Skip to content ↓ | Skip to navigation ↓

Today’s VERT Alert addresses Microsoft’s October 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-909 on Wednesday, October 14th.

In-The-Wild & Disclosed CVEs (October 2020 Patch Tuesday Analysis)

CVE-2020-16938

This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose information. Specifically, the vulnerability would allow read access to kernel space memory from a user mode process.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16885

A vulnerability exists in the Windows Storage VSP Driver that would allow a local attacker with the ability to execute code to elevate their privileges via a flaw in the driver’s handling of file operations.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16901

This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose information. Specifically, the vulnerability would allow read access to kernel space memory from a user mode process.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16908

A flaw in Windows Setup’s handling of directories could allow an authenticated attacker to execute code with SYSTEM privileges. There are no patches for this vulnerability as it only exists within the software that Microsoft releases to upgrade a system. According to Microsoft all feature update bundles have been refreshed with patched binaries and the flaw no longer exists.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16909

A vulnerability in Windows Error Reporting could allow a local attacker to gain elevated levels of access to sensitive information and system functionality via a flaw in the Windows Error Reporting’s handling and execution of files.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16937

A vulnerability in the .NET Framework could allow an attacker to read memory due to an error in how the .NET Framework handles objects in memory. More specifically, an attacker could view memory layout allowing them to predict memory addressing.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

Tag CVE Count CVEs
Microsoft Windows Codecs Library 2 CVE-2020-16967, CVE-2020-16968
Microsoft Dynamics 3 CVE-2020-16943, CVE-2020-16956, CVE-2020-16978
Windows Hyper-V 3 CVE-2020-16891, CVE-2020-16894, CVE-2020-1243
Group Policy 1 CVE-2020-16939
Microsoft NTFS 1 CVE-2020-16938
Windows Error Reporting 1 CVE-2020-16905
Windows RDP 3 CVE-2020-16863, CVE-2020-16896, CVE-2020-16927
.NET Framework 1 CVE-2020-16937
Microsoft Graphics Component 4 CVE-2020-16923, CVE-2020-1167, CVE-2020-16911, CVE-2020-16914
Windows COM 1 CVE-2020-16916
PowerShellGet 1 CVE-2020-16886
Azure 2 CVE-2020-16904, CVE-2020-16995
Windows Installer 1 CVE-2020-16902
Visual Studio 1 CVE-2020-16977
Windows Kernel 5 CVE-2020-16889, CVE-2020-16892, CVE-2020-1047, CVE-2020-16910, CVE-2020-16913
Windows Secure Kernel Mode 1 CVE-2020-16890
Microsoft Exchange Server 1 CVE-2020-16969
Microsoft Office 14 CVE-2020-16918, CVE-2020-16928, CVE-2020-16929, CVE-2020-16930, CVE-2020-16931, CVE-2020-16932, CVE-2020-16933, CVE-2020-16934, CVE-2020-16954, CVE-2020-17003, CVE-2020-16947, CVE-2020-16949, CVE-2020-16955, CVE-2020-16957
Microsoft Windows 30 CVE-2020-16876, CVE-2020-16877, CVE-2020-16895, CVE-2020-16897, CVE-2020-16919, CVE-2020-16920, CVE-2020-16921, CVE-2020-16922, CVE-2020-16924, CVE-2020-16935, CVE-2020-16976, CVE-2020-0764, CVE-2020-1080, CVE-2020-16885, CVE-2020-16887, CVE-2020-16898, CVE-2020-16899, CVE-2020-16900, CVE-2020-16901, CVE-2020-16907, CVE-2020-16908, CVE-2020-16909, CVE-2020-16912, CVE-2020-16936, CVE-2020-16940, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16980
Microsoft Office SharePoint 10 CVE-2020-16941, CVE-2020-16942, CVE-2020-16948, CVE-2020-16953, CVE-2020-16944, CVE-2020-16945, CVE-2020-16946, CVE-2020-16950, CVE-2020-16951, CVE-2020-16952
Windows Media Player 1 CVE-2020-16915

 

Other Information

In addition to the Microsoft vulnerabilities included in the October Security Guidance, an advisory was released today.

October 2020 Adobe Flash Security Update [ADV200012]

Microsoft has released an advisory for Adobe Security Bulletin APSB20-58. This advisory contains updates for CVE-2020-9746.

To learn more about Tripwire VERT, click here.