\n
Microsoft released the January security update on Tuesday, fixing 49 security issues ranging from simple spoofing attacks to remote code execution, discovered in products like .NET Framework, Apps, ASP.NET, Common Log File System Driver, Microsoft Dynamics, Microsoft Graphics Component, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows Search Component, Windows Hyper-V, Windows Media, Windows RDP, Windows Subsystem for Linux, and Windows Update Stack.
\n<\/p>\n
Of the vulnerabilities fixed by Microsoft’s this monthly update, a total of eight critical vulnerabilities exist in the .NET Framework, ASP.NET, Microsoft Scripting Engine, and Windows RDP. In addition, there are 41 important vulnerabilities.<\/p>\n
The following are eight critical vulnerabilities covered in this update.<\/p>\n
These two remote code execution vulnerabilities in the Windows Remote Desktop Gateway (RD Gateway) could be exploited by unauthenticated attackers.<\/p>\n
If the two vulnerabilities are exploited successfully, arbitrary code may be executed on the target system, allowing the attacker to install the program, view, change or delete data, or create a new account with full user rights.<\/p>\n
To exploit this vulnerability, an attacker needs to send a specially crafted request to the RD gateway of the target system via RDP.<\/p>\n
This update addresses these issues by correcting the way the RD gateway handles connection requests.<\/p>\n
For more details about the vulnerabilities and download updates, please refer to Microsoft’s official security advisories:<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0609<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0610<\/p>\n
This is a remote code execution vulnerability in Windows Remote Desktop clients.<\/p>\n
An attacker who successfully exploited this vulnerability could execute arbitrary code on a user’s computer connected to a malicious server. After that, an attacker could install a malicious program, view, change, or delete data, or create a new account with full user rights.<\/p>\n
To exploit this vulnerability, an attacker needs to take control of the server and then convinces a user to connect to the server. This vulnerability could be triggered if a user accesses a malicious server. Although attackers cannot force users to connect to malicious servers, they may entice users to connect through social engineering, DNS poisoning, or man-in-the-middle (MITM) technology. An attacker could also compromise a legitimate server, host malicious code on it, and wait for users to connect.<\/p>\n
For more details about the vulnerabilities and download updates, please refer to Microsoft’s official security advisories:<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0611<\/p>\n
This is a memory corruption vulnerability in the way Internet Explorer handles objects in memory. The vulnerability allows an attacker to execute arbitrary code in the context of the current user.<\/p>\n
An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user logs in with administrative privileges, an attacker could take control of the affected system and may then install a malicious program, view, change or delete data, or create a new account with full user privileges.<\/p>\n
An attacker could build a specially crafted website and then convince users to visit the website. However, attackers cannot force users to view malicious contents, but entice users by email or instant messaging instead.<\/p>\n
Internet Explorer 9, 10, and 11 are affected.<\/p>\n
For more details about the vulnerabilities and download updates, please refer to Microsoft’s official security advisories:<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0640<\/p>\n
The above vulnerabilities are remote code execution vulnerabilities in .NET and ASP.NET Core software. These vulnerabilities can be triggered if a user opens a maliciously crafted file while using an affected .NET or ASP.NET Core version. With a successful exploitation, an attacker could execute arbitrary code in the context of the current user. These errors exist in the way the software handles memory objects.<\/p>\n
For more details about the vulnerabilities and download updates, please refer to Microsoft’s official security advisories:<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0603<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0605<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0606<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0646<\/p>\n
In addition to critical vulnerabilities, this update also fixes 41 important vulnerabilities, three of which require more attention as follows.<\/p>\n
This is a spoofing vulnerability in Windows CryptoAPI. As the Elliptic Curve Cryptography certificate was incorrectly verified by crypt32.dll, an attacker could use this error to spoof a code signing certificate and secretly sign a file, making the file appear to come from a trusted source. Attackers could also use this vulnerability to conduct man-in-the-middle attacks and decrypt confidential information.<\/p>\n
For more details about the vulnerabilities and download updates, please refer to Microsoft’s official security advisories:<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0601<\/p>\n
This is a Microsoft Windows denial-of-service vulnerability. The vulnerability exists when Windows cannot properly handle hard links. An attacker who successfully exploits this vulnerability could cause the target system to stop responding.<\/p>\n
An attacker must log in to the victim’s computer to exploit this vulnerability and then run a specially designed application that could allow the attacker to overwrite system files.<\/p>\n
For more details about the vulnerabilities and download updates, please refer to Microsoft’s official security advisories:<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0616<\/p>\n
A security feature bypass vulnerability exists in Android’s Microsoft OneDrive application. This could allow an attacker to bypass the password or fingerprint of the application.<\/p>\n
For more details about the vulnerabilities and download updates, please refer to Microsoft’s official security advisories:<\/p>\n
https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-0654<\/p>\n
Bugs fixed in this update are shown in the following table:<\/p>\n
