Microsoft September 2020 Patch Tuesday, (Tue, Sep 8th)

This post was originally published on this site

This month we got patches for 129 vulnerabilities. Of these, 23 are critical and none of them was previously disclosed or is being exploited according to Microsoft.

Amongst the critical ones, there is a remote code execution (RCE) vulnerability in Microsoft SharePoint (CVE-2020-1210) with a CVSS score of 9.9 (the highest this month). The vulnerability exists when the software fails to check the source markup of an application package. To exploit this vulnerability, an attacker has to upload a specially crafted SharePoint application package to a vulnerable SharePoint.

There is also an RCE in Microsoft Exchange (CVE-2020-16875), with a CVSS score of 9.1. To exploit this vulnerability, an attacker has to send a specially crafted e-mail to a vulnerable Exchange Server. An attacker who successfully exploits this vulnerability could run arbitrary code in the context of System user.

A third vulnerability worth mentioning is an RCE affecting Active Directory (CVE-2020-0761) when integrated with DNS (ADIDNS). An authenticated attacker could run arbitrary code in the context of Local System account if successfully exploits this vulnerability. To exploit the vulnerability, an authenticated attacker could send malicious requests to an Active Directory integrated DNS (ADIDNS) server. The CVSS score for this vulnerability is 8.8.

See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
ADFS Spoofing Vulnerability
%%cve:2020-0837%% No No Less Likely Less Likely Important 5.0 4.5
Active Directory Information Disclosure Vulnerability
%%cve:2020-0664%% No No More Likely More Likely Important 6.5 5.9
%%cve:2020-0856%% No No More Likely More Likely Important 6.5 5.9
Active Directory Remote Code Execution Vulnerability
%%cve:2020-0718%% No No Less Likely Less Likely Important 8.8 7.9
%%cve:2020-0761%% No No Less Likely Less Likely Important 8.8 7.9
Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
%%cve:2020-1590%% No No Less Likely Less Likely Important 5.5 5.0
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
%%cve:2020-1130%% No No Less Likely Less Likely Important 6.6 5.9
%%cve:2020-1133%% No No Less Likely Less Likely Important 5.5 5.0
DirectX Elevation of Privilege Vulnerability
%%cve:2020-1053%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1308%% No No More Likely More Likely Important 7.0 6.3
GDI+ Remote Code Execution Vulnerability
%%cve:2020-1285%% No No Less Likely Less Likely Critical 8.4 7.6
Group Policy Elevation of Privilege Vulnerability
%%cve:2020-1013%% No No Less Likely Less Likely Important 7.5 6.7
Internet Explorer Browser Helper Object (BHO) Memory Corruption Vulnerability
%%cve:2020-16884%% No No Less Likely Less Likely Important 4.2 3.8
Jet Database Engine Remote Code Execution Vulnerability
%%cve:2020-1039%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1074%% No No Less Likely Less Likely Important 7.8 7.0
Microsoft ASP.NET Core Security Feature Bypass Vulnerability
%%cve:2020-1045%% No No Less Likely Less Likely Important 7.5 6.7
Microsoft Browser Memory Corruption Vulnerability
%%cve:2020-0878%% No No Less Likely Less Likely Critical 4.2 3.8
Microsoft COM for Windows Elevation of Privilege Vulnerability
%%cve:2020-1507%% No No Less Likely Less Likely Important 7.9 7.1
Microsoft COM for Windows Remote Code Execution Vulnerability
%%cve:2020-0922%% No No Less Likely Less Likely Critical 8.8 7.9
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
%%cve:2020-16858%% No No Less Likely Less Likely Important 5.4 4.9
%%cve:2020-16859%% No No Less Likely Less Likely Important 5.4 4.9
%%cve:2020-16861%% No No Less Likely Less Likely Important 5.4 4.9
%%cve:2020-16864%% No No Less Likely Less Likely Important 5.4 4.9
%%cve:2020-16872%% No No Less Likely Less Likely Important 7.6 6.8
%%cve:2020-16878%% No No Less Likely Less Likely Important 5.4 4.9
%%cve:2020-16871%% No No Less Likely Less Likely Important 5.4 4.9
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
%%cve:2020-16860%% No No Less Likely Less Likely Important 6.8 6.1
%%cve:2020-16862%% No No Less Likely Less Likely Critical 7.1 6.4
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
%%cve:2020-16857%% No No Critical 7.1 6.4
Microsoft Excel Information Disclosure Vulnerability
%%cve:2020-1224%% No No Less Likely Less Likely Important 5.5 5.0
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2020-1193%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1332%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1335%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1594%% No No Less Likely Less Likely Important 7.8 7.0
Microsoft Exchange Memory Corruption Vulnerability
%%cve:2020-16875%% No No Less Likely Less Likely Critical 9.1 8.2
Microsoft Graphics Component Information Disclosure Vulnerability
%%cve:2020-0921%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2020-1083%% No No Less Likely Less Likely Important 5.5 5.0
Microsoft Office Information Disclosure Vulnerability
%%cve:2020-16855%% No No Less Likely Less Likely Important 5.5 5.0
Microsoft Office SharePoint XSS Vulnerability
%%cve:2020-1345%% No No Less Likely Less Likely Important 7.4 6.7
%%cve:2020-1575%% No No Less Likely Less Likely Important 5.4 4.9
%%cve:2020-1198%% No No Important 7.4 6.7
%%cve:2020-1227%% No No Important 5.4 4.9
%%cve:2020-1482%% No No Less Likely Less Likely Important 6.3 5.7
%%cve:2020-1514%% No No Less Likely Less Likely Important 5.4 4.9
Microsoft SharePoint Remote Code Execution Vulnerability
%%cve:2020-1452%% No No Less Likely Less Likely Critical 8.6 7.7
%%cve:2020-1453%% No No Less Likely Less Likely Critical 8.6 7.7
%%cve:2020-1576%% No No Less Likely Less Likely Critical 8.5 7.6
%%cve:2020-1200%% No No Less Likely Less Likely Critical 8.6 7.7
%%cve:2020-1210%% No No Less Likely Less Likely Critical 9.9 8.9
%%cve:2020-1595%% No No Less Likely Less Likely Critical 9.9 8.9
Microsoft SharePoint Server Remote Code Execution Vulnerability
%%cve:2020-1460%% No No Less Likely Less Likely Critical 8.6 7.7
Microsoft SharePoint Server Tampering Vulnerability
%%cve:2020-1440%% No No Less Likely Less Likely Important 6.3 5.7
%%cve:2020-1523%% No No Less Likely Less Likely Important 8.9 8.0
Microsoft SharePoint Spoofing Vulnerability
%%cve:2020-1205%% No No Less Likely Less Likely Important 4.6 4.2
Microsoft Store Runtime Elevation of Privilege Vulnerability
%%cve:2020-0766%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1146%% No No Less Likely Less Likely Important 6.6 5.9
Microsoft Windows Codecs Library Remote Code Execution Vulnerability
%%cve:2020-1129%% No No Less Likely Less Likely Critical 8.8 7.9
%%cve:2020-1319%% No No Less Likely Less Likely Critical 7.3 6.6
Microsoft Word Remote Code Execution Vulnerability
%%cve:2020-1218%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1338%% No No Less Likely Less Likely Important 7.8 7.0
Microsoft splwow64 Elevation of Privilege Vulnerability
%%cve:2020-0790%% No No Less Likely Less Likely Important 7.8 7.0
Microsoft splwow64 Information Disclosure Vulnerability
%%cve:2020-0875%% No No Less Likely Less Likely Important 5.5 5.0
NTFS Elevation of Privilege Vulnerability
%%cve:2020-0838%% No No Less Likely Less Likely Important 7.8 7.0
OneDrive for Windows Elevation of Privilege Vulnerability
%%cve:2020-16851%% No No Less Likely Less Likely Important 7.1 6.4
%%cve:2020-16852%% No No Less Likely Less Likely Important 7.1 6.4
%%cve:2020-16853%% No No Less Likely Less Likely Important 7.1 6.4
Projected Filesystem Information Disclosure Vulnerability
%%cve:2020-16879%% No No Less Likely Less Likely Important 5.5 5.0
Projected Filesystem Security Feature Bypass Vulnerability
%%cve:2020-0805%% No No Less Likely Less Likely Important 5.3 4.8
SQL Server Reporting Services Security Feature Bypass Vulnerability
%%cve:2020-1044%% No No Less Likely Less Likely Moderate 4.3 3.9
Scripting Engine Memory Corruption Vulnerability
%%cve:2020-1057%% No No Less Likely Less Likely Critical 4.2 3.8
%%cve:2020-1172%% No No Less Likely Less Likely Critical 4.2 3.8
%%cve:2020-1180%% No No Less Likely Less Likely Important 4.2 3.8
Shell infrastructure component Elevation of Privilege Vulnerability
%%cve:2020-0870%% No No Less Likely Less Likely Important 7.8 7.0
TLS Information Disclosure Vulnerability
%%cve:2020-1596%% No No Less Likely Less Likely Important 5.4 4.9
Visual Studio JSON Remote Code Execution Vulnerability
%%cve:2020-16881%% No No Less Likely Less Likely Important 7.8 7.0
Visual Studio Remote Code Execution Vulnerability
%%cve:2020-16856%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-16874%% No No Less Likely Less Likely Critical 7.8 7.0
Win32k Elevation of Privilege Vulnerability
%%cve:2020-1245%% No No More Likely More Likely Important 7.0 6.3
Win32k Information Disclosure Vulnerability
%%cve:2020-0941%% No No More Likely More Likely Important 5.5 5.0
%%cve:2020-1250%% No No Less Likely Less Likely Important 5.5 5.0
WinINet API Elevation of Privilege Vulnerability
%%cve:2020-1012%% No No Less Likely Less Likely Important 8.8 7.9
Windows Camera Codec Pack Remote Code Execution Vulnerability
%%cve:2020-0997%% No No Less Likely Less Likely Critical 7.8 7.0
Windows CloudExperienceHost Elevation of Privilege Vulnerability
%%cve:2020-1471%% No No Less Likely Less Likely Important 6.1 5.5
Windows Common Log File System Driver Elevation of Privilege Vulnerability
%%cve:2020-1115%% No No More Likely More Likely Important 7.8 7.0
Windows Cryptographic Catalog Services Elevation of Privilege Vulnerability
%%cve:2020-0782%% No No Less Likely Less Likely Important 7.8 7.0
Windows DHCP Server Information Disclosure Vulnerability
%%cve:2020-1031%% No No Less Likely Less Likely Important 7.5 6.7
Windows DNS Denial of Service Vulnerability
%%cve:2020-0836%% No No Less Likely Less Likely Important 7.5 6.7
%%cve:2020-1228%% No No Less Likely Less Likely Important 7.5 6.7
Windows Defender Application Control Security Feature Bypass Vulnerability
%%cve:2020-0951%% No No Less Likely Less Likely Important 6.7 6.0
Windows Elevation of Privilege Vulnerability
