TechGenix patch roundup: Microsoft February Patch Tuesday

February is the shortest month, even on this intercalary year, however that doesn’t imply there’s a scarcity of vulnerabilities to be patched. In reality, Microsoft’s February Patch Tuesday safety updates deal with a big quantity than traditional: a whopping 99 in whole.

This contains 72 vulnerabilities within the newest variations of Home windows 10, 50 in Home windows 8.1, and 47 in Home windows 7 for these with ESU (prolonged safety updates) by means of quantity licensing and cloud resolution suppliers, which embody safety updates for important and necessary points as outlined by Microsoft Safety Response Heart (MSRC) for a most of three years after January 14, 2020 (accessible for buy for Home windows 7 Skilled and Enterprise editions solely).

On the server-side, we’ve an identical scenario: 73 vulnerabilities patched in Server 2019, 65 in Server 2016, 50 in Server 2012 R2, and 47 in Server 2008 R2 with ESU.

It’s value noting that computer systems operating Home windows 7 or Server 2008 R2 with out the acquisition of the ESU won’t obtain updates this month, as help for the OS ended Jan. 14, 2020. Yow will discover out extra about ESU on the Microsoft Support website. For those who try and replace a Home windows 7 pc that doesn’t have ESU, it’s possible you’ll obtain an error message that claims, “Failure to configure Home windows updates. Reverting Adjustments” and warns you to not flip off the pc.

The excellent news is that solely 5 of the vulnerabilities addressed this month for Home windows shopper and server working methods are rated important. The unhealthy information is that each one of those vulnerabilities do have an effect on Home windows 7, so those that are unable to replace the OS are open to assault.

Home windows shopper and server important vulnerabilities

Let’s have a look now at every of the important points mounted in Microsoft’s February Patch Tuesday:

windows 10 version 1909

Shutterstock

CVE-2020-0662: Home windows Distant Code Execution Vulnerability

It is a memory-handling downside that creates a vulnerability that may very well be exploited to run arbitrary code with elevated permissions, by making a specifically designed request. It has not been publicly disclosed previous to the patch launch, and there aren’t any accounts of it being exploited within the wild. Exploitation is much less probably because the attacker would wish to have a website person account. It’s, nevertheless, designated as important on all at the moment supported variations of Home windows Server (together with server core installations) and the Home windows 8.1, 7, and 10 shopper working methods. Microsoft hasn’t recognized any mitigating elements or workarounds for the problem.

CVE-2020-0681: Distant Desktop Consumer Distant Code Execution Vulnerability

It is a vulnerability within the Remote Desktop (RDP) shopper software program that’s included in Home windows. It’s a distant code execution vulnerability by which an attacker may execute arbitrary code on a shopper pc that connects to a malicious server or a compromised reputable server. It has not been publicly disclosed previous to the patch launch, and there aren’t any accounts of it being exploited within the wild. Exploitation is much less probably because the attacker would wish to have management of a server and must persuade a person to connect with it. It’s, nevertheless, designated as important on all at the moment supported variations of Home windows Server (together with server core installations) and the Home windows 8.1, 7, and 10 shopper working methods. Microsoft hasn’t recognized any mitigating elements or workarounds for the problem.

CVE-2020-0729: LNK Distant Code Execution Vulnerability

It is a vulnerability in Home windows that has to do with the processing of link recordsdata (.LNK). It’s one other distant code execution vulnerability that may be exploited to run arbitrary code with the identical rights because the logged-in person. It has not been publicly disclosed previous to the patch launch, and there aren’t any accounts of it being exploited within the wild. Exploitation is much less probably because the attacker would wish to current the malicious .LNK file to the person and persuade the person to open it. It’s, nevertheless, designated as important on all at the moment supported variations of Home windows Server (together with server core installations) and the Home windows 8.1, 7, and 10 shopper working methods. Microsoft hasn’t recognized any mitigating elements or workarounds for the problem.

