yes	No	No	Yes
CVE-2020-16885	Windows Storage VSP Driver Elevation of Privilege Vulnerability	Important	7.8	Yes	No	No	Yes
CVE-2020-16938	Windows Kernel Information Disclosure Vulnerability	Important	5.5	Yes	No	No	Yes
CVE-2020-16901	Windows Kernel Information Disclosure Vulnerability	Important	5	Yes	No	No	Yes
CVE-2020-16937	.NET Framework Information Disclosure Vulnerability	Important	4.7	Yes	No	No	Yes
CVE-2020-16898	Windows TCP/IP Remote Code Execution Vulnerability	Critical	9.8	No	No	Yes	Yes
CVE-2020-16911	GDI+ Remote Code Execution Vulnerability	Critical	8.8	No	No	No	Yes
CVE-2020-16891	Windows Hyper-V Remote Code Execution Vulnerability	Critical	8.8	No	No	No	Yes
CVE-2020-16951	Microsoft SharePoint Remote Code Execution Vulnerability	Critical	8.6	No	No	No	Yes
CVE-2020-16952	Microsoft SharePoint Remote Code Execution Vulnerability	Critical	8.6	No	No	No	Yes
CVE-2020-16947	Microsoft Outlook Remote Code Execution Vulnerability	Critical	8.1	No	No	No	Yes
CVE-2020-17003	Base3D Remote Code Execution Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2020-16915	Media Foundation Memory Corruption Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2020-16923	Microsoft Graphics Components Remote Code Execution Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2020-16967	Windows Camera Codec Pack Remote Code Execution Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2020-16968	Windows Camera Codec Pack Remote Code Execution Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2020-1080	Windows Hyper-V Elevation of Privilege Vulnerability	Important	8.8	No	No	No	Yes
CVE-2020-16945	Microsoft Office SharePoint XSS Vulnerability	Important	8.7	No	No	No	Yes
CVE-2020-16946	Microsoft Office SharePoint XSS Vulnerability	Important	8.7	No	No	No	Yes
CVE-2020-16944	Microsoft SharePoint Reflective XSS Vulnerability	Important	8.7	No	No	No	Yes
CVE-2020-16918	Base3D Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-16939	Group Policy Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16924	Jet Database Engine Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-16978	Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability	Important	7.8	No	No	No
CVE-2020-16929	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-16930	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-16931	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-16932	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-1167	Microsoft Graphics Components Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-16957	Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-16928	Microsoft Office Click-to-Run Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16955	Microsoft Office Click-to-Run Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16954	Microsoft Office Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2020-16995	Network Watcher Agent virtual machine extension for Linux Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16907	Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16913	Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16940	Windows – User Profile Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16920	Windows Application Compatibility Client Library Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16912	Windows Backup Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16936	Windows Backup Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16972	Windows Backup Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16973	Windows Backup Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16974	Windows Backup Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16975	Windows Backup Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16976	Windows Backup Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16916	Windows COM Server Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16935	Windows COM Server Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16895	Windows Error Reporting Manager Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-1243	Windows Hyper-V Denial of Service Vulnerability	Important	7.8	No	No	No
CVE-2020-1047	Windows Hyper-V Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16892	Windows Image Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16902	Windows Installer Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16980	Windows iSCSI Target Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16890	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16887	Windows Network Connections Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-0764	Windows Storage Services Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2020-16894	Windows NAT Remote Code Execution Vulnerability	Important	7.7	No	No	No
CVE-2020-16927	Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability	Important	7.5	No	No	No
CVE-2020-16896	Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability	Important	7.5	No	No	Yes
CVE-2020-16863	Windows Remote Desktop Service Denial of Service Vulnerability	Important	7.5	No	No	No
CVE-2020-16899	Windows TCP/IP Denial of Service Vulnerability	Important	7.5	No	No	Yes
CVE-2020-16969	Microsoft Exchange Information Disclosure Vulnerability	Important	7.1	No	No	No
CVE-2020-16876	Windows Application Compatibility Client Library Elevation of Privilege Vulnerability	Important	7.1	No	No	No
CVE-2020-16877	Windows Elevation of Privilege Vulnerability	Important	7.1	No	No	No
CVE-2020-16934	Microsoft Office Click-to-Run Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2020-16933	Microsoft Word Security Feature Bypass Vulnerability	Important	7	No	No	No
CVE-2020-16977	Visual Studio Code Python Extension Remote Code Execution Vulnerability	Important	7	No	No	No
CVE-2020-16900	Windows Event System Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2020-16905	Windows Error Reporting Elevation of Privilege Vulnerability	Important	6.8	No	No	No
CVE-2020-16943	Dynamics 365 Commerce Elevation of Privilege Vulnerability	Important	6.5	No	No	No
CVE-2020-16948	Microsoft SharePoint Information Disclosure Vulnerability	Important	6.5	No	No	No
CVE-2020-16953	Microsoft SharePoint Information Disclosure Vulnerability	Important	6.5	No	No	No
CVE-2020-16910	Windows Security Feature Bypass Vulnerability	Important	6.2	No	No	No
CVE-2020-16897	NetBT Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-16919	Windows Enterprise App Management Service Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-16914	Windows GDI+ Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-16889	Windows Kernel Stream Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2020-16956	Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability	Important	5.4	No	No	No
CVE-2020-16904	Azure Functions Elevation of Privilege Vulnerability	Important	5.3	No	No	No
CVE-2020-16886	Power Shell Get Module WDAC Security Feature Bypass Vulnerability	Important	5.3	No	No	No
CVE-2020-16922	Windows Spoofing Vulnerability	Important	5.3	No	No	No
CVE-2020-16950	Microsoft SharePoint Information Disclosure Vulnerability	Important	5	No	No	No
CVE-2020-16949	Microsoft Outlook Denial of Service Vulnerability	Moderate	4.7	No	No	No
CVE-2020-16941	Microsoft SharePoint Information Disclosure Vulnerability	Important	4.1	No	No	No
CVE-2020-16942	Microsoft SharePoint Information Disclosure Vulnerability	Important	4.1	No	No	No
CVE-2020-16921	Windows Text Services Framework Information Disclosure Vulnerability	Important	TBC	No	No	No