Microsoft has released October Patch Tuesday security updates, addressing a total of 87 vulnerabilities in the family of Windows operating systems and related products. In which, 11 are classified as Critical that can be used by the attackers to get complete control over an unpatched victim system.
All of the critical bugs are remote code execution, Overall updates in Patch Tuesday includes fixes for Microsoft Windows, Azure Functions, Open Source Software, Office and Office Services and Web Apps, .NET Framework, Microsoft Dynamics, Exchange Server, Visual Studio, and the Windows Codecs Library. At the time of the release of updates, there were no zero-days and no vulnerabilities that had been publicly disclosed or under active attack.
Interesting Vulnerabilities :
Windows TCP/IP Remote Code Execution Vulnerability | CVE-2020-16898 :
A remote code execution vulnerability(RCE) exists in the TCP/IP stack, This vulnerability can be exploited by attackers without any authentication and it is potentially wormable. A specially crafted ICMPv6 router advertisement could cause code execution on an unpatched system. It is being assumed that code execution with elevated privileges could be possible as the code execution occurs in the TCP/IP stack.
- Successful exploitation of the vulnerability could run arbitrary code with elevated privileges on the affected system.
Microsoft Outlook Remote Code Execution Vulnerability | CVE-2020-16947 :
A remote code execution(RCE) vulnerability exists in the affected versions of Outlook. The flaw exists in the parsing of HTML content within an email, flaw results due to a lack of proper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer.
- Successful exploitation of the vulnerability could run arbitrary code in the context of the current user and gain the ability to install programs; view, change, or delete data; or create new accounts with full user rights. Users with administrative rights are highly impacted as compared to users having fewer rights.
Windows Hyper-V Remote Code Execution Vulnerability | CVE-2020-16891 :
A remote code execution(RCE) vulnerability exists in Windows Hyper-V. The flaw exists due to Hyper-v on a host server fails to properly validate input from an authenticated user on a guest operating system. An attacker can run a specially crafted program on an affected guest OS to get arbitrary code execution on the host OS.
- Successful exploitation of the vulnerability could run arbitrary code on the host operating system.
Windows Error Reporting Elevation of Privilege Vulnerability | CVE-2020-16909 :
An elevation of privilege vulnerability exists in Windows Error Reporting (WER). The flaw exists in the way WER handles and executes files. Components of Windows Error Reporting could allow an authenticated attacker to execute arbitrary code with escalated privileges. To exploit the flaw, an attacker could run a specially crafted application.
- Successful exploitation of the vulnerability could run arbitrary code with escalated privileges and could gain greater access to sensitive information and system functionality.
Microsoft Security Bulletin Summary for October 2020:
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- Azure Functions
- Microsoft Exchange Server
- Visual Studio
- Microsoft .NET Framework
- Microsoft Dynamics
- Adobe Flash Player
Product: Microsoft Windows
CVEs/Advisory: CVE-2020-16891, CVE-2020-16898, CVE-2020-16911, CVE-2020-16915, CVE-2020-16923, CVE-2020-16967, CVE-2020-16968
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, Spoofing
KBs: 4577668, 4577671, 4579311, 4580327, 4580328, 4580330, 4580346, 4580347, 4580353, 4580358, 4580382
Product: Microsoft Office and Microsoft Office Services and Web Apps
CVEs/Advisory: CVE-2020-16947, CVE-2020-16951, CVE-2020-16952, CVE-2020-17003
Impact: Elevation of Privilege, Remote Code Execution, Spoofing, Information Disclosure
KBs: 4486671, 4486676, 4486677, 4486694
Product: Azure Functions
Impact: Elevation of Privilege
Product: Visual Studio Code
Impact: Remote Code Execution
Product: Microsoft .NET Framework
Impact: Information Disclosure
KBs: 4578968, 4578969, 4578971, 4578972, 4578974, 4579976, 4579977, 4579978, 4579979, 4579980, 4580328, 4580330, 4580346, 4580467, 4580468, 4580469, 4580470
SanerNow detects these vulnerabilities and automatically fixes it by applying security updates. Download SanerNow and keep your systems updated and secure.
Source : https://www.secpod.com/blog/patch-tuesday-microsoft-security-bulletin-summary-for-october-2020/