Skip to main content
Tag

microsoft

||

Microsoft’s February 2020 Patch Tuesday Fixes 99 Security Issues

By Patch Management, Patch TuesdayNo Comments

Microsoft’s February 2020 Patch Tuesday Fixes 99 Security Issues

The official Patch Tuesday updates have arrived for February, including 99 vulnerability fixes. Catch up on the latest news from Microsoft and start patching.
[vc_empty_space]
[vc_single_image image=”36945″ img_size=”full”]

February Patch Tuesday is Here

Microsoft have released 99 patches today. There are 12 Critical patches with the remaining marked Important.

Support for Windows 7 and Windows Server 2008 (including R2) was officially ended last month, but there are plenty of updates released this month for customers who have purchased an extension agreement.

Zero Day Weaponized Bug for IE

CVE-2020-0674, which carries a Critical vendor severity and High CVSS score, has been documented as being Publicly Aware and actively Weaponized.

This is as close to a Zero Day as you can get, and we encourage all users still using Internet Explorer to update this as soon as possible. This vulnerability affects Windows 7, which officially ended support last month, and Windows 10 through Windows Server 2008 to 2012.

Robert Brown, Director of Services for Syxsense said, “If you are still using Internet Explorer on Windows 7 and have not purchased the CSA / ESU extension, you may wish to consider uninstalling IE and replacing it with another browser immediately due to the critical nature of this vulnerability. It has huge potential to be used to install Ransomware or other software simply by accessing an infected website. Customers using Syxsense Manage or Syxsense Secure will be able to deploy all new Windows 7 content to your licensed Windows 7 systems.”

[vc_single_image image=”36750″ img_size=”full” alignment=”center” onclick=”custom_link” css_animation=”fadeIn” link=”https://www.syxsense.com/internet-explorer-vulnerability-has-massive-security-flaw/”]

Microsoft released a security advisory for an unpatched IE code-execution vulnerability.

Another Adobe Headache

Adobe released 42 updates today—the largest of the year so far. They have fixed bugs in Framemaker, Experience Manager, Adobe Digital Editions, Flash, and Acrobat and Reader. Both Syxsense and Adobe recommend these Critical updates be deployed within the next 7 days.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Syxsense Recommendations

Based on the vendor severity and CVSS score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are Publicly Aware and / or Weaponized.

 

CVE Ref. Description Vendor Severity CVSS Base Score Counter-measure Publicly Aware Weaponized Syxsense Recommended
CVE-2020-0674 Scripting Engine Memory Corruption Vulnerability Critical 7.5 No Yes Yes Yes
CVE-2020-0689 Microsoft Secure Boot Security Feature Bypass Vulnerability Important 8.2 No Yes No Yes
CVE-2020-0683 Windows Installer Elevation of Privilege Vulnerability Important 7 No Yes No Yes
CVE-2020-0686 Windows Installer Elevation of Privilege Vulnerability Important 7 No Yes No Yes
CVE-2020-0706 Microsoft Browser Information Disclosure Vulnerability Important 4.3 No Yes No Yes
CVE-2020-0738 Media Foundation Memory Corruption Vulnerability Critical 8.8 No No No Yes
CVE-2020-0662 Windows Remote Code Execution Vulnerability Critical 8.6 No No No Yes
CVE-2020-0729 LNK Remote Code Execution Vulnerability Critical 7.5 No No No Yes
CVE-2020-0681 Remote Desktop Client Remote Code Execution Vulnerability Critical 7.5 No No No Yes
CVE-2020-0734 Remote Desktop Client Remote Code Execution Vulnerability Critical 7.5 No No No Yes
CVE-2020-0673 Scripting Engine Memory Corruption Vulnerability Critical 7.5 No No No Yes
CVE-2020-0767 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0710 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0712 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0713 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0711 Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2020-0757 Windows SSH Elevation of Privilege Vulnerability Important 8.2 No No No Yes
CVE-2020-0655 Remote Desktop Services Remote Code Execution Vulnerability Important 8 No No No Yes
CVE-2020-0740 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0741 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0742 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0743 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0749 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0750 Connected Devices Platform Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0727 Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0703 Windows Backup Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0701 Windows Client License Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0657 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0747 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0659 Windows Data Sharing Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0737 Windows Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0739 Windows Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0753 Windows Error Reporting Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0754 Windows Error Reporting Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0678 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0679 Windows Function Discovery Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0680 Windows Function Discovery Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0682 Windows Function Discovery Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0745 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0707 Windows IME Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0668 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0669 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0670 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0671 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0672 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0666 Windows Search Indexer Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0667 Windows Search Indexer Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0735 Windows Search Indexer Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0752 Windows Search Indexer Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0704 Windows Wireless Network Manager Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-0708 Windows Imaging Library Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2020-0660 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important 7.5 No No No
CVE-2020-0709 DirectX Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0732 DirectX Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0720 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0721 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0722 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0723 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0725 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0726 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0731 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0719 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0724 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0685 Windows COM Server Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0792 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0715 Windows Graphics Component Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-0661 Windows Hyper-V Denial of Service Vulnerability Important 6.8 No No No
CVE-2020-0665 Active Directory Elevation of Privilege Vulnerability Important 6.6 No No No
CVE-2020-0730 Windows User Profile Service Elevation of Privilege Vulnerability Important 6.3 No No No
CVE-2020-0751 Windows Hyper-V Denial of Service Vulnerability Important 6 No No No
CVE-2020-0746 Microsoft Graphics Components Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0717 Win32k Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0716 Win32k Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0658 Windows Common Log File System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0744 Windows GDI Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0698 Windows Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0736 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0675 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0676 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0677 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0748 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0755 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0756 Windows Key Isolation Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0705 Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-0691 Win32k Elevation of Privilege Vulnerability Important 4.7 No No No
CVE-2020-0714 DirectX Information Disclosure Vulnerability Important 4.7 No No No
CVE-2020-0663 Microsoft Edge Elevation of Privilege Vulnerability Important 4.2 No No No
CVE-2020-0728 Windows Modules Installer Service Information Disclosure Vulnerability Important 3.3 No No No
CVE-2020-0692 Microsoft Exchange Server Elevation of Privilege Vulnerability Important TBC No No No
CVE-2020-0733 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability Important TBC No No No
CVE-2020-0759 Microsoft Excel Remote Code Execution Vulnerability Important TBC No No No
CVE-2020-0688 Microsoft Exchange Memory Corruption Vulnerability Important TBC No No No
CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability Important TBC No No No
CVE-2020-0696 Microsoft Outlook Security Feature Bypass Vulnerability Important TBC No No No
CVE-2020-0702 Surface Hub Security Feature Bypass Vulnerability Important TBC No No No
CVE-2020-0695 Microsoft Office Online Server Spoofing Vulnerability Important TBC No No No
CVE-2020-0697 Microsoft Office Tampering Vulnerability Important TBC No No No
CVE-2020-0693 Microsoft Office SharePoint XSS Vulnerability Important TBC No No No
CVE-2020-0694

February Patch Tuesday: No Love From Microsoft

By Patch Management, Patch TuesdayNo Comments
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
|Patch Tuesday

Patch Tuesday: February 2015

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image image=”3020″ img_size=”full” alignment=”center”]

This month’s Patch Tuesday is a bit of an interesting one…

MS15-011 affects all supported editions of Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 RT, and Windows RT 8.1. Essentially, any domain-joined Windows Clients and Servers may be at risk.

The flaw, dubbed JASBUG, was discovered by JAS Global Advisors back in January 2014. The company however, adhered to good disclosure practices and the vulnerability wasn’t made public until Microsoft had prepared a fix. The fact that it has taken Microsoft over a year to develop a fix should indicate just how wide ranging and complex the vulnerability is.

According to JAS Global Advisors: “The fix required Microsoft to re-engineer core components of the operating system and to add several new features.”

Outlined below are the critical updates you need to be focusing on. As usual, we have cross-checked Microsoft’s own rating with US-CERT’s independent assessment of the patches so you are in the best position to choose the most important updates for your business.

MS15-011

This security update, which I mentioned above, is a remote code execution vulnerability existing in how group policy receives and applies connection data when a domain-joined system connects to a domain controller. An attacker who successfully exploits this vulnerability could take complete control of an affected system, letting them install programs; change, view, or delete data; or even create new accounts with full user rights.

MS15-010

The most severe of the six privately reported vulnerabilities could, again, allow remote code execution if an attacker is able to convince a user to open a specially crafted document, or to visit an untrusted website that contains embedded TrueType fonts.

MS15-009

This security update resolves one publicly disclosed and 40 privately reported vulnerabilities in Internet Explorer, with the most severe of these allowing remote code execution. If a user views a specially crafted web page it could allow an attacker to gain the same user rights as the current user.

Microsoft rates the remaining six patches in February’s update as Important. A full breakdown of these ratings compared to the US-CERT ratings can be found in the table below. I’d always advise to use US-CERT’s rating in conjunction with Microsoft’s, which will give you a much clearer picture of which patches you should be prioritising.

Update no.
CVSS score
Microsoft rating
Affected Software
Details
MS15-012 9.3 Important Microsoft
Office
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3032328)
MS15-011 8.3 Critical Microsoft Windows Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)
MS15-010 7.2 Critical Microsoft Windows Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (3036220)
MS15-009 6.8 Critical Microsoft Windows, Internet
Explorer
Security update for Internet Explorer (3034682)
MS15-017 6.8 Important Microsoft Server Software Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege (3035898)
MS15-015 6.0 Important Microsoft Windows Vulnerability in Microsoft Windows Could Allow Elevation of Privilege (3031432)
MS15-013 4.3 Important Microsoft
Office
Vulnerability in Microsoft Office Could Allow Security Feature Bypass (3033857)
MS15-016 4.3 Important Microsoft Windows Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3029944)
MS15-014 3.3 Important Microsoft Windows Vulnerability in Group Policy Could Allow Security Feature Bypass (3004361)