September 13, 2024

Flynyc

Customer Value Chain

120 CVEs, 17 Critical, 2 Under Attack

FavoriteLoadingIncrease to favorites

Established of patches contains an strange “critical” rated elevation of privilege bug

Microsoft has patched one hundred twenty CVEs for August, which include seventeen labelled critical and two less than energetic attack in the wild. The release brings its patches to 862 so far this 12 months — extra than entire-12 months 2019.

The patches plug vulnerabilities in Home windows, Microsoft Scripting Engine, SQL Server, .Net Framework, ASP.Net Core, Place of work and Place of work Expert services and World-wide-web Apps, Microsoft Dynamics and extra.

Below energetic attack:

CVE-2020-1464 – Home windows Spoofing Vulnerability

This spoofing bug permits an attacker to load improperly signed documents, bypassing signature verification.

Microsoft does not checklist wherever this is general public or how lots of individuals are afflicted by the assaults, but all supported variations of Home windows are afflicted, so take a look at and deploy this one rapidly.

CVE-2020-1380 – Scripting Engine Memory Corruption Vulnerability

This bug in IE lets attacker operate their code on a concentrate on program if an afflicted version of IE views a specially crafted internet site.

The bug was documented by Kaspersky, it’s reasonable to suppose malware is included.

CVE-2020-1472 – NetLogon Elevation of Privilege Vulnerability

An strange elevation of privilege bug that is rated critical, this vulnerability is in the Netlogon Remote Protocol (MS-NRPC). An unauthenticated attacker would use MS-NRPC to hook up to a Domain Controller (DC) to obtain administrative obtain. Worryingly, there is not a entire deal with readily available. As the ZDI notes: “This patch enables the DCs to guard gadgets, but a 2nd patch at present slated for Q1 2021 enforces secure Remote Process Phone (RPC) with Netlogon to completely handle this bug.”

Following applying this patch, you’ll nonetheless require to make improvements to your DC. Microsoft published guidelines to aid directors pick out the appropriate configurations.

As Onebite notes, Microsoft also released patches for 6 memory corruption vulnerabilities in Media Foundation (CVE-2020-1525, CVE-2020-1379, CVE-2020-1477, CVE-2020-1478, CVE-2020-1492, CVE-2020-1554).

An attacker persuading a consumer to open a malicious file would get the very same rights as that consumer. All Media Foundation installations need to be prioritised for patching.

More to abide by.

h/t ZDI and Qualys.