Microsoft’s Security Bulletin for May Patches That Fix 111 Security Vulnerabilities Threat Alert

Microsoft’s Security Bulletin for May Patches That Fix 111 Security Vulnerabilities Threat Alert

maio 29, 2020 | Adeline Zhang

Overview

Microsoft released the May 2020 security patch on Tuesday that fixes 111 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Core, .NET Framework, Active Directory, Common Log File System Driver, Internet Explorer, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Power BI, Visual Studio, Windows Hyper-V, Windows Kernel, Windows Scripting, Windows Subsystem for Linux, Windows Task Scheduler, and Windows Update Stack.

Description of Critical Vulnerabilities

Microsoft fixed 15 critical vulnerabilities, five of which are described in detail as follows:

  • CVE-2020-1023, CVE-2020-1024, CVE-2020-1069, and CVE-2020–1102

These are RCE vulnerabilities in the SharePoint. Attackers could exploit these vulnerabilities to execute arbitrary code on a victim machine or server. To successfully exploit the CVE-2020-1069 vulnerability, attackers need to upload a crafted package to the SharePoint server. To exploit the CVE-2020-1023, CVE-2020-1024, and CVE-2020–1102 vulnerabilities, attackers need to trick a user into opening a crafted SharePoint file.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1023
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1024
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1069
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1102
  • CVE-2020-1062

This is a memory corruption vulnerability in the Internet Explorer web browser. This vulnerability can be triggered when a user accesses a crafted web page controlled by the attacker. An attacker could exploit this vulnerability to corrupt the memory on the target machine and then execute arbitrary code in the context of the current user via a crafted web page. The security update addresses this vulnerability by modifying how Internet Explorer handles objects in memory.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1062

Vulnerabilities

The following table lists these vulnerabilities.