%%cve:2020-1376%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1052%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1159%% No No Less Likely Less Likely Important 5.3 4.8
Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability
%%cve:2020-0912%% No No Less Likely Less Likely Important 7.0 6.3
Windows Function Discovery Service Elevation of Privilege Vulnerability
%%cve:2020-1491%% No No Less Likely Less Likely Important 7.8 7.0
Windows GDI Information Disclosure Vulnerability
%%cve:2020-1256%% No No Less Likely Less Likely Important 5.5 5.0
Windows Graphics Component Elevation of Privilege Vulnerability
%%cve:2020-0998%% No No Less Likely Less Likely Important 7.8 7.0
Windows Graphics Component Information Disclosure Vulnerability
%%cve:2020-1091%% No No Less Likely Less Likely Important 6.5 5.9
%%cve:2020-1097%% No No Less Likely Less Likely Important 6.5 5.9
Windows Hyper-V Denial of Service Vulnerability
%%cve:2020-0890%% No No Less Likely Less Likely Important 6.5 5.9
%%cve:2020-0904%% No No Less Likely Less Likely Important 6.5 5.9
Windows Information Disclosure Vulnerability
%%cve:2020-1119%% No No Less Likely Less Likely Important 5.5 5.0
Windows InstallService Elevation of Privilege Vulnerability
%%cve:2020-1532%% No No Less Likely Less Likely Important 7.8 7.0
Windows Kernel Elevation of Privilege Vulnerability
%%cve:2020-1034%% No No Less Likely Less Likely Important 6.8 6.1
Windows Kernel Information Disclosure Vulnerability
%%cve:2020-1589%% No No Less Likely Less Likely Important 4.4 4.0
%%cve:2020-1592%% No No Less Likely Less Likely Important 5.1 4.6
%%cve:2020-0928%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2020-1033%% No No Less Likely Less Likely Important 4.0 3.6
%%cve:2020-16854%% No No Less Likely Less Likely Important 5.5 5.0
Windows Language Pack Installer Elevation of Privilege Vulnerability
%%cve:2020-1122%% No No Less Likely Less Likely Important 5.5 5.0
Windows Media Audio Decoder Remote Code Execution Vulnerability
%%cve:2020-1508%% No No Less Likely Less Likely Critical 7.6 6.8
%%cve:2020-1593%% No No Less Likely Less Likely Critical 7.6 6.8
Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability
%%cve:2020-0989%% No No Less Likely Less Likely Important 5.5 5.0
Windows Modules Installer Elevation of Privilege Vulnerability
%%cve:2020-0911%% No No Less Likely Less Likely Important 7.8 7.0
Windows Print Spooler Elevation of Privilege Vulnerability
%%cve:2020-1030%% No No Less Likely Less Likely Important 7.8 7.0
Windows RSoP Service Application Elevation of Privilege Vulnerability
%%cve:2020-0648%% No No Less Likely Less Likely Important 7.8 7.0
Windows Remote Code Execution Vulnerability
%%cve:2020-1252%% No No Less Likely Less Likely Critical 7.8 7.0
Windows Routing Utilities Denial of Service
%%cve:2020-1038%% No No Less Likely Less Likely Important 5.5 5.0
Windows Runtime Elevation of Privilege Vulnerability
%%cve:2020-1169%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-1303%% No No Less Likely Less Likely Important 5.5 5.0
Windows Shell Infrastructure Component Elevation of Privilege Vulnerability
%%cve:2020-1098%% No No Less Likely Less Likely Important 7.8 7.0
Windows Start-Up Application Elevation of Privilege Vulnerability
%%cve:2020-1506%% No No Less Likely Less Likely Important 6.1 5.5
Windows State Repository Service Information Disclosure Vulnerability
%%cve:2020-0914%% No No Less Likely Less Likely Important 5.5 5.0
Windows Storage Services Elevation of Privilege Vulnerability
%%cve:2020-1559%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2020-0886%% No No Less Likely Less Likely Important 7.8 7.0
Windows Text Service Module Remote Code Execution Vulnerability
%%cve:2020-0908%% No No Less Likely Less Likely Critical 7.5 6.7
Windows UPnP Service Elevation of Privilege Vulnerability
%%cve:2020-1598%% No No Less Likely Less Likely Important 6.1 5.5
Windows Win32k Elevation of Privilege Vulnerability
%%cve:2020-1152%% No No More Likely More Likely Important 5.8 5.2
Windows dnsrslvr.dll Elevation of Privilege Vulnerability
%%cve:2020-0839%% No No Less Likely Less Likely Important 7.8 7.0
Xamarin.Forms Spoofing Vulnerability
%%cve:2020-16873%% No No Less Likely Less Likely Important 4.7 4.4


Renato Marinho
Morphus Labs| LinkedIn|Twitter

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.