CVE-2020-0734: Distant Desktop Consumer Distant Code Execution Vulnerability

That is one other vulnerability within the Distant Desktop shopper on Home windows that’s just like CVE-2020-0681, described above. Like that one, it really works by having the shopper connect with a malicious or compromised server so the attacker would wish to have management of such a server, making it much less more likely to be exploited. It has not been publicly disclosed previous to the patch launch, and there aren’t any accounts of it being exploited within the wild. As with the remainder of the vulnerabilities on this record, it’s designated as important on all at the moment supported variations of Home windows Server (together with server core installations) and the Home windows 8.1, 7, and 10 shopper working methods and Microsoft hasn’t recognized any mitigating elements or workarounds for the problem.

CVE-2020-0738: Media Basis Reminiscence Corruption Vulnerability

This final of the 5 important Home windows vulnerabilities is a reminiscence corruption challenge in Home windows Media Basis. WMF is the multimedia framework and platform used to develop purposes and elements for utilizing digital media on Home windows Vista and later working methods. An attacker may exploit the vulnerability by persuading a person to go to a malicious site or open a malicious doc. Exploitation is much less probably such person motion is required. It’s, nevertheless, designated as important on all at the moment supported variations of Home windows Server (together with server core installations) and the Home windows 8.1, 7, and 10 shopper working methods. Microsoft hasn’t recognized any mitigating elements or workarounds for the problem.

patching

Home windows internet browser vulnerabilities

Microsoft patched seven and three vulnerabilities within the (previous) Edge internet browser and Web Explorer 11, respectively.

NOTE: For those who’re operating the brand new model of Edge that’s primarily based on Chromium, see Google’s Chrome Releases Blog for info on the vulnerabilities mounted within the steady channel replace model 80.zero.361.48.  We additionally cowl every month’s Chromium updates in our month-to-month roundup of safety updates for non-Microsoft merchandise.

The next are the 2 important vulnerabilities patched in IE 11:

CVE-2020-0673 and CVE-2020-0674 – each of those are scripting engine reminiscence corruption vulnerabilities that may very well be exploited to execute distant code within the context of the present person. Exploitation is taken into account extra probably.

Word that CVE-2020-0674 is taken into account a zero-day vulnerability. Assaults exploiting this vulnerability have been detected in January and the corporate issued security advisory ADV200001 then. These gave the impression to be focused assaults in opposition to a restricted variety of victims.

The next are the 5 important vulnerabilities patched within the non-Chromium model of Edge:

CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, and CVE-2020-0767 are all scripting engine vulnerabilities within the ChakraCore scripting engine that may very well be exploited to execute distant code within the context of the present person. Exploitation is taken into account much less probably.

The next 4 important vulnerabilities have been patched within the Chromium-based model of Edge:

CVE-2020-6378, CVE-2020-6379, CVE-2020-6380, and CVE-2020-0601 – these embody two use-after-free points that allowed a distant attacker to doubtlessly exploit heap corruption, inadequate coverage enforcement in extensions that would enable a distant attacker to bypass web site isolation, and a spoofing vulnerability in Home windows CryptoAPI that may very well be exploited to make a malicious executable seem like from a trusted supply.

Yow will discover extra info and an inventory of the non-critical CVEs addressed within the Chromium-based model of Edge in Microsoft Safety Advisory ADV200002.

Different merchandise

Along with the updates for Home windows and the online browsers, Microsoft launched updates this month for Microsoft Workplace and Workplace Net Apps, ASP.NET core, .NET core, .NET Framework, Microsoft Dynamics, and OneDrive for Android.

Not one of the updates for Workplace are rated important. The vulnerabilities patched embody:

CVE-2020-0693: Microsoft Workplace SharePoint XSS Vulnerability

CVE-2020-0694: Microsoft Workplace SharePoint XSS Vulnerability

CVE-2020-0695: Microsoft Workplace On-line Server Spoofing Vulnerability

CVE-2020-0696: Microsoft Outlook Safety Function Bypass Vulnerability

CVE-2020-0697: Microsoft Workplace Tampering Vulnerability

CVE-2020-0759: Microsoft Excel Distant Code Execution Vulnerability

CVE-2020-0695: Microsoft Workplace On-line Server Spoofing Vulnerability

All of those are rated Necessary. Extra details about these updates may be discovered by means of the hyperlinks or the Security Update Guide in the MSRC portal.

Featured picture: Shutterstock / TechGenix photograph illustration


Put up Views:
72



report this advert



Learn Subsequent


About the Author

Leave a Reply

Your email address will not be published. Required fields are marked *