ProductCVE IDCVE TitleSeverity Level
Microsoft Graphics ComponentCVE-2020-1117Microsoft Color Management Remote Code Execution VulnerabilityCritical
Microsoft Graphics ComponentCVE-2020-1153Microsoft Graphics Components Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2020-1023Microsoft SharePoint Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2020-1024Microsoft SharePoint Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2020-1069Microsoft SharePoint Server Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2020-1102Microsoft SharePoint Remote Code Execution VulnerabilityCritical
Microsoft Scripting EngineCVE-2020-1065Scripting Engine Memory Corruption VulnerabilityCritical
Microsoft WindowsCVE-2020-1028Media Foundation Memory Corruption VulnerabilityCritical
Microsoft WindowsCVE-2020-1126Media Foundation Memory Corruption VulnerabilityCritical
Microsoft WindowsCVE-2020-1136Media Foundation Memory Corruption VulnerabilityCritical
Visual StudioCVE-2020-1192Visual Studio Code Python Extension Remote Code Execution VulnerabilityCritical
Internet ExplorerCVE-2020-1064MSHTML Engine Remote Code Execution VulnerabilityCritical
Internet ExplorerCVE-2020-1093VBScript Remote Code Execution VulnerabilityCritical
Microsoft EdgeCVE-2020-1056Microsoft Edge Privilege Escalation VulnerabilityCritical
Internet ExplorerCVE-2020-1062Internet Explorer Memory Corruption VulnerabilityCritical
.NET CoreCVE-2020-1108.NET Core & .NET Framework Denial-of-Service VulnerabilityImportant
.NET CoreCVE-2020-1161ASP.NET Core Denial-of-Service VulnerabilityImportant
.NET FrameworkCVE-2020-1066.NET Framework Privilege Escalation VulnerabilityImportant
Active DirectoryCVE-2020-1055Microsoft Active Directory Federation Services Cross-Site Scripting VulnerabilityImportant
Common Log File System DriverCVE-2020-1154Windows Common Log File System Driver Privilege Escalation VulnerabilityImportant
Microsoft DynamicsCVE-2020-1063Microsoft Dynamics 365 (On-Premise) Cross Site Scripting VulnerabilityImportant
Microsoft EdgeCVE-2020-1059Microsoft Edge Spoofing VulnerabilityImportant
Microsoft EdgeCVE-2020-1096Microsoft Edge PDF Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0963Windows GDI Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1054Win32k Privilege Escalation VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1135Windows Graphics Component Privilege Escalation VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1140DirectX Privilege Escalation VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1179Windows GDI Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1141Windows GDI Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1142Windows GDI Privilege Escalation VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-1145Windows GDI Information Disclosure VulnerabilityImportant
Microsoft JET Database EngineCVE-2020-1175Jet Database Engine Remote Code Execution VulnerabilityImportant
Microsoft JET Database EngineCVE-2020-1051Jet Database Engine Remote Code Execution VulnerabilityImportant
Microsoft JET Database EngineCVE-2020-1174Jet Database Engine Remote Code Execution VulnerabilityImportant
Microsoft JET Database EngineCVE-2020-1176Jet Database Engine Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-0901Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1099Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1101Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1107Microsoft SharePoint Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1100Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1103Microsoft SharePoint Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1104Microsoft SharePoint Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1105Microsoft SharePoint Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2020-1106Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft WindowsCVE-2020-1021Windows Error Reporting Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1010Microsoft Windows Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1048Windows Print Spooler Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1071Windows Remote Access Common Dialog Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1076Windows Denial-of-Service VulnerabilityImportant
Microsoft WindowsCVE-2020-1078Windows Installer Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1084Connected User Experiences and Telemetry Service Denial-of-Service VulnerabilityImportant
Microsoft WindowsCVE-2020-1116Windows CSRSS Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-1118Microsoft Windows Transport Layer Security Denial-of-Service VulnerabilityImportant
Microsoft WindowsCVE-2020-1124Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1134Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1137Windows Push Notification Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1138Windows Storage Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1143Win32k Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1144Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1149Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1150Media Foundation Memory Corruption VulnerabilityImportant
Microsoft WindowsCVE-2020-1151Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1155Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1156Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1157Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1158Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1186Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1189Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1190Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1067Windows Remote Code Execution VulnerabilityImportant
Microsoft WindowsCVE-2020-1068Microsoft Windows Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1070Windows Print Spooler Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1072Windows Kernel Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-1077Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1079Microsoft Windows Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1081Windows Printer Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1082Windows Error Reporting Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1086Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1088Windows Error Reporting Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1090Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1111Windows Clipboard Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1112Windows Background Intelligent Transfer Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1121Windows Clipboard Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1123Connected User Experiences and Telemetry Service Denial-of-Service VulnerabilityImportant
Microsoft WindowsCVE-2020-1125Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1131Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1132Windows Error Reporting Manager Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1139Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1164Windows Runtime Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1165Windows Clipboard Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1166Windows Clipboard Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1184Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1185Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1187Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1188Windows State Repository Service Privilege Escalation VulnerabilityImportant
Microsoft WindowsCVE-2020-1191Windows State Repository Service Privilege Escalation VulnerabilityImportant
Power BICVE-2020-1173Microsoft Power BI Report Server Spoofing VulnerabilityImportant
Visual StudioCVE-2020-1171Visual Studio Code Python Extension Remote Code Execution VulnerabilityImportant
Windows Hyper-VCVE-2020-0909Windows Hyper-V Denial-of-Service VulnerabilityImportant
Windows KernelCVE-2020-1114Windows Kernel Privilege Escalation VulnerabilityImportant
Windows KernelCVE-2020-1087Windows Kernel Privilege Escalation VulnerabilityImportant
Windows ScriptingCVE-2020-1061Microsoft Script Runtime Remote Code Execution VulnerabilityImportant
Windows Subsystem for LinuxCVE-2020-1075Windows Subsystem for Linux Information Disclosure VulnerabilityImportant
Windows Task SchedulerCVE-2020-1113Windows Task Scheduler Security Feature Bypass VulnerabilityImportant
Windows Update StackCVE-2020-1110Windows Update Stack Privilege Escalation VulnerabilityImportant
Windows Update StackCVE-2020-1109Windows Update Stack Privilege Escalation VulnerabilityImportant
Internet ExplorerCVE-2020-1092Internet Explorer Memory Corruption VulnerabilityLow
Microsoft Scripting EngineCVE-2020-1035VBScript Remote Code Execution VulnerabilityLow
Microsoft Scripting EngineCVE-2020-1058VBScript Remote Code Execution VulnerabilityLow
Microsoft Scripting EngineCVE-2020-1060VBScript Remote Code Execution VulnerabilityLow
Microsoft Scripting EngineCVE-2020-1037Chakra Scripting Engine Memory Corruption VulnerabilityModerate

Recommended Mitigation Measures

Microsoft has released security updates to fix these issues. Please download and install them as soon as possible.

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1192
ProductKB ArticleSeverityImpactSupersedenceCVSS Score SetRestart Required
Visual Studio CodeRelease Notes Security UpdateCriticalRemote Code ExecutionBase: N/A Temporal: N/A Vector: N/AMaybe

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.

About NSFOCUS

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.

NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).

A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.

Download: