Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ The October 2020 Security Update Review

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š The October 2020 Security Update Review


๐Ÿ’ก Newskategorie: Hacking
๐Ÿ”— Quelle: thezdi.com

October is here and with it comes the latest security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details of security patches for this month.

Adobe Patches for October 2020

Adobe released only one patch for October. It fixes a single vulnerability inย Flash, which reaches it end-of-life (EOL) at the end of this year. The patch corrects a NULL pointer Dereference bug. These types of bugs rarely lead to security problems as they usually generate an immediate segmentation fault error. However, Adobe states this vulnerability can lead to an exploitable crash and result in code execution in the context of the current user. Considering Flash is so close to its EOL, thereโ€™s the possibility this is the last patch we see for the once ubiquitous media player.

Microsoft Patches for October 2020

For October, Microsoft released patches to correct 87 CVEs in Microsoft Windows, Office and Office Services and Web Apps, Azure Functions, Open Source Software, Exchange Server, Visual Studio, .NET Framework, Microsoft Dynamics, and the Windows Codecs Library. That ends the streak of more than 110 CVEs being fixed at seven months (March through September), but youโ€™re not likely to hear any complaints. Microsoft is still on pace to double its CVE count from 2017, but hopefully, the last few months of 2020 will see this lighter load.

Of these 87 patches, 11 are listed as Critical while 75 are listed as Important, and one is listed as Moderate in severity. A total of 11 of these bugs came through the ZDI program. None of these bugs are listed as being under active attack, but six bugs are listed as publicly known at the time of release. Letโ€™s take a closer look at some of the more severe bugs in this release, starting with a bug in the TCP/IP stack that is sure to get some notice:

-ย ย ย ย ย ย ย CVE-2020-16898ย โ€“ Windows TCP/IP Remote Code Execution Vulnerability
This patch corrects a problem in the TCP/IP stack caused by the way it handles ICMPv6 router advertisements. A specially crafted ICMPv6 router advertisement could cause code execution on an affected system. Since the code execution occurs in the TCP/IP stack, it is assumed the attacker could execute arbitrary code with elevated privileges. If youโ€™re running an IPv6 network, you know that filtering router advertisements is not a practical workaround. Microsoft also gives this bug its highest exploitability rating, so exploits are likely. You should definitely test and deploy this patch as soon as possible.

-ย ย ย ย ย ย ย CVE-2020-16947ย - Microsoft Outlook Remote Code Execution Vulnerability
This vulnerability was reported through the ZDI program, and it could allow code execution on affected versions of Outlook just by viewing a specially crafted e-mail. The Preview Pane is an attack vector here, so you donโ€™t even need to open the mail to be impacted. The specific flaw exists within the parsing of HTML content in an email. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer. Although Microsoft gives this an XI rating of 2, we have a working proof-of-concept. Patch this one quickly.

-ย ย ย ย ย ย ย CVE-2020-16891ย - Windows Hyper-V Remote Code Execution Vulnerability
This patch corrects a bug that allows an attacker to run a specially crafted program on an affected guest OS to execute arbitrary code on the host OS. The write up doesnโ€™t say at what permission level the code execution occurs, but that shouldnโ€™t stop you from rolling this out to your Hyper-V servers quickly.

-ย ย ย ย ย ย ย CVE-2020-16909ย - Windows Error Reporting Elevation of Privilege Vulnerability
This is one of the six bugs listed as publicly known for this month. The patch corrects an escalation of privilege (EoP) in the Windows Error Reporting (WER) component that could allow an authenticated attacker to execute arbitrary code with escalated privileges. Although this CVE is not listed as being publicly exploited, bugs in this component have beenย reportedย as being used in the wild in fileless attacks. Regardless, this and the other bugs in the WER component being fixed this month should not be ignored.

Hereโ€™s the full list of CVEs released by Microsoft for October 2020.ย 

CVE Title Severity Public Exploited XI - Latest XI - Older Type
CVE-2020-16937 .NET Framework Information Disclosure Vulnerability Important Yes No 2 2 Info
CVE-2020-16909 Windows Error Reporting Elevation of Privilege Vulnerability Important Yes No 2 2 EoP
CVE-2020-16901 Windows Kernel Information Disclosure Vulnerability Important Yes No 2 2 Info
CVE-2020-16938 Windows Kernel Information Disclosure Vulnerability Important Yes No 2 2 Info
CVE-2020-16908 Windows Setup Elevation of Privilege Vulnerability Important Yes No 2 2 EoP
CVE-2020-16885 Windows Storage VSP Driver Elevation of Privilege Vulnerability Important Yes No 2 2 EoP
CVE-2020-17003 Base3D Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16911 GDI+ Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16915 Media Foundation Memory Corruption Vulnerability Critical No No 2 2 RCE
CVE-2020-16923 Microsoft Graphics Components Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16947 Microsoft Outlook Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16951 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16952 Microsoft SharePoint Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16967 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16968 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16891 Windows Hyper-V Remote Code Execution Vulnerability Critical No No 2 2 RCE
CVE-2020-16898 Windows TCP/IP Remote Code Execution Vulnerability Critical No No 1 1 RCE
CVE-2020-16904 Azure Functions Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16918 Base3D Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16943 Dynamics 365 Commerce Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16939 Group Policy Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16924 Jet Database Engine Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16956 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important No No 2 2 XSS
CVE-2020-16978 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important No No 2 2 XSS
CVE-2020-16929 Microsoft Excel Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16930 Microsoft Excel Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16931 Microsoft Excel Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16932 Microsoft Excel Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16969 Microsoft Exchange Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-1167 Microsoft Graphics Components Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16957 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16928 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16934 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16955 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16954 Microsoft Office Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16945 Microsoft Office SharePoint XSS Vulnerability Important No No 2 2 XSS
CVE-2020-16946 Microsoft Office SharePoint XSS Vulnerability Important No No 2 2 XSS
CVE-2020-16941 Microsoft SharePoint Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16942 Microsoft SharePoint Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16948 Microsoft SharePoint Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16950 Microsoft SharePoint Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16953 Microsoft SharePoint Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16944 Microsoft SharePoint Reflective XSS Vulnerability Important No No 2 2 XSS
CVE-2020-16933 Microsoft Word Security Feature Bypass Vulnerability Important No No 2 2 SFB
CVE-2020-16897 NetBT Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16995 Network Watcher Agent virtual machine extension for Linux Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16886 PowerShellGet Module WDAC Security Feature Bypass Vulnerability Important No No 2 2 SFB
CVE-2020-16977 Visual Studio Code Python Extension Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16907 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-16913 Win32k Elevation of Privilege Vulnerability Important No No 1 1 EoP
CVE-2020-16940 Windows - User Profile Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16876 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16920 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16912 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16936 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16972 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16973 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16974 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16975 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16976 Windows Backup Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16916 Windows COM Server Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16935 Windows COM Server Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16877 Windows Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16919 Windows Enterprise App Management Service Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16905 Windows Error Reporting Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16895 Windows Error Reporting Manager Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16900 Windows Event System Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16914 Windows GDI+ Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-1243 Windows Hyper-V Denial of Service Vulnerability Important No No 2 2 DoS
CVE-2020-1047 Windows Hyper-V Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-1080 Windows Hyper-V Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16892 Windows Image Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16902 Windows Installer Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16980 Windows iSCSI Target Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16890 Windows Kernel Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16889 Windows KernelStream Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16894 Windows NAT Remote Code Execution Vulnerability Important No No 2 2 RCE
CVE-2020-16887 Windows Network Connections Service Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16927 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important No No 2 2 DoS
CVE-2020-16896 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important No No 1 1 Info
CVE-2020-16863 Windows Remote Desktop Service Denial of Service Vulnerability Important No No 2 2 DoS
CVE-2020-16910 Windows Security Feature Bypass Vulnerability Important No No 2 2 SFB
CVE-2020-16922 Windows Spoofing Vulnerability Important No No 1 1 Spoofing
CVE-2020-0764 Windows Storage Services Elevation of Privilege Vulnerability Important No No 2 2 EoP
CVE-2020-16899 Windows TCP/IP Denial of Service Vulnerability Important No No 1 1 DoS
CVE-2020-16921 Windows Text Services Framework Information Disclosure Vulnerability Important No No 2 2 Info
CVE-2020-16949 Microsoft Outlook Denial of Service Vulnerability Moderate No No 2 2 DoS

Of the remaining publicly known bugs, two are EoP bugs in the Windows Setup component and the Windows Storage VSP Driver. The remaining public bugs are information disclosure bugs in the kernel and .NET Framework. These info disclosure bugs leak the contents of kernel memory but do not expose any personally identifiable information.

Checking on the remaining Critical-rated bugs, two impact the Windows Camera Codec and were reported by ZDI vulnerability researcher Hossein Lotfi. These bugs result from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. Sticking with the media theme, there are also code execution bugs in Media Foundation Library, Base3D rendering engine, Graphics components, and GDI+. The final Critical-rated bugs are code execution vulnerabilities in SharePoint Server. In both cases, the attacker would need to upload a specially crafted SharePoint application package to an affected version of SharePoint to get arbitrary code execution. This can be accomplished by an unprivileged SharePoint user if the serverโ€™s configuration allows it.

Moving on to the Important-rated bugs, the first that pops out is a spoofing bug in Windows that could allow an attacker to loaded improperly signed files. This could also be considered a security feature bypass (SFB) since Windows is designed to only load files with valid signatures. A different bug that is listed as an SFB could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location. Another interesting SFB being fixed this month resides in Word when it improperly handles .LNK files. An attacker could perform actions in the context of whoever opens a specially crafted Word doc. While not arbitrary code execution, it certainly can be useful for attackers. A final SFB exists in PowerShell. This one could allow an attacker to bypass the Windows Defender Application Control (WDAC) policy and execute arbitrary code on a policy locked-down machine.ย 

Including the cases previously mentioned, there are 36 patches to address EoP bugs this month. While this is a lower number than some other months, it still represents 42.5% of the total release for October. In almost all of these cases, an attacker would need to log on to an affected system and run their application. Affected components include Office Click-to-Run, the Backup Service, Azure Functions, Dynamics 365, Group Policy, and Windows COM. Also getting an EoP patch is the Network Watcher Agent Virtual Machine Extension for Linux. However, to get this update, youโ€™ll need to manually update the Network Watcher Agent virtual machine extensions. As someone who has been in the industry for a while, itโ€™s still odd to see Microsoft release patches for Linux. Itโ€™s a welcome change.

Moving on to the Denial-of-Service (DoS) bugs, there are only five this month, and one of those is rated Moderate. However, there is a DoS in the TCP/IP similar to the RCE bug previously mentioned. In this case, malformed ICMPv6 Router Advertisements could cause a system to stop responding. Not quite as bad as code execution, but not good. There are also two DoS bugs in the Remote Desktop Protocol and Hyper-V server.

There are 15 information disclosure bugs receiving patches this month, including those previously mentioned. For the most part, the information leaked consists of unspecified memory contents. Not so for the info disclosure bug in Microsoft Exchange. This improper token validation bug could potentially leak IDs, tokens, nonces, and other sensitive information. According to the write-up, an attacker could exploit this by sending specially crafted OWA messages that could be loaded without warning or filtering. Information disclosure bugs can be easy to overlook, but donโ€™t discount this one. Finally, this monthโ€™s release is rounded out by five cross-site scripting (XSS) bugs in Dynamics 365 (On-Premise) and SharePoint Server.

