Microsoft’s August 2020 Patches Fix 120 Security Vulnerabilities Threat Alert

Microsoft’s August 2020 Patches Fix 120 Security Vulnerabilities Threat Alert

agosto 30, 2020 | Adeline Zhang

Overview  

Microsoft released August 2020 security updates on Tuesday which fix 120 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Framework, ASP.NET, Internet Explorer, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Video Control, Microsoft Windows, Microsoft Windows Codecs Library, Netlogon, SQL Server, Visual Studio, Windows AI, Windows COM, Windows Kernel, Windows Media, Windows Media Player, Windows Print Spooler Components, Windows RDP, Windows Registry, Windows Shell, Windows Update Stack, and Windows WalletService.

Description of Critical Vulnerabilities

This time, Microsoft fixes 16 critical vulnerabilities and 103 important vulnerabilities, two of which have been reported to be exploited. All users are advised to install updates without delay.

  • Microsoft Media Foundation

The vulnerabilities (CVE-2020-1379, CVE-2020-1477, CVE-2020-1492, CVE-2020-1525, and CVE-2020-1554) allows an attacker to corrupt memory in certain ways and thereby remotely execute arbitrary code on the victim’s system.An attacker could exploit the vulnerabilities by convincing a target user to open a specially crafted document or webpage.

Vulnerability reference links:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1379
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1477
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1492
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1525
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1554
  • Windows Signature Authentication Bypass

The vulnerability (CVE-2020-1464) allows an attacker to perform specific operations on a target system and thereby bypass Windows’s signature mechanism to upload malicious programs or files.

The vulnerability has been exploited in the wild. Users are advised to update as soon as possible.

Vulnerability reference link:

https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1464
  • Microsoft Scripting Engine

The vulnerabilities (CVE-2020-1380, and CVE-2020-1555) allows an attacker to corrupt memory in certain ways and thereby remotely execute arbitrary code on the victim’s system.

The vulnerability (CVE-2020-1380) has been exploited in the wild. Users are advised to update as soon as possible.

Vulnerability reference links:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1555
  • Microsoft’s Netlogon Remote Protocol

Microsoft’s Netlogon Remote Protocol contains a remote code execution vulnerability (CVE-2020-1472).An attacker could run a specially crafted application on a device connected to the network of a target user, thereby executing arbitrary code.After the month’s updates, users are advised to configure the enhanced model of Domain Controller.

Vulnerability reference link:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

More vulnerability information is summarized as follows:

ProductCVE IDCVE TitleSeverity
.NET FrameworkCVE-2020-1476ASP.NET and .NET Privilege Escalation VulnerabilityImportant
.NET FrameworkCVE-2020-1046.NET Framework Remote Code Execution VulnerabilityCritical
ASP.NETCVE-2020-1597ASP.NET Core Denial-of-Service VulnerabilityImportant
Internet ExplorerCVE-2020-1567MSHTML Engine Remote Code Execution VulnerabilityModerate
Microsoft DynamicsCVE-2020-1591Microsoft Dynamics 365 (On-Premise) Cross Site Scripting VulnerabilityImportant
Microsoft EdgeCVE-2020-1568Microsoft Edge PDF Remote Code Execution VulnerabilityModerate
Microsoft EdgeCVE-2020-1569Microsoft Edge Memory Corruption VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1510Win32k Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1529Windows GDI Privilege Escalation VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1561Microsoft Graphics Components Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1562Microsoft Graphics Components Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1577DirectWrite Information Disclosure VulnerabilityImportant
Microsoft JET Database EngineCVE-2020-1473Jet Database Engine Remote Code Execution VulnerabilityImportant
Microsoft JET Database EngineCVE-2020-1557Jet Database Engine Remote Code Execution VulnerabilityImportant
Microsoft JET Database EngineCVE-2020-1558Jet Database Engine Remote Code Execution VulnerabilityImportant
Microsoft JET Database EngineCVE-2020-1564Jet Database Engine Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-1483Microsoft Outlook Memory Corruption VulnerabilityCritical
Microsoft OfficeCVE-2020-1493Microsoft Outlook Information Disclosure VulnerabilityImportant
Microsoft OfficeCVE-2020-1494Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-1495Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-1496Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-1497Microsoft Excel Information Disclosure VulnerabilityImportant
Microsoft OfficeCVE-2020-1498Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-1502Microsoft Word Information Disclosure VulnerabilityImportant
Microsoft OfficeCVE-2020-1503Microsoft Word Information Disclosure VulnerabilityImportant
Microsoft OfficeCVE-2020-1504Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-1563Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-1581Microsoft Office Click-to-Run Privilege Escalation VulnerabilityImportant
Microsoft OfficeCVE-2020-1582Microsoft Access Remote Code Execution Vulnerability  Important
Microsoft OfficeCVE-2020-1583Microsoft Word Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1499Microsoft SharePoint Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1500Microsoft SharePoint Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1501Microsoft SharePoint Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1505Microsoft SharePoint Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1573Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1580Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Scripting EngineCVE-2020-1380Scripting Engine Memory Corruption VulnerabilityModerate
Microsoft Scripting EngineCVE-2020-1555Scripting Engine Memory Corruption VulnerabilityCritical
Microsoft Scripting EngineCVE-2020-1570Scripting Engine Memory Corruption VulnerabilityModerate
Microsoft Video ControlCVE-2020-1492Media Foundation Memory Corruption VulnerabilityCritical
Microsoft WindowsCVE-2020-1464Windows Spoofing Vulnerability  Important
Microsoft WindowsCVE-2020-1470Windows Work Folders Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1509Local Security Authority Subsystem Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1516Windows Work Folders Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1517Windows File Server Resource Management Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1518Windows File Server Resource Management Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1519Windows UPnP Device Host Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1520Windows Font Driver Host Remote Code Execution VulnerabilityImportant
Microsoft WindowsCVE-2020-1526Windows Network Connection Broker Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1527Windows Custom Protocol Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1528Windows Radio Manager API Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1530Windows Remote Access Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1534Windows Backup Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1535Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1536Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1537Windows Remote Access Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1538Windows UPnP Device Host Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1539Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1540Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1541Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1542Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1543Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1544Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1545Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1546Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1547Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1549Windows CDP User Components Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1550Windows CDP User Components Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1383Windows RRAS Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-1459Windows ARM Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-1467Windows Hard Link Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1475Windows Server Resource Management Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1480Windows GDI Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1484Windows Work Folders Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1485Windows Image Acquisition Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-1486Windows Kernel Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1488Windows AppX Deployment Extensions Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1489Windows CSC Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1490Windows Storage Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1511Connected User Experiences and Telemetry Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1512Windows State Repository Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-1513Windows CSC Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1515Windows Telephony Server Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1551Windows Backup Engine Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1552Windows Work Folder Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1553Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1566Windows Kernel Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1579Windows Function Discovery SSDP Provider Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1584Windows dnsrslvr.dll Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1587Windows Ancillary Function Driver for WinSock Privilege Escalation VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2020-1560Microsoft Windows Codecs Library Remote Code Execution VulnerabilityCritical
Microsoft Windows Codecs LibraryCVE-2020-1574Microsoft Windows Codecs Library Remote Code Execution VulnerabilityCritical
Microsoft Windows Codecs LibraryCVE-2020-1585Microsoft Windows Codecs Library Remote Code Execution VulnerabilityCritical
NetlogonCVE-2020-1472Netlogon Privilege Escalation VulnerabilityCritical
SQL ServerCVE-2020-1455Microsoft SQL Server Management Studio Denial-of-Service VulnerabilityImportant
Visual StudioCVE-2020-0604Visual Studio Code Remote Code Execution VulnerabilityImportant
Windows AICVE-2020-1521Windows Speech Runtime Privilege Escalation VulnerabilityImportant
Windows AICVE-2020-1522Windows Speech Runtime Privilege Escalation VulnerabilityImportant
Windows AICVE-2020-1524Windows Speech Shell Components Privilege Escalation VulnerabilityImportant
Windows COMCVE-2020-1474Windows Image Acquisition Service Information Disclosure VulnerabilityImportant
Windows KernelCVE-2020-1417Windows Kernel Privilege Escalation VulnerabilityImportant
Windows KernelCVE-2020-1479DirectX Privilege Escalation VulnerabilityImportant
Windows KernelCVE-2020-1578Windows Kernel Information Disclosure VulnerabilityImportant
Windows MediaCVE-2020-1525Media Foundation Memory Corruption VulnerabilityCritical
Windows MediaCVE-2020-1379Media Foundation Memory Corruption VulnerabilityCritical
Windows MediaCVE-2020-1339Windows Media Remote Code Execution VulnerabilityCritical
Windows MediaCVE-2020-1487Media Foundation Information Disclosure VulnerabilityImportant
Windows MediaCVE-2020-1554Media Foundation Memory Corruption VulnerabilityCritical
Windows Media PlayerCVE-2020-1477Media Foundation Memory Corruption VulnerabilityCritical
Windows Media PlayerCVE-2020-1478Media Foundation Memory Corruption VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2020-1337Windows Print Spooler Privilege Escalation VulnerabilityImportant
Windows RDPCVE-2020-1466Windows Remote Desktop Gateway (RD Gateway) Denial-of-Service VulnerabilityImportant
Windows RegistryCVE-2020-1377Windows Registry Privilege Escalation VulnerabilityImportant
Windows RegistryCVE-2020-1378Windows Registry Privilege Escalation VulnerabilityImportant
Windows ShellCVE-2020-1531Windows Accounts Control Privilege Escalation VulnerabilityImportant
Windows ShellCVE-2020-1565Windows Privilege Escalation VulnerabilityImportant
Windows Update StackCVE-2020-1548Windows WaasMedic Service Information Disclosure VulnerabilityImportant
Windows Update StackCVE-2020-1571Windows Setup Privilege Escalation VulnerabilityImportant
Windows WalletServiceCVE-2020-1533Windows WalletService Privilege Escalation VulnerabilityImportant
Windows WalletServiceCVE-2020-1556Windows WalletService Privilege Escalation VulnerabilityImportant

Recommended Mitigation Measures

Microsoft has released security updates to fix these issues. Please download and install them as soon as possible.

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.

About NSFOCUS

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.

NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).

A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.

Link to full version: