March 2020 Patch Bulletin

March 2020 Patch Bulletin

This month we have 100 unique CVE’s listed, 11 technologies with updates, and 6 technologies with critical updates. 

The great news this month is that there were 0 publicly disclosed or attacked vulnerabilities!

Windows has 63 unique CVE’s with some of those being critical. 

For additional details, please find the information from Microsoft below:

Technology Products Affected SeverityReferenceWorkaround/Exploited/ Publicly Disclosed Vulnerability Info
 
Windows Windows 8.1, 8.1 RT, 10, Server 2012, 2016, 2019Critical CVE-2020-0645
CVE-2020-0762
CVE-2020-0763
CVE-2020-0769
CVE-2020-0770
CVE-2020-0771
CVE-2020-0662
CVE-2020-0773
CVE-2020-0776
CVE-2020-0777
CVE-2020-0778
CVE-2020-0779
CVE-2020-0780
CVE-2020-0781
CVE-2020-0783
CVE-2020-0785
CVE-2020-0786
CVE-2020-0787
CVE-2020-0788
CVE-2020-0797
CVE-2020-0798
CVE-2020-0799
CVE-2020-0800
CVE-2020-0801
CVE-2020-0802
CVE-2020-0803
CVE-2020-0806
CVE-2020-0807
CVE-2020-0808
CVE-2020-0810
CVE-2020-0814
CVE-2020-0819
CVE-2020-0820
CVE-2020-0822
CVE-2020-0845
CVE-2020-0849
CVE-2020-0853
CVE-2020-0854
CVE-2020-0857
CVE-2020-0858
CVE-2020-0859
CVE-2020-0860
CVE-2020-0861
CVE-2020-0863
CVE-2020-0864
CVE-2020-0865
CVE-2020-0866
CVE-2020-0867
CVE-2020-0868
CVE-2020-0869
CVE-2020-0871
CVE-2020-0874
CVE-2020-0876
CVE-2020-0877
CVE-2020-0879
CVE-2020-0880
CVE-2020-0881
CVE-2020-0882
CVE-2020-0883
CVE-2020-0885
CVE-2020-0887
CVE-2020-0896
CVE-2020-0897
CVE-2020-0898
Workaround: No
Public: No
Exploited: No
Denial of Service
Elevation of Privilege
Information Disclosure
Tampering
Remote Code Execution
EdgeMicrosoft Edge (EdgeHTML-based)CriticalCVE-2020-0768
CVE-2020-0816
CVE-2020-0823
CVE-2020-0848
CVE-2020-0811
CVE-2020-0812
CVE-2020-0813
CVE-2020-0825
CVE-2020-0826
CVE-2020-0827
CVE-2020-0828
CVE-2020-0829
CVE-2020-0830
CVE-2020-0831
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Information Disclosure
ChakraCoreAllCriticalCVE-2020-0768
CVE-2020-0811
CVE-2020-0812
CVE-2020-0813
CVE-2020-0823
CVE-2020-0825
CVE-2020-0826
CVE-2020-0827
CVE-2020-0828
CVE-2020-0829
CVE-2020-0830
CVE-2020-0831
CVE-2020-0848
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Information Disclosure
IE9, 10, 11CriticalCVE-2020-0768
CVE-2020-0824
guidance/advisory/CVE-2020-0830">CVE-2020-0830
CVE-2020-0832
CVE-2020-0833
CVE-2020-0847
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Exchange ServerExchange Server 2016, 2019
ImportantCVE-2020-0903Workaround: No
Exploited: No
Public: No
Spoofing
Office, Office Services, Office Web AppsOffice 2010, 2016 for Mac, 2019, 2019 for Mac
Office Online Server
SharePoint Enterprise Server 2013, 2016
Foundation 2010, 2013
Server 2020, 2019
Word 2010, 2013, 2016
Office 365 ProPlus
CriticalCVE-2020-0795
CVE-2020-0850
CVE-2020-0851
CVE-2020-0855
CVE-2020-0891
CVE-2020-0892
CVE-2020-0893
CVE-2020-0894
Workaround: No
Exploited: No
Public: No
Information Disclosure
Remote Code Execution
Spoofing
Azure DevOps2019ImportantCVE-2020-0700
CVE-2020-0758
CVE-2020-0815
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Spoofing
Visual Studio
2015, 2017, 2019
ImportantCVE-2020-0789
CVE-2020-0793
CVE-2020-0810
CVE-2020-0884
Workaround: No
Exploited: No
Public: No
Denial of Service
Elevation of Privilege
Spoofing
Open SourceApplication InspectorImportantCVE-2020-0872Workaround: No
Exploited: No
Public: No
Remote Code Execution
AzureService FabricImportantCVE-2020-0902Workaround: No
Exploited: No
Public: No

Elevation of Privilege
DynamicsDynamics 365 Business Central 2019
Dynamics 365 BC On Premise
Dynamics NAV 2013, 2015, 2016, 2017, 2018
CriticalCVE-2020-0905Workaround: No
Exploited: No
Public: No
Remote Code Execution

In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.