August 2020 Patch Bulletin

August 2020 Patch Bulletin

ECHO releases this monthly patch bulletin for all our IT clients to provide you quick access to the latest Microsoft patches which include critical updates as well as common vulnerabilities and exposures.

 

This is a huge month for MS patches with 120 unique CVE’s, 6 technologies with critical updates, 2 zero-day vulnerabilities, and 1 of those zero days is publicly disclosed. This month we pay close attention to CVE-2020-1464(a spoofing vulnerability) and CVE-2020-1380(a remote code execution vulnerability), were both exploited prior to updates being released this month.

CVE-2020-1464 – A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.

In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded.

The update addresses the vulnerability by correcting how Windows validates file signatures.

CVE-2020-1380 – A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.

For additional details, please find the information from Microsoft below:

Technology Products Affected SeverityReferenceWorkaround/Exploited/ Publicly Disclosed Vulnerability Info
 
WindowsWindows 8.1, 8.1 RT, 10, Server 2012, 2016, 2019Critical CVE-2020-1337
CVE-2020-1339
CVE-2020-1377
CVE-2020-1378
CVE-2020-1379
CVE-2020-1383
CVE-2020-1417
CVE-2020-1459
CVE-2020-1464
CVE-2020-1466
CVE-2020-1467
CVE-2020-1470
CVE-2020-1472
CVE-2020-1473
CVE-2020-1474
CVE-2020-1475
CVE-2020-1477
CVE-2020-1478
CVE-2020-1479
CVE-2020-1480
CVE-2020-1484
CVE-2020-1485
CVE-2020-1486
CVE-2020-1487
CVE-2020-1488
CVE-2020-1489
CVE-2020-1490
CVE-2020-1492
CVE-2020-1509
CVE-2020-1510
CVE-2020-1511
CVE-2020-1512
CVE-2020-1513
CVE-2020-1515
CVE-2020-1516
CVE-2020-1517
CVE-2020-1518
CVE-2020-1519
CVE-2020-1520
CVE-2020-1521
CVE-2020-1522
CVE-2020-1524
CVE-2020-1525
CVE-2020-1526
CVE-2020-1527
CVE-2020-1528
CVE-2020-1529
CVE-2020-1530
CVE-2020-1531
CVE-2020-1533
CVE-2020-1534
CVE-2020-1535
CVE-2020-1536
CVE-2020-1537
CVE-2020-1538
CVE-2020-1539/a>
CVE-2020-1540
CVE-2020-1541
CVE-2020-1542
CVE-2020-1543
CVE-2020-1544
CVE-2020-1545
CVE-2020-1546
CVE-2020-1547
CVE-2020-1549
CVE-2020-1550
CVE-2020-1551
CVE-2020-1552
CVE-2020-1553
CVE-2020-1554
CVE-2020-1556
CVE-2020-1557
CVE-2020-1558
CVE-2020-1560
CVE-2020-1561
CVE-2020-1562
CVE-2020-1564
CVE-2020-1565
CVE-2020-1566
CVE-2020-1571
CVE-2020-1574
CVE-2020-1577
CVE-2020-1578
CVE-2020-1579
CVE-2020-1584
CVE-2020-1585
CVE-2020-1587
Workaround: No
Exploited: Yes
Public: Yes
Security Feature Bypass
Elevation of Privilege
Remote Code Execution
Information Disclosure
Spoofing
Denial of Service
EdgeEdge Chromium-BasedModerateCVE-2020-1341Workaround: No
Exploited: No
Public: No
Elevation of Privilege
EdgeEdgeHTML-based (Legacy)CriticalCVE-2020-1555
CVE-2020-1568
CVE-2020-1569
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
ChakraCoreAll
CriticalCVE-2020-1555Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Spoofing
IE11CriticalCVE-2020-1380
CVE-2020-1567
CVE-2020-1570
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Information Disclosure
SQL ServerManagement Studio 18.6ImportantCVE-2020-1455Workaround: No
Exploited: No
Public: No
Denial of Service
.NET Framework .NET 2.0, 3.5, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8CriticalCVE-2020-1046
CVE-2020-1476
Workaround: No
Exploited: No
Public: No
Denial of Service
Elevation of Privilege
Remote Code Execution
ASP.NET CoreASP.NET 2.1, 3.1ImportantCVE-2020-1597Workaround: No
Exploited: No
Public: No
Denial of Service
Office, Office Services, Office Web AppsOffice 2010, 2013, 2016, 2016 for Mac, 2019, 2019 for Mac, Online Server
Office Web Apps 2010, 2013
Outlook/Word/Access/Excel 2010, 2013, 2016
SharePoint Enterprise Server 2013, 2016
SharePoint Foundation 2010, 2013
SharePoint Server 2010, 2019
CriticalCVE-2020-1483
CVE-2020-1493
CVE-2020-1494
CVE-2020-1495
CVE-2020-1496
CVE-2020-1497
CVE-2020-1498
CVE-2020-1499
CVE-2020-1500
CVE-2020-1501
CVE-2020-1502
CVE-2020-1503
CVE-2020-1504
CVE-2020-1505
CVE-2020-1563
CVE-2020-1573
CVE-2020-1580
CVE-2020-1581
CVE-2020-1582
CVE-2020-1583
Workaround: No
Exploited: No
Public: No
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Information Disclosure
Remote Code Execution
Spoofing
DynamicsDynamics 365 on Prem 9.0ImportantCVE-2020-1591Workaround: No
Exploited: No
Public: No
Spoofing

In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.