Product<\/strong><\/td>\n| CVE ID<\/strong><\/td>\n | CVE Title<\/strong><\/td>\n | Severity Level<\/strong><\/td>\n<\/tr>\n | .NET Framework<\/strong><\/td>\n | CVE-2020-0605<\/td>\n | .NET Framework Remote code execution vulnerability<\/td>\n | Critical<\/td>\n<\/tr>\n | .NET Framework<\/strong><\/td>\n | CVE-2020-0606<\/td>\n | .NET Framework Remote code execution vulnerability<\/td>\n | Critical<\/td>\n<\/tr>\n | .NET Framework<\/strong><\/td>\n | CVE-2020-0646<\/td>\n | .NET Framework Remote Code Execution Injection Vulnerability<\/td>\n | Critical<\/td>\n<\/tr>\n | Apps<\/strong><\/td>\n | CVE-2020-0654<\/td>\n | Microsoft OneDrive for Android Security feature bypass vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | ASP.NET<\/strong><\/td>\n | CVE-2020-0602<\/td>\n | ASP.NET Core Denial of service vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | ASP.NET<\/strong><\/td>\n | CVE-2020-0603<\/td>\n | ASP.NET Core Remote code execution vulnerability<\/td>\n | Critical<\/td>\n<\/tr>\n | Common Log File System Driver<\/strong><\/td>\n | CVE-2020-0615<\/td>\n | Windows Common Log File System Driver Information Disclosure Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Common Log File System Driver<\/strong><\/td>\n | CVE-2020-0639<\/td>\n | Windows Common Log File System Driver Information Disclosure Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Common Log File System Driver<\/strong><\/td>\n | CVE-2020-0634<\/td>\n | Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Dynamics<\/strong><\/td>\n | CVE-2020-0656<\/td>\n | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Graphics Component<\/strong><\/td>\n | CVE-2020-0607<\/td>\n | Microsoft Graphics Components Information Disclosure Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Graphics Component<\/strong><\/td>\n | CVE-2020-0622<\/td>\n | Microsoft Graphics Component Information Disclosure Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Graphics Component<\/strong><\/td>\n | CVE-2020-0642<\/td>\n | Win32k Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Graphics Component<\/strong><\/td>\n | CVE-2020-0643<\/td>\n | Windows GDI+ Information Disclosure Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Office<\/strong><\/td>\n | CVE-2020-0647<\/td>\n | Microsoft Office Online Fraud<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Office<\/strong><\/td>\n | CVE-2020-0650<\/td>\n | Microsoft Excel Remote code execution vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Office<\/strong><\/td>\n | CVE-2020-0651<\/td>\n | Microsoft Excel Remote code execution vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Office<\/strong><\/td>\n | CVE-2020-0652<\/td>\n | Microsoft Office Memory corruption<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Office<\/strong><\/td>\n | CVE-2020-0653<\/td>\n | Microsoft Excel Remote code execution vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Scripting Engine<\/strong><\/td>\n | CVE-2020-0640<\/td>\n | Internet Explorer Memory corruption<\/td>\n | Critical<\/td>\n<\/tr>\n | Microsoft Windows<\/strong><\/td>\n | CVE-2020-0601<\/td>\n | Windows CryptoAPI Fraud<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows<\/strong><\/td>\n | CVE-2020-0608<\/td>\n | Win32k Information Disclosure Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows<\/strong><\/td>\n | CVE-2020-0616<\/td>\n | Microsoft Windows Denial of service vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows<\/strong><\/td>\n | CVE-2020-0620<\/td>\n | Microsoft Cryptographic Services Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows<\/strong><\/td>\n | CVE-2020-0621<\/td>\n | Windows Security feature bypass vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows<\/strong><\/td>\n | CVE-2020-0624<\/td>\n | Win32k Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows<\/strong><\/td>\n | CVE-2020-0635<\/td>\n | Windows Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows<\/strong><\/td>\n | CVE-2020-0644<\/td>\n | Windows Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0613<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0614<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0623<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0625<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0626<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0627<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0628<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0629<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0630<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0631<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0632<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Microsoft Windows Search Component<\/strong><\/td>\n | CVE-2020-0633<\/td>\n | Windows Search Indexer Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Windows Hyper-V<\/strong><\/td>\n | CVE-2020-0617<\/td>\n | Hyper-V Denial of service vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Windows Media<\/strong><\/td>\n | CVE-2020-0641<\/td>\n | Microsoft Windows Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Windows RDP<\/strong><\/td>\n | CVE-2020-0609<\/td>\n | Windows Remote Desktop Gateway (RD Gateway) Remote code execution vulnerability<\/td>\n | Critical<\/td>\n<\/tr>\n | Windows RDP<\/strong><\/td>\n | CVE-2020-0610<\/td>\n | Windows Remote Desktop Gateway (RD Gateway) Remote code execution vulnerability<\/td>\n | Critical<\/td>\n<\/tr>\n | Windows RDP<\/strong><\/td>\n | CVE-2020-0611<\/td>\n | Remote Desktop Client Remote code execution vulnerability<\/td>\n | Critical<\/td>\n<\/tr>\n | Windows RDP<\/strong><\/td>\n | CVE-2020-0612<\/td>\n | Windows Remote Desktop Gateway (RD Gateway) Denial of service vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Windows RDP<\/strong><\/td>\n | CVE-2020-0637<\/td>\n | Remote Desktop Web Access Information Disclosure Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Windows Subsystem for Linux<\/strong><\/td>\n | CVE-2020-0636<\/td>\n | Windows Subsystem for Linux Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n | Windows Update Stack<\/strong><\/td>\n | CVE-2020-0638<\/td>\n | Update Notification Manager Elevation of Privilege Vulnerability<\/td>\n | Important<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n | <\/p>\n Recommended Mitigation Measures<\/strong><\/h2>\nThe following tables list the affected software details for the vulnerability.<\/p>\n
|