1. IT-Security >
  2. Hacking >
  3. The February 2020 Security Update Review

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

The February 2020 Security Update Review


Hacking vom | Direktlink: thezdi.com Nachrichten Bewertung

February is here, and with it comes some significant security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.

Adobe Patches for February 2020

The Adobe release for February includes five bulletins addressing a total of 42 CVEs in Framemaker, Experience Manager, Adobe Digital Editions, Flash, and Acrobat and Reader. The update for Framemaker fixes 21 Critical-rated bugs, all of which were submitted through the ZDI program. The vast majority of these are Out-of-Bounds (OOB) write bugs that could lead to code execution. The update for Adobe Acrobat and Reader fixes 17 CVEs – seven of which are Use-After-Free (UAF) bugs. The worst of these bugs could allow an attacker to execute code on an affected system if they opened a specially crafted file. The Flash update fixes a single type confusion bug that could allow code execution at the level of the logged-on user. The patch for Adobe Digital Editions fixes two CVEs, one of which is a command injection bug that could allow code execution. The final patch from Adobe for February corrects a single Denial-of-Service (DoS) bug in the Experience Manager. None of these bugs are listed as publicly known or under active attack at the time of release.

We should also mention that Adobe released a patch for their Magento Commerce platform in late January to correct six CVEs. Adobe acquired Magento last May for $1.68 billion USD, and this appears to be the first patch released for the platform since the acquisition. None of these Critical- and Important-rated bugs are listed as publicly known or under active attack. What isn’t clear is if patches for Magento will eventually be included in the regular Patch Tuesday release or if they will be released outside of the standard schedule.

Microsoft Patches for February 2020

For February, Microsoft released patches for a whopping 99 CVEs covering Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Internet Explorer (IE), SQL Server, Exchange Server, Office and Office Services and Web Apps, Azure DevOps Server, Team Foundation Server, and the Microsoft Malware Protection Engine. Of the 99 CVEs, 12 are listed as Critical while the remaining 87 are listed as Important in severity. Three of these vulnerabilities were reported through the ZDI program. According to Microsoft, five of these bugs are publicly known and one is currently under active attack.

Let’s take a closer look at some of the more interesting updates for this month, starting with the bug reported to be under active attack since mid-January:

-       CVE-2020-0674 – Scripting Engine Memory Corruption Vulnerability
This browser bug impacts IE and the other programs that rely on the Trident rendering engine. Microsoft first warned users of this bug back on January 17. Attackers can execute code on affected systems if a user browses to a specially crafted website. Even if you don’t use IE, you could still be affected by this bug though embedded objects in Office documents. Considering the listed workaround – disabling jscript.dll – breaks a fair amount of functionality, you should prioritize the testing and deployment of this patch.

-       CVE-2020-0688 – Microsoft Exchange Memory Corruption Vulnerability
This code execution bug in Exchange is only listed as Important, but you should treat it as a Critical-rated vulnerability. An attacker could gain code execution on affected Exchange servers by sending a specially crafted e-mail. No other user interaction is required. The code execution occurs at System-level permissions, so the attacker could completely take control of an Exchange server through a single e-mail. This bug was reported through our program, and we’ll publish details about it in the near future.

-       CVE-2020-0729 – LNK Remote Code Execution Vulnerability
Bugs impacting link files (.LNK) never fail to amaze me. If .LNK vulnerabilities ring a bell, that’s likely due to one being used in the Stuxnet malware that remained one of the most widely exploited software flaws for years to come. This bug is similar. An attacker could use this vulnerability to get code execution by having an affected system process a specially crafted .LNK file. This could be done by convincing a user to open a remote share, or – as has been seen in the past – placing the .LNK file on a USB drive and having the user open it. It’s a handy way to exploit an air-gapped system.

-       CVE-2020-0689 – Microsoft Secure Boot Security Feature Bypass Vulnerability
This security feature bypass bug could allow attackers to circumvent the Secure Boot feature and load untrusted software on an affected system. This is one of the publicly known bugs being patched this month. While this is certainly a bug to scrutinize, it’s compounded by a non-standard patching process. This month’s servicing stack must first be applied, then additional standalone security updates need to be installed. If you have the Windows Defender Credential Guard (Virtual Secure Mode) enabled, you’ll need to go through two additional reboots as well. All this is needed to block impacted third-party bootloaders.

