Today’s VERT Alert addresses Microsoft’s November 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-915 on Wednesday, November 11th. Note: Microsoft has changed their advisory format and no longer provides basic vulnerability descriptions.
In-The-Wild & Disclosed CVEs
CVE-2020-17087
This CVE describes a local elevation of privilege vulnerability in the Windows Kernel Cryptography Driver (cng.sys) that is seeing active exploitation in the wild. The vulnerability was reported to Microsoft by Google Project Zero and was publicly disclosed ahead of the patch release due to the active exploitation. Microsoft has rated this as Exploitation Detected on the latest software release on the Exploitability Index.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.
| Tag | CVE Count | CVEs |
| Windows Defender | 1 | CVE-2020-17090 |
| Microsoft Windows Codecs Library | 14 | CVE-2020-17078, CVE-2020-17079, CVE-2020-17101, CVE-2020-17102, CVE-2020-17105, CVE-2020-17106, CVE-2020-17107, CVE-2020-17108, CVE-2020-17109, CVE-2020-17110, CVE-2020-17113, CVE-2020-17081, CVE-2020-17082, CVE-2020-17086 |
| Windows Update Stack | 7 | CVE-2020-17070, CVE-2020-17071, CVE-2020-17073, CVE-2020-17074, CVE-2020-17075, CVE-2020-17076, CVE-2020-17077 |
| Windows NDIS | 1 | CVE-2020-17069 |
| Azure Sphere | 15 | CVE-2020-16970, CVE-2020-16981, CVE-2020-16982, CVE-2020-16983, CVE-2020-16984, CVE-2020-16985, CVE-2020-16986, CVE-2020-16987, CVE-2020-16988, CVE-2020-16989, CVE-2020-16990, CVE-2020-16991, CVE-2020-16992, CVE-2020-16993, CVE-2020-16994 |
| Windows WalletService | 2 | CVE-2020-16999, CVE-2020-17037 |
| Visual Studio | 2 | CVE-2020-17100, CVE-2020-17104 |
| Microsoft Teams | 1 | CVE-2020-17091 |
| Microsoft Windows | 34 | CVE-2020-16997, CVE-2020-17000, CVE-2020-17001, CVE-2020-17055, CVE-2020-17056, CVE-2020-17057, CVE-2020-1599, CVE-2020-17007, CVE-2020-17010, CVE-2020-17011, CVE-2020-17012, CVE-2020-17013, CVE-2020-17014, CVE-2020-17024, CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17030, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17036, CVE-2020-17040, CVE-2020-17041, CVE-2020-17042, CVE-2020-17043, CVE-2020-17044, CVE-2020-17045, CVE-2020-17046, CVE-2020-17047, CVE-2020-17049, CVE-2020-17051 |
| Microsoft Graphics Component | 5 | CVE-2020-16998, CVE-2020-17004, CVE-2020-17068, CVE-2020-17029, CVE-2020-17038 |
| Microsoft Browsers | 1 | CVE-2020-17058 |
| Common Log File System Driver | 1 | CVE-2020-17088 |
| Windows Kernel | 2 | CVE-2020-17087, CVE-2020-17035 |
| Azure DevOps | 1 | CVE-2020-1325 |
| Microsoft Exchange Server | 3 | CVE-2020-17083, CVE-2020-17084, CVE-2020-17085 |
| Microsoft Dynamics | 4 | CVE-2020-17005, CVE-2020-17006, CVE-2020-17018, CVE-2020-17021 |
| Microsoft Office | 8 | CVE-2020-17019, CVE-2020-17020, CVE-2020-17062, CVE-2020-17063, CVE-2020-17064, CVE-2020-17065, CVE-2020-17066, CVE-2020-17067 |
| Microsoft Scripting Engine | 4 | CVE-2020-17048, CVE-2020-17052, CVE-2020-17053, CVE-2020-17054 |
| Microsoft Office SharePoint | 6 | CVE-2020-16979, CVE-2020-17015, CVE-2020-17016, CVE-2020-17017, CVE-2020-17060, CVE-2020-17061 |
Other Information No additional advisories were included in the November Security Guidance.
