View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 12, 2020

Microsoft Patches Another 120 Bugs — Two Under Active Attack

Set of patches includes an unusual "critical" rated elevation of privilege bug

By CBR Staff Writer

Microsoft has patched 120 CVEs for August, including 17 labelled critical and two under active attack in the wild. The release brings its patches to 862 so far this year — more than full-year 2019.

The patches plug vulnerabilities in Windows, Microsoft Scripting Engine, SQL Server, .NET Framework, ASP.NET Core, Office and Office Services and Web Apps, Microsoft Dynamics and more.

Under active attack:

CVE-2020-1464 – Windows Spoofing Vulnerability

This spoofing bug allows an attacker to load improperly signed files, bypassing signature verification.

Microsoft does not list where this is public or how many people are affected by the attacks, but all supported versions of Windows are affected, so test and deploy this one quickly.

CVE-2020-1380 – Scripting Engine Memory Corruption Vulnerability

This bug in IE lets attacker run their code on a target system if an affected version of IE views a specially crafted website.

The bug was reported by Kaspersky, it’s reasonable to assume malware is involved.

CVE-2020-1472 – NetLogon Elevation of Privilege Vulnerability

An unusual elevation of privilege bug that’s rated critical, this vulnerability is in the Netlogon Remote Protocol (MS-NRPC). An unauthenticated attacker would use MS-NRPC to connect to a Domain Controller (DC) to obtain administrative access. Worryingly, there is not a full fix available. As the ZDI notes: “This patch enables the DCs to protect devices, but a second patch currently slated for Q1 2021 enforces secure Remote Procedure Call (RPC) with Netlogon to fully address this bug.”

After applying this patch, you’ll still need to make changes to your DC. Microsoft published guidelines to help administrators choose the correct settings.

As Onebite notes, Microsoft also released patches for 6 memory corruption vulnerabilities in Media Foundation (CVE-2020-1525CVE-2020-1379CVE-2020-1477CVE-2020-1478CVE-2020-1492CVE-2020-1554).

An attacker persuading a user to open a malicious file would get the same rights as that user. All Media Foundation installations should be prioritised for patching.

More to follow.

h/t ZDI and Qualys.

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED
THANK YOU