Posted: 24 Min ReadThreat Intelligence

Microsoft Patch Tuesday – February 2020

This month the vendor has patched 99 vulnerabilities, 13 of which are rated Critical.

This month the vendor has patched 99 vulnerabilities, 13 of which are rated Critical.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the February 2020 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

 

This month's update covers vulnerabilities in:

  • Internet Explorer
  • Edge
  • ChakraCore
  • Microsoft Office
  • Microsoft Windows
  • Microsoft Windows Kernel
  • Windows Hyper-V
  • Microsoft Graphics Component
  • Microsoft Exchange Server
  • SQL Server

The following is a breakdown of the issues being addressed this month:

  1. Cumulative Security Updates for Microsoft Browsers

    Scripting Engine Memory Corruption Vulnerability (CVE-2020-0673) MS Rating: Critical

     

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674) MS Rating: Critical

     

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2020-0710) MS Rating: Critical

     

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2020-0711) MS Rating: Critical

     

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2020-0712) MS Rating: Critical

     

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2020-0713) MS Rating: Critical

     

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

     

    Scripting Engine Memory Corruption Vulnerability (CVE-2020-0767) MS Rating: Critical

     

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

     

    Microsoft Edge Privilege Escalation Vulnerability (CVE-2020-0663) MS Rating: Important

     

    A privilege escalation vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability.

     

    Microsoft Browser Information Disclosure Vulnerability (CVE-2020-0706) MS Rating: Important

     

    An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all of the web pages in the affected browser.

     

  2. Cumulative Security Updates for Microsoft Office

    Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0693) MS Rating: Important

     

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft Office SharePoint XSS Vulnerability (CVE-2020-0694) MS Rating: Important

     

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

     

    Microsoft Office Online Server Spoofing Vulnerability (CVE-2020-0695) MS Rating: Important

     

    A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly. An attacker could exploit the vulnerability by sending a specially crafted request to an affected site.

     

    Microsoft Outlook Security Bypass Vulnerability (CVE-2020-0696) MS Rating: Important

     

    A security bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats. The security bypass by itself does not allow arbitrary code execution.

     

    Microsoft Office Tampering Vulnerability (CVE-2020-0697) MS Rating: Important

     

    A privilege escalation vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM. To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.

     

    Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-0759) MS Rating: Important

     

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

     

  3. Cumulative Security Updates for Microsoft Windows

    LNK Remote Code Execution Vulnerability (CVE-2020-0729) MS Rating: Critical

     

    A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a . LNK file is processed.

     

    Windows Remote Code Execution Vulnerability (CVE-2020-0662) MS Rating: Critical

     

    A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system.

     

    Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0681) MS Rating: Critical

     

    A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client.

     

    Media Foundation Memory Corruption Vulnerability (CVE-2020-0738) MS Rating: Critical

     

    A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

     

    Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0734) MS Rating: Critical

     

    A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client.

     

    Windows Common Log File System Driver Privilege Escalation Vulnerability (CVE-2020-0657) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

     

    Windows Common Log File System Driver Information Disclosure Vulnerability (CVE-2020-0658) MS Rating: Important

     

    An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed.

     

    Remote Desktop Services Remote Code Execution Vulnerability (CVE-2020-0655) MS Rating: Important

     

    A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system.

     

    Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2020-0659) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

     

    Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability (CVE-2020-0660) MS Rating: Important

     

    A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.

     

    Active Directory Privilege Escalation Vulnerability (CVE-2020-0665) MS Rating: Important

     

    A privilege escalation vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest. To exploit this vulnerability, an attacker would first need to compromise an Active Directory forest.

     

    Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0666) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0667) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Key Isolation Service Information Disclosure Vulnerability (CVE-2020-0675) MS Rating: Important

     

    An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

     

    Windows Key Isolation Service Information Disclosure Vulnerability (CVE-2020-0676) MS Rating: Important

     

    An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

     

    Windows Key Isolation Service Information Disclosure Vulnerability (CVE-2020-0677) MS Rating: Important

     

    An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

     

    Windows Error Reporting Manager Privilege Escalation Vulnerability (CVE-2020-0678) MS Rating: Important

     

    A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

     

    Windows Function Discovery Service Privilege Escalation Vulnerability (CVE-2020-0679) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Function Discovery Service Privilege Escalation Vulnerability (CVE-2020-0680) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Function Discovery Service Privilege Escalation Vulnerability (CVE-2020-0682) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Installer Privilege Escalation Vulnerability (CVE-2020-0683) MS Rating: Important

     

    A privilege escalation vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.

     

    Windows COM Server Privilege Escalation Vulnerability (CVE-2020-0685) MS Rating: Important

     

    A privilege escalation vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.

     

    Windows Installer Privilege Escalation Vulnerability (CVE-2020-0686) MS Rating: Important

     

    A privilege escalation vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.

     

    Microsoft Secure Boot Security Bypass Vulnerability (CVE-2020-0689) MS Rating: Important

     

    A security bypass vulnerability exists in secure boot. An attacker who successfully exploited the vulnerability can bypass secure boot and load untrusted software.

     

    Windows Information Disclosure Vulnerability (CVE-2020-0698) MS Rating: Important

     

    An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.

     

    Windows Client License Service Privilege Escalation Vulnerability (CVE-2020-0701) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Client License Service (ClipSVC) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Surface Hub Security Bypass Vulnerability (CVE-2020-0702) MS Rating: Important

     

    A security bypass vulnerability exists in Surface Hub when prompting for credentials. Successful exploitation of the vulnerability could allow an attacker to access settings which are restricted to Administrators.

     

    Windows Backup Service Privilege Escalation Vulnerability (CVE-2020-0703) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

     

    Windows Wireless Network Manager Privilege Escalation Vulnerability (CVE-2020-0704) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows Wireless Network Manager improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

     

    Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability (CVE-2020-0705) MS Rating: Important

     

    An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

     

    Windows IME Privilege Escalation Vulnerability (CVE-2020-0707) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows IME improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

     

    Windows Imaging Library Remote Code Execution Vulnerability (CVE-2020-0708) MS Rating: Important

     

    A remote code execution vulnerability exists when the Windows Imaging Library improperly handles memory. To exploit this vulnerability, an attacker would first have to coerce a victim to open a specially crafted file.

     

    DirectX Privilege Escalation Vulnerability (CVE-2020-0709) MS Rating: Important

     

    A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    DirectX Information Disclosure Vulnerability (CVE-2020-0714) MS Rating: Important

     

    An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

     

    Windows Diagnostics Tracking Service Privilege Escalation Vulnerability (CVE-2020-0727) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.

     

    Windows Modules Installer Service Information Disclosure Vulnerability (CVE-2020-0728) MS Rating: Important

     

    An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system.

     

    Windows User Profile Service Privilege Escalation Vulnerability (CVE-2020-0730) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.

     

    DirectX Privilege Escalation Vulnerability (CVE-2020-0732) MS Rating: Important

     

    A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Windows Malicious Software Removal Tool Privilege Escalation Vulnerability (CVE-2020-0733) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows Malicious Software Removal Tool (MSRT) improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

     

    Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0735) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Privilege Escalation Vulnerability (CVE-2020-0737) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the tapisrv. dll handles objects in memory.

     

    Windows Privilege Escalation Vulnerability (CVE-2020-0739) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the dssvc. dll handles file creation allowing for a file overwrite or creation in a secured location.

     

    Windows Privilege Escalation Vulnerability (CVE-2020-0740) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Privilege Escalation Vulnerability (CVE-2020-0741) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Privilege Escalation Vulnerability (CVE-2020-0742) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Privilege Escalation Vulnerability (CVE-2020-0743) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Data Sharing Service Privilege Escalation Vulnerability (CVE-2020-0747) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

     

    Windows Key Isolation Service Information Disclosure Vulnerability (CVE-2020-0748) MS Rating: Important

     

    An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

     

    Connected Devices Platform Service Elevation of Privilege Vulnerability (CVE-2020-0749) MS Rating: Important

     

    An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Connected Devices Platform Service Elevation of Privilege Vulnerability (CVE-2020-0750) MS Rating: Important

     

    An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Search Indexer Privilege Escalation Vulnerability (CVE-2020-0752) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Error Reporting Privilege Escalation Vulnerability (CVE-2020-0753) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow Privilege Escalation if an attacker can successfully exploit it.

     

    Windows Error Reporting Privilege Escalation Vulnerability (CVE-2020-0754) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow Privilege Escalation if an attacker can successfully exploit it.

     

    Windows Key Isolation Service Information Disclosure Vulnerability (CVE-2020-0755) MS Rating: Important

     

    An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

     

    Windows Key Isolation Service Information Disclosure Vulnerability (CVE-2020-0756) MS Rating: Important

     

    An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

     

    Windows SSH Elevation of Privilege Vulnerability (CVE-2020-0757) MS Rating: Important

     

    An elevation of privilege vulnerability exists when Windows improperly handles Secure Socket Shell remote commands. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.

     

  4. Cumulative Security Updates for Microsoft Windows Kernel

    Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0668) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0669) MS Rating: Important

     

    A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

     

    Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0670) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0671) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0672) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0691) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Information Disclosure Vulnerability (CVE-2020-0716) MS Rating: Important

     

    An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

     

    Win32k Information Disclosure Vulnerability (CVE-2020-0717) MS Rating: Important

     

    An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0719) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0720) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0721) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0722) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0723) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0724) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0725) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0726) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Win32k Privilege Escalation Vulnerability (CVE-2020-0731) MS Rating: Important

     

    A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

     

    Windows Kernel Information Disclosure Vulnerability (CVE-2020-0736) MS Rating: Important

     

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

     

  5. Cumulative Security Updates for Windows Hyper-V

    Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0661) MS Rating: Important

     

    A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.

     

    Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0751) MS Rating: Important

     

    A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.

     

  6. Cumulative Security Updates for Microsoft Graphics Component

    Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-0715) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

     

    Windows GDI Information Disclosure Vulnerability (CVE-2020-0744) MS Rating: Important

     

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.

     

    Windows Graphics Component Privilege Escalation Vulnerability (CVE-2020-0745) MS Rating: Important

     

    A privilege escalation vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

     

    Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2020-0746) MS Rating: Important

     

    An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information that could be useful for further exploitation.

     

    Windows Graphics Component Elevation of Privilege Vulnerability (CVE-2020-0792) MS Rating: Important

     

    An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

     

  7. Cumulative Security Updates for Microsoft Exchange Server

    Microsoft Exchange Memory Corruption Vulnerability (CVE-2020-0688) MS Rating: Important

     

    A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user.

     

    Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2020-0692) MS Rating: Important

     

    A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server.

     

  8. Security Update for SQL Server

    Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618) MS Rating: Important

     

    A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.

     

More information is available on Symantec's free Security Center portal and to our customers through the DeepSight Threat Management System.

About the Author

Preethi Koroth

Threat Analysis Engineer

Preethi Koroth is a member of Symantec's Cyber Security Services organization which provides round-the-clock monitoring and protection services against cyber attacks.