1. Cybersecurity >
  2. Hacker >
  3. The February 2020 Security Update Review

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

The February 2020 Security Update Review


Hacking vom | Direktlink: thezdi.com Nachrichten Bewertung

February is here, and with it comes some significant security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.

Adobe Patches for February 2020

The Adobe release for February includes five bulletins addressing a total of 42 CVEs in Framemaker, Experience Manager, Adobe Digital Editions, Flash, and Acrobat and Reader. The update for Framemaker fixes 21 Critical-rated bugs, all of which were submitted through the ZDI program. The vast majority of these are Out-of-Bounds (OOB) write bugs that could lead to code execution. The update for Adobe Acrobat and Reader fixes 17 CVEs – seven of which are Use-After-Free (UAF) bugs. The worst of these bugs could allow an attacker to execute code on an affected system if they opened a specially crafted file. The Flash update fixes a single type confusion bug that could allow code execution at the level of the logged-on user. The patch for Adobe Digital Editions fixes two CVEs, one of which is a command injection bug that could allow code execution. The final patch from Adobe for February corrects a single Denial-of-Service (DoS) bug in the Experience Manager. None of these bugs are listed as publicly known or under active attack at the time of release.

We should also mention that Adobe released a patch for their Magento Commerce platform in late January to correct six CVEs. Adobe acquired Magento last May for $1.68 billion USD, and this appears to be the first patch released for the platform since the acquisition. None of these Critical- and Important-rated bugs are listed as publicly known or under active attack. What isn’t clear is if patches for Magento will eventually be included in the regular Patch Tuesday release or if they will be released outside of the standard schedule.

Microsoft Patches for February 2020

For February, Microsoft released patches for a whopping 99 CVEs covering Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Internet Explorer (IE), SQL Server, Exchange Server, Office and Office Services and Web Apps, Azure DevOps Server, Team Foundation Server, and the Microsoft Malware Protection Engine. Of the 99 CVEs, 12 are listed as Critical while the remaining 87 are listed as Important in severity. Three of these vulnerabilities were reported through the ZDI program. According to Microsoft, five of these bugs are publicly known and one is currently under active attack.

Let’s take a closer look at some of the more interesting updates for this month, starting with the bug reported to be under active attack since mid-January:

-       CVE-2020-0674 – Scripting Engine Memory Corruption Vulnerability
This browser bug impacts IE and the other programs that rely on the Trident rendering engine. Microsoft first warned users of this bug back on January 17. Attackers can execute code on affected systems if a user browses to a specially crafted website. Even if you don’t use IE, you could still be affected by this bug though embedded objects in Office documents. Considering the listed workaround – disabling jscript.dll – breaks a fair amount of functionality, you should prioritize the testing and deployment of this patch.

-       CVE-2020-0688 – Microsoft Exchange Memory Corruption Vulnerability
This code execution bug in Exchange is only listed as Important, but you should treat it as a Critical-rated vulnerability. An attacker could gain code execution on affected Exchange servers by sending a specially crafted e-mail. No other user interaction is required. The code execution occurs at System-level permissions, so the attacker could completely take control of an Exchange server through a single e-mail. This bug was reported through our program, and we’ll publish details about it in the near future.

-       CVE-2020-0729 – LNK Remote Code Execution Vulnerability
Bugs impacting link files (.LNK) never fail to amaze me. If .LNK vulnerabilities ring a bell, that’s likely due to one being used in the Stuxnet malware that remained one of the most widely exploited software flaws for years to come. This bug is similar. An attacker could use this vulnerability to get code execution by having an affected system process a specially crafted .LNK file. This could be done by convincing a user to open a remote share, or – as has been seen in the past – placing the .LNK file on a USB drive and having the user open it. It’s a handy way to exploit an air-gapped system.

-       CVE-2020-0689 – Microsoft Secure Boot Security Feature Bypass Vulnerability
This security feature bypass bug could allow attackers to circumvent the Secure Boot feature and load untrusted software on an affected system. This is one of the publicly known bugs being patched this month. While this is certainly a bug to scrutinize, it’s compounded by a non-standard patching process. This month’s servicing stack must first be applied, then additional standalone security updates need to be installed. If you have the Windows Defender Credential Guard (Virtual Secure Mode) enabled, you’ll need to go through two additional reboots as well. All this is needed to block impacted third-party bootloaders.

Here’s the full list of CVEs released by Microsoft for February 2020.

CVE Title Severity Public Exploited XI - Latest XI - Older Type
CVE-2020-0674 Scripting Engine Memory Corruption Vulnerability Critical Yes Yes 0 0 RCE
CVE-2020-0683 Windows Installer Elevation of Privilege Vulnerability Important Yes No 2 2 EoP
CVE-2020-0686 Windows Installer Elevation of Privilege Vulnerability Important Yes No 2 2 EoP
CVE-2020-0706 Microsoft Browser Information Disclosure Vulnerability Important Yes No 2 2 Info
CVE-2020-0689 Microsoft Secure Boot Security Feature Bypass Vulnerability Important Yes No 2 2 SFB
CVE-2020-0729 LNK Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-0738 Media Foundation Memory Corruption Vulnerability Critical No No 2 2 RCE
CVE-2020-0681 Remote Desktop Client Remote Code Execution Vulnerability Critical No No 1 1 RCE
CVE-2020-0734 Remote Desktop Client Remote Code Execution Vulnerability Critical No No 1 1 RCE
CVE-2020-0673 Scripting Engine Memory Corruption Vulnerability Critical No No 1 1 RCE
CVE-2020-0767 Scripting Engine Memory Corruption Vulnerability Critical No No 2 2 RCE
CVE-2020-0710 Scripting Engine Memory Corruption Vulnerability Critical No No 2 N/A RCE
CVE-2020-0712 Scripting Engine Memory Corruption Vulnerability Critical No No 2 N/A RCE
CVE-2020-0713 Scripting Engine Memory Corruption Vulnerability Critical No No 2 N/A RCE
CVE-2020-0711 Scripting Engine Memory Corruption Vulnerability Critical No No N/A 2 RCE
CVE-2020-0662 Windows Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-0757 Windows SSH Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0661 Windows Hyper-V Denial of Service Vulnerability Important No No 2 2 DoS
CVE-2020-0751 Windows Hyper-V Denial of Service Vulnerability Important No No 2 N/A DoS
CVE-2020-0660 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important No No 2 2 DoS
CVE-2020-0665 Active Directory Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0740 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0741 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0742 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0743 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0749 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0750 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0727 Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0709 DirectX Elevation of Privilege Vulnerability Important No No N/A 2 EoP
CVE-2020-0732 DirectX Elevation of Privilege Vulnerability Important No No N/A 2 EoP
CVE-2020-0663 Microsoft Edge Elevation of Privilege Vulnerability Important No No 2 N/A EoP
CVE-2020-0692 Microsoft Exchange Server Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0720 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0721 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0722 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0723 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0725 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0726 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0731 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0719 Win32k Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0724 Win32k Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0691 Win32k Elevation of Privilege Vulnerability Important No No 3 3 EoP
CVE-2020-0703 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0701 Windows Client License Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0685 Windows COM Server Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0657 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0747 Windows Data Sharing Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0659 Windows Data Sharing Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0737 Windows Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0739 Windows Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0753 Windows Error Reporting Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0754 Windows Error Reporting Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0678 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0679 Windows Function Discovery Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0680 Windows Function Discovery Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0682 Windows Function Discovery Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0792 Windows Graphics Component Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0745 Windows Graphics Component Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0715 Windows Graphics Component Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0707 Windows IME Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0668 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0669 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0670 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0671 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0672 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0733 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability Important No No 2 N/A EoP
CVE-2020-0666 Windows Search Indexer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0667 Windows Search Indexer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0735 Windows Search Indexer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0752 Windows Search Indexer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0730 Windows User Profile Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0704 Windows Wireless Network Manager Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0714 DirectX Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0746 Microsoft Graphics Components Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0717 Win32k Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0716 Win32k Information Disclosure Vulnerability Important No No N/A 2 Info
CVE-2020-0658 Windows Common Log File System Driver Information Disclosure Vulnerability Important No No 1 1 Info
CVE-2020-0744 Windows GDI Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0698 Windows Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0736 Windows Kernel Information Disclosure Vulnerability Important No No N/A 2 Info
CVE-2020-0675 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0676 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0677 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0748 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0755 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0756 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0728 Windows Modules Installer Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0705 Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0759 Microsoft Excel Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-0688 Microsoft Exchange Memory Corruption Vulnerability Important No No 1 1 RCE
CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-0655 Remote Desktop Services Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-0708 Windows Imaging Library Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-0696 Microsoft Outlook Security Feature Bypass Vulnerability Important No No 2 2 SFB
CVE-2020-0702 Surface Hub Security Feature Bypass Vulnerability Important No No 2 2 SFB
CVE-2020-0695 Microsoft Office Online Server Spoofing Vulnerability Important No No 2 N/A Spoof
CVE-2020-0697 Microsoft Office Tampering Vulnerabil...
https://www.thezdi.com/blog/2020/2/11/the-february-2020-security-update-review

Externe Quelle mit kompletten Inhalt anzeigen


Zur Startseite von Team IT Security

➤ Weitere Beiträge von Team Security | IT Sicherheit

CentOS Blog: CentOS Pulse Newsletter, March 2019 (#1903)

vom 793.14 Punkte ic_school_black_18dp
Dear CentOS enthusiast, Another month into 2019, and we have a lot to tell you about. Releases and updates SIG updates Events Contributing to the newsletter CentOS is 15! As you may have seen either at recent events, or on social media, we're gett

CentOS Blog: CentOS Community newsletter, March 2020 (#2003)

vom 615.64 Punkte ic_school_black_18dp
Dear CentOS enthusiast, For the past several months, the focus has been on FOSDEM, as usual this time of year. Now that FOSDEM is behind us, it's time to turn our attention to the upcoming Dojo at Facebook, and Red Hat Summit. We'd love to see you at one of thes

CentOS Blog: Releases/updates on Feb 1

vom 479.32 Punkte ic_school_black_18dp
On February 1st (last week) there were a large number of enhancements/updates released by the CentOS community:   Errata and Enhancements Advisories We issued the following CEEA (CentOS Errata and Enhancements Advisories): CEEA-2019:0178 CentOS 7 libreswan Enhancement - http

The February 2020 Security Update Review

vom 411.02 Punkte ic_school_black_18dp
February is here, and with it comes some significant security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for February 2020The Adobe

The March 2020 Security Update Review

vom 379.94 Punkte ic_school_black_18dp
March is upon us, and it brings a bumper crop of security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.Adobe Patches for March 2020Oddly, Adobe

The July 2020 Security Update Review

vom 373.73 Punkte ic_school_black_18dp
July is upon us, and it brings another huge batch of security patches from Microsoft, and a few from Adobe as well. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.Adobe Patches for

The June 2020 Security Update Review

vom 372.18 Punkte ic_school_black_18dp
June is here, and it brings with it a record number of security patches from Microsoft, and a few from Adobe as well. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.Adobe

The April 2020 Security Update Review

vom 370.99 Punkte ic_school_black_18dp
April is here, and it brings another cornucopia of security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.Adobe Patches for April 2020For April, Ad

The September 2020 Security Update Review

vom 370.02 Punkte ic_school_black_18dp
September is upon us and so are the latest security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details of security patches for this month.Adobe Patches for September 2020Adobe rel

The August 2020 Security Update Review

vom 368.2 Punkte ic_school_black_18dp
August is here and so is the latest batch of security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details of security patches for this month.Adobe Patches for August 2020The Adobe re

The May 2020 Security Update Review

vom 366.73 Punkte ic_school_black_18dp
May is upon us, and with it brings another bumper crop of security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.Adobe Patches for May 2020The Adobe updat

The October 2020 Security Update Review

vom 329.04 Punkte ic_school_black_18dp
October is here and with it comes the latest security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details of security patches for this month.Adobe Patches for October 2020Adobe relea

Team Security Diskussion über The February 2020 Security Update Review