VERT Threat Alert: January 2020 Patch Tuesday Analysis

VERT Threat Alert: June 2022 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s January 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-866 on Wednesday, January 15th.

In-The-Wild & Disclosed CVEs

CVE-2020-0601

While there are no in-the-wild and disclosed CVEs in the January patch drop, there is a lot of discussion around CVE-2020-0601. The vulnerability allows for Elliptic Curve Cryptography (ECC) spoofing due to the way these certificates are validated. This vulnerability was reported to Microsoft by the NSA and rumors in various publications indicate that certain government agencies and enterprises were given advance notice of this vulnerability. Microsoft has rated this as a 1 (Exploitation More Likely) on the latest software release on the Exploitability Index.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

Tag	CVE Count	CVEs
Windows Update Stack	1	CVE-2020-0638
Windows Hyper-V	1	CVE-2020-0617
Windows Subsystem for Linux	1	CVE-2020-0636
ASP.NET	2	CVE-2020-0602, CVE-2020-0603
Microsoft Windows	8	CVE-2020-0601, CVE-2020-0608, CVE-2020-0616, CVE-2020-0620, CVE-2020-0621, CVE-2020-0624, CVE-2020-0635, CVE-2020-0644
Apps	1	CVE-2020-0654
.NET Framework	3	CVE-2020-0605, CVE-2020-0606, CVE-2020-0646
Microsoft Graphics Component	4	CVE-2020-0607, CVE-2020-0622, CVE-2020-0642, CVE-2020-0643
Microsoft Scripting Engine	1	CVE-2020-0640
Common Log File System Driver	3	CVE-2020-0615, CVE-2020-0639, CVE-2020-0634
Microsoft Dynamics	1	CVE-2020-0656
Windows Media	1	CVE-2020-0641
Microsoft Windows Search Component	12	CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633
Microsoft Office	5	CVE-2020-0647, CVE-2020-0650, CVE-2020-0651, CVE-2020-0652, CVE-2020-0653
Windows RDP	5	CVE-2020-0609, CVE-2020-0610, CVE-2020-0611, CVE-2020-0612, CVE-2020-0637

Other Information

There were no new advisories released today. However, it is worth mentioning that today marks the final day of support for Windows 7, Windows Server 2008, and Windows Server 2008 R2. These platforms are now considered end of life and out of support.

Tyler Reguly

Senior Manager, Security R&D

View Profile

In-The-Wild & Disclosed CVEs

CVE Breakdown by Tag

Tag

CVE Count

CVEs

Windows Update Stack

1

CVE-2020-0638

Windows Hyper-V

1

CVE-2020-0617

Windows Subsystem for Linux

1

CVE-2020-0636

ASP.NET

2

CVE-2020-0602, CVE-2020-0603

Microsoft Windows

8

CVE-2020-0601, CVE-2020-0608, CVE-2020-0616, CVE-2020-0620, CVE-2020-0621, CVE-2020-0624, CVE-2020-0635, CVE-2020-0644

Apps

1

CVE-2020-0654

.NET Framework

3

CVE-2020-0605, CVE-2020-0606, CVE-2020-0646

Microsoft Graphics Component

4

CVE-2020-0607, CVE-2020-0622, CVE-2020-0642, CVE-2020-0643

Microsoft Scripting Engine

1

CVE-2020-0640

Common Log File System Driver

3

CVE-2020-0615, CVE-2020-0639, CVE-2020-0634

Microsoft Dynamics

1

CVE-2020-0656

Windows Media

1

CVE-2020-0641

Microsoft Windows Search Component

12

CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633

Microsoft Office

5

CVE-2020-0647, CVE-2020-0650, CVE-2020-0651, CVE-2020-0652, CVE-2020-0653

Windows RDP

5

CVE-2020-0609, CVE-2020-0610, CVE-2020-0611, CVE-2020-0612, CVE-2020-0637

Other Information