Here’s the full list of CVEs released by Microsoft for February 2020.

CVE Title Severity Public Exploited XI - Latest XI - Older Type
CVE-2020-0674 Scripting Engine Memory Corruption Vulnerability Critical Yes Yes 0 0 RCE
CVE-2020-0683 Windows Installer Elevation of Privilege Vulnerability Important Yes No 2 2 EoP
CVE-2020-0686 Windows Installer Elevation of Privilege Vulnerability Important Yes No 2 2 EoP
CVE-2020-0706 Microsoft Browser Information Disclosure Vulnerability Important Yes No 2 2 Info
CVE-2020-0689 Microsoft Secure Boot Security Feature Bypass Vulnerability Important Yes No 2 2 SFB
CVE-2020-0729 LNK Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-0738 Media Foundation Memory Corruption Vulnerability Critical No No 2 2 RCE
CVE-2020-0681 Remote Desktop Client Remote Code Execution Vulnerability Critical No No 1 1 RCE
CVE-2020-0734 Remote Desktop Client Remote Code Execution Vulnerability Critical No No 1 1 RCE
CVE-2020-0673 Scripting Engine Memory Corruption Vulnerability Critical No No 1 1 RCE
CVE-2020-0767 Scripting Engine Memory Corruption Vulnerability Critical No No 2 2 RCE
CVE-2020-0710 Scripting Engine Memory Corruption Vulnerability Critical No No 2 N/A RCE
CVE-2020-0712 Scripting Engine Memory Corruption Vulnerability Critical No No 2 N/A RCE
CVE-2020-0713 Scripting Engine Memory Corruption Vulnerability Critical No No 2 N/A RCE
CVE-2020-0711 Scripting Engine Memory Corruption Vulnerability Critical No No N/A 2 RCE
CVE-2020-0662 Windows Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-0757 Windows SSH Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0661 Windows Hyper-V Denial of Service Vulnerability Important No No 2 2 DoS
CVE-2020-0751 Windows Hyper-V Denial of Service Vulnerability Important No No 2 N/A DoS
CVE-2020-0660 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important No No 2 2 DoS
CVE-2020-0665 Active Directory Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0740 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0741 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0742 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0743 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0749 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0750 Connected Devices Platform Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0727 Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0709 DirectX Elevation of Privilege Vulnerability Important No No N/A 2 EoP
CVE-2020-0732 DirectX Elevation of Privilege Vulnerability Important No No N/A 2 EoP
CVE-2020-0663 Microsoft Edge Elevation of Privilege Vulnerability Important No No 2 N/A EoP
CVE-2020-0692 Microsoft Exchange Server Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0720 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0721 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0722 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0723 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0725 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0726 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0731 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0719 Win32k Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0724 Win32k Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0691 Win32k Elevation of Privilege Vulnerability Important No No 3 3 EoP
CVE-2020-0703 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0701 Windows Client License Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0685 Windows COM Server Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0657 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0747 Windows Data Sharing Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0659 Windows Data Sharing Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0737 Windows Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0739 Windows Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0753 Windows Error Reporting Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0754 Windows Error Reporting Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0678 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0679 Windows Function Discovery Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0680 Windows Function Discovery Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0682 Windows Function Discovery Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0792 Windows Graphics Component Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0745 Windows Graphics Component Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0715 Windows Graphics Component Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-0707 Windows IME Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0668 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0669 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0670 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0671 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0672 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0733 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability Important No No 2 N/A EoP
CVE-2020-0666 Windows Search Indexer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0667 Windows Search Indexer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0735 Windows Search Indexer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0752 Windows Search Indexer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0730 Windows User Profile Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0704 Windows Wireless Network Manager Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-0714 DirectX Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0746 Microsoft Graphics Components Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0717 Win32k Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0716 Win32k Information Disclosure Vulnerability Important No No N/A 2 Info
CVE-2020-0658 Windows Common Log File System Driver Information Disclosure Vulnerability Important No No 1 1 Info
CVE-2020-0744 Windows GDI Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0698 Windows Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0736 Windows Kernel Information Disclosure Vulnerability Important No No N/A 2 Info
CVE-2020-0675 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0676 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0677 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0748 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0755 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0756 Windows Key Isolation Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0728 Windows Modules Installer Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0705 Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-0759 Microsoft Excel Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-0688 Microsoft Exchange Memory Corruption Vulnerability Important No No 1 1 RCE
CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-0655 Remote Desktop Services Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-0708 Windows Imaging Library Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-0696 Microsoft Outlook Security Feature Bypass Vulnerability Important No No 2 2 SFB
CVE-2020-0702 Surface Hub Security Feature Bypass Vulnerability Important No No 2 2 SFB
CVE-2020-0695 Microsoft Office Online Server Spoofing Vulnerability Important No No 2 N/A Spoof
CVE-2020-0697 Microsoft Office Tampering Vulnerabil...

Externe Webseite mit kompletten Inhalt öffnen



https://www.thezdi.com/blog/2020/2/11/the-february-2020-security-update-review

Team Security Social Media

➤ Weitere Beiträge von Team Security | IT Sicherheit

  • CentOS Blog: CentOS Pulse Newsletter, March 2019 (#1903)

    vom 754.08 Punkte ic_school_black_18dp
    Dear CentOS enthusiast, Another month into 2019, and we have a lot to tell you about. Releases and updates SIG updates Events Contributing to the newsletter CentOS is 15! As you may have seen either at recent events, or on social media, we're gett
  • CentOS Blog: CentOS Community newsletter, March 2020 (#2003)

    vom 732.05 Punkte ic_school_black_18dp
    Dear CentOS enthusiast, For the past several months, the focus has been on FOSDEM, as usual this time of year. Now that FOSDEM is behind us, it's time to turn our attention to the upcoming Dojo at Facebook, and Red Hat Summit. We'd love to see you at one of thes
  • The February 2020 Security Update Review

    vom 605.11 Punkte ic_school_black_18dp
    February is here, and with it comes some significant security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for February 2020The Adobe
  • The March 2020 Security Update Review

    vom 588.98 Punkte ic_school_black_18dp
    March is upon us, and it brings a bumper crop of security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.Adobe Patches for March 2020Oddly, Adobe
  • CentOS Blog: Releases/updates on Feb 1

    vom 455.7 Punkte ic_school_black_18dp
    On February 1st (last week) there were a large number of enhancements/updates released by the CentOS community:   Errata and Enhancements Advisories We issued the following CEEA (CentOS Errata and Enhancements Advisories): CEEA-2019:0178 CentOS 7 libreswan Enhancement - http
  • The January 2020 Security Update Review

    vom 323.11 Punkte ic_school_black_18dp
    Welcome to the new year, and welcome to the first Patch Tuesday of 2020. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for January 2020Adobe begins the ye
  • CentOS Blog: CentOS Community newsletter, February 2020 (#2002)

    vom 259.4 Punkte ic_school_black_18dp
    Dear CentOS enthusiast, After a slowdown over the past few months, the year is off to a busy start. I'm getting the newsletter out a little later than usual, due to having spent last week in Brussels, at FOSDEM. More about this below. Special thanks go to Ama
  • ProFTPd + Windows AD (LDAP) - user cant sign-in

    vom 162.3 Punkte ic_school_black_18dp
    Currently we still have an old FTP server running, and we want to replace the installation (this due to various reasons). ​ Now I wish to use ProFTPd in combination with LDAP (MS Windows AD). ​ I have a connection with LDAP working, yet connection (non
  • .NET Framework May 2019 Security and Quality Rollup

    vom 145.1 Punkte ic_school_black_18dp
    Today, we are releasing the May 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update. Security CVE-2019-0820 – Denial of Service Vulnerability A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully explo
  • The February 2019 Security Update Review

    vom 135.99 Punkte ic_school_black_18dp
    February is here and with it comes the latest in security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for February 2019
  • The February 2019 Security Update Review

    vom 135.99 Punkte ic_school_black_18dp
    February is here and with it comes the latest in security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for February 2019
  • USN-3415-2: tcpdump vulnerabilities

    vom 135.01 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3415-2 13th September, 2017 tcpdump vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in tcpdump Software description tcpdump

Team Security Diskussion über The February 2020 Security Update Review