July 2020 Patch Bulletin
This is a huge month for MS patches with 125 unique vulnerabilities – 6 technologies with critical updates, and one publicly disclosed vulnerability.
This month we pay close attention to CVE-2020-1463(the publicly disclosed vulnerability is an elevation of privilege flaw but was not reported to be attacked in the wild) and CVE-2020-1350( a remote code execution vulnerability in DNS servers that Microsoft identifies as potentially wormable.)
CVE-2020-1463 – An elevation of privilege vulnerability exists in the way that the SharedStream Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the SharedStream Library properly handles objects in memory.
CVE-2020-1350 – A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability. To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server. The update addresses the vulnerability by modifying how Windows DNS servers handle requests.
For additional details, please find the information from Microsoft below:
| Technology | Products Affected | Severity | Reference | Workaround/Exploited/ Publicly Disclosed Vulnerability Info | |
|---|---|---|---|---|---|
| Windows | Windows 8.1, 8.1 RT, 10, Server 2012, 2012 R2, 2016, 2019 | Critical | CVE-2020-1032 CVE-2020-1036 CVE-2020-1040 CVE-2020-1041 CVE-2020-1042 CVE-2020-1043 CVE-2020-1085 CVE-2020-1249 CVE-2020-1267 CVE-2020-1330 CVE-2020-1333 CVE-2020-1336 CVE-2020-1344 CVE-2020-1346 CVE-2020-1347 CVE-2020-1350 CVE-2020-1351 CVE-2020-1352 CVE-2020-1353 CVE-2020-1354 CVE-2020-1355 CVE-2020-1356 CVE-2020-1357 CVE-2020-1358 CVE-2020-1359 CVE-2020-1360 CVE-2020-1361 CVE-2020-1362 CVE-2020-1363 CVE-2020-1364 CVE-2020-1365 CVE-2020-1366 CVE-2020-1367 CVE-2020-1368 CVE-2020-1369 CVE-2020-1370 CVE-2020-1371 CVE-2020-1372 CVE-2020-1373 CVE-2020-1374 CVE-2020-1375 CVE-2020-1381 CVE-2020-1382 CVE-2020-1384 CVE-2020-1385 CVE-2020-1386 CVE-2020-1387 CVE-2020-1388 CVE-2020-1389 CVE-2020-1390 CVE-2020-1391 CVE-2020-1392 CVE-2020-1393 CVE-2020-1394 CVE-2020-1395 CVE-2020-1396/a> CVE-2020-1397 CVE-2020-1398 CVE-2020-1399 CVE-2020-1400 CVE-2020-1401 CVE-2020-1402 CVE-2020-1404 CVE-2020-1405 CVE-2020-1406 CVE-2020-1407 CVE-2020-1408 CVE-2020-1409 CVE-2020-1410 CVE-2020-1411 CVE-2020-1412 CVE-2020-1413 CVE-2020-1414 CVE-2020-1415 CVE-2020-1418 CVE-2020-1419 CVE-2020-1420 CVE-2020-1421 CVE-2020-1422 CVE-2020-1423 CVE-2020-1424 CVE-2020-1425 CVE-2020-1426 CVE-2020-1427 CVE-2020-1428 CVE-2020-1429 CVE-2020-1430 CVE-2020-1431 CVE-2020-1434 CVE-2020-1435 CVE-2020-1436 CVE-2020-1437 CVE-2020-1438 CVE-2020-1441 CVE-2020-1457 CVE-2020-1463 CVE-2020-1468 | Workaround: Yes Public: Yes Exploited: No | Elevation of Privilege Remote Code Execution Tampering Denial of Service Information Disclosure |
| Edge | EdgeHTML-based | Important | CVE-2020-1433 CVE-2020-1462 | Workaround: No Exploited: No Public: No | Information Disclosure |
| IE | 11 | Critical | CVE-2020-1403 CVE-2020-1432 | Workaround: No Exploited: No Public: No | Remote Code Execution Information Disclosure |
| Office, Office Services, Office Web Apps | Office 2010, 2016 for Mac, 2019, 2019 for Mac Office Web Apps 2010, 2013, 365 Outlook/Word 2010, 2013, 2016 SharePoint Enterprise Server 2013, 2016 SharePoint Foundation 2013 SharePoint Server 2010, 2019 | Critical | CVE-2020-1025 CVE-2020-1147 CVE-2020-1240 CVE-2020-1342 CVE-2020-1349 CVE-2020-1409 CVE-2020-1439 CVE-2020-1442 CVE-2020-1443 CVE-2020-1444 CVE-2020-1445 CVE-2020-1446 CVE-2020-1447 CVE-2020-1448 CVE-2020-1449 CVE-2020-1450 CVE-2020-1451 CVE-2020-1454 CVE-2020-1456 CVE-2020-1458 CVE-2020-1465 | Workaround: No Exploited: No Public: No | Elevation of Privilege Remote Code Execution Spoofing Information Disclosure |
| Defender | All | Important | CVE-2020-1461 | Workaround: No Exploited: No Public: No | Elevation of Privilege |
| Skype for Business | 2015, 2019 | Critical | CVE-2020-1025 | Workaround: No Exploited: No Public: No | Elevation of Privilege |
| Visual Studio | 2015, 2017, 2019, Code, Code ESLint extension | Critical | CVE-2020-1147 CVE-2020-1393 CVE-2020-1416 CVE-2020-1481 | Workaround: No Exploited: No Public: No | Elevation of Privilege Remote Code Execution |
| OneDrive | OneDrive for Windows | Important | CVE-2020-1465 | Workaround: No Exploited: No Public: No | Elevation of Privilege |
| .NET Framework | .NET Core 2.1, 3.1 .NET Framework 2.0, 3.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 | Critical | CVE-2020-1147 | Workaround: No Exploited: No Public: No | Remote Code Execution |
| Azure DevOps | DevOps Server 2019 Storage Explorer | Important | CVE-2020-1326 CVE-2020-1416 | Workaround: No Exploited: No Public: No | Elevation of Privilege Spoofing |
In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.