Looking at the advisories for October, the first is Microsoftโ€™s version of the aforementioned patch forย Flash in Internet Explorer. The other is the update to the Windowsย Servicing Stack, which adds updates for all supported versions of Windows.

Looking Ahead

The next Patch Tuesday falls on November 10, and weโ€™ll return with details and patch analysis then. Until then, stay safe, enjoy your patching, and may all your reboots be smooth and clean!

...



๐Ÿ“Œ Android October Security Update (October 5, 2016)


๐Ÿ“ˆ 22.98 Punkte

๐Ÿ“Œ Android October Security Update (October 5, 2016)


๐Ÿ“ˆ 22.98 Punkte

๐Ÿ“Œ The October 2020 Security Update Review


๐Ÿ“ˆ 22.68 Punkte

๐Ÿ“Œ Windows 10 October 2018 Update RTM Ready, Could Launch on October 2


๐Ÿ“ˆ 21.06 Punkte

๐Ÿ“Œ Windows 10 October 2020 Update review: Subtle, but necessary


๐Ÿ“ˆ 20.76 Punkte

๐Ÿ“Œ The October 2018 Security Update Review


๐Ÿ“ˆ 20.12 Punkte

๐Ÿ“Œ The October Security Update Review


๐Ÿ“ˆ 20.12 Punkte

๐Ÿ“Œ The October 2022 Security Update Review


๐Ÿ“ˆ 20.12 Punkte

๐Ÿ“Œ The October 2023 Security Update Review


๐Ÿ“ˆ 20.12 Punkte

๐Ÿ“Œ Occultist Digital Board Game October Night Games Arrives on PC on October 28


๐Ÿ“ˆ 18.55 Punkte

๐Ÿ“Œ Android's October 2020 Security Update Patches 48 Vulnerabilities


๐Ÿ“ˆ 16.27 Punkte

๐Ÿ“Œ October Night Games Review (PC)


๐Ÿ“ˆ 15.69 Punkte

๐Ÿ“Œ New iPads, mostly new Apple TV, and old problems -- October 2022 in review


๐Ÿ“ˆ 15.69 Punkte

๐Ÿ“Œ Apple's October 2023 in review: Scary Fast new Macs, Google's trial, and The Afterparty's over


๐Ÿ“ˆ 15.69 Punkte

๐Ÿ“Œ Microsoft Names Windows 10 20H2 As October 2020 Update


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Preparing the Windows 10 October 2020 Update Ready for Release


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ October 2020 Update for Netsparker Enterprise On-Premises 1.9.1


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Intel Releases October 2020 Update Ready Driver - Get Version 27.20.100.8853


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Whatโ€™s new in the Windows 10 October 2020 Update


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Coronavirus Vaccine Update: One Million Vaccines By October 2020


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Get early access to Windows 10 October 2020 update โ€“ here's how.


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Windows 10 October 2020 Update moves closer to launch with Release Preview


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Microsoft Officially Announces the Windows 10 October 2020 Update


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Microsoft Releases Windows 10 October 2020 Update Preview Build 19042.572


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ How to get the Windows 10 October 2020 Update


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Quick Heal Supports Windows 10 October 2020 Update


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Maemo Leste - Fourteenth Update (July, August, September, October, November, December) 2020


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Need to postpone the Windows 10 October 2020 Update? Here's how.


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Need to postpone the Windows 10 October 2020 Update? Here's how.


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Here's five new features in the Windows 10 October 2020 Update


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ The October 2020 Update for Windows 10 has arrived โ€“ here's how to get it.


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ These are the PCs getting the October 2020 Update TODAY


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ Problems installing the Windows 10 October 2020 Update? Here are the fixes.


๐Ÿ“ˆ 14.35 Punkte

๐Ÿ“Œ The Windows 10 October 2020 Update is now generally available for users


๐Ÿ“ˆ 14.35 Punkte











matomo