Today’s VERT Alert addresses Microsoft’s October 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-909 on Wednesday, October 14th.
In-The-Wild & Disclosed CVEs (October 2020 Patch Tuesday Analysis)
CVE-2020-16938
This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose information. Specifically, the vulnerability would allow read access to kernel space memory from a user mode process. Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.
CVE-2020-16885
A vulnerability exists in the Windows Storage VSP Driver that would allow a local attacker with the ability to execute code to elevate their privileges via a flaw in the driver’s handling of file operations. Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.
CVE-2020-16901
This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose information. Specifically, the vulnerability would allow read access to kernel space memory from a user mode process. Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.
CVE-2020-16908
A flaw in Windows Setup’s handling of directories could allow an authenticated attacker to execute code with SYSTEM privileges. There are no patches for this vulnerability as it only exists within the software that Microsoft releases to upgrade a system. According to Microsoft all feature update bundles have been refreshed with patched binaries and the flaw no longer exists. Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.
CVE-2020-16909
A vulnerability in Windows Error Reporting could allow a local attacker to gain elevated levels of access to sensitive information and system functionality via a flaw in the Windows Error Reporting’s handling and execution of files. Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.
CVE-2020-16937
A vulnerability in the .NET Framework could allow an attacker to read memory due to an error in how the .NET Framework handles objects in memory. More specifically, an attacker could view memory layout allowing them to predict memory addressing. Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.
| Tag | CVE Count | CVEs |
| Microsoft Windows Codecs Library | 2 | CVE-2020-16967, CVE-2020-16968 |
| Microsoft Dynamics | 3 | CVE-2020-16943, CVE-2020-16956, CVE-2020-16978 |
| Windows Hyper-V | 3 | CVE-2020-16891, CVE-2020-16894, CVE-2020-1243 |
| Group Policy | 1 | CVE-2020-16939 |
| Microsoft NTFS | 1 | CVE-2020-16938 |
| Windows Error Reporting | 1 | CVE-2020-16905 |
| Windows RDP | 3 | CVE-2020-16863, CVE-2020-16896, CVE-2020-16927 |
| .NET Framework | 1 | CVE-2020-16937 |
| Microsoft Graphics Component | 4 | CVE-2020-16923, CVE-2020-1167, CVE-2020-16911, CVE-2020-16914 |
| Windows COM | 1 | CVE-2020-16916 |
| PowerShellGet | 1 | CVE-2020-16886 |
| Azure | 2 | CVE-2020-16904, CVE-2020-16995 |
| Windows Installer | 1 | CVE-2020-16902 |
| Visual Studio | 1 | CVE-2020-16977 |
| Windows Kernel | 5 | CVE-2020-16889, CVE-2020-16892, CVE-2020-1047, CVE-2020-16910, CVE-2020-16913 |
| Windows Secure Kernel Mode | 1 | CVE-2020-16890 |
| Microsoft Exchange Server | 1 | CVE-2020-16969 |
| Microsoft Office | 14 | CVE-2020-16918, CVE-2020-16928, CVE-2020-16929, CVE-2020-16930, CVE-2020-16931, CVE-2020-16932, CVE-2020-16933, CVE-2020-16934, CVE-2020-16954, CVE-2020-17003, CVE-2020-16947, CVE-2020-16949, CVE-2020-16955, CVE-2020-16957 |
| Microsoft Windows | 30 | CVE-2020-16876, CVE-2020-16877, CVE-2020-16895, CVE-2020-16897, CVE-2020-16919, CVE-2020-16920, CVE-2020-16921, CVE-2020-16922, CVE-2020-16924, CVE-2020-16935, CVE-2020-16976, CVE-2020-0764, CVE-2020-1080, CVE-2020-16885, CVE-2020-16887, CVE-2020-16898, CVE-2020-16899, CVE-2020-16900, CVE-2020-16901, CVE-2020-16907, CVE-2020-16908, CVE-2020-16909, CVE-2020-16912, CVE-2020-16936, CVE-2020-16940, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16980 |
| Microsoft Office SharePoint | 10 | CVE-2020-16941, CVE-2020-16942, CVE-2020-16948, CVE-2020-16953, CVE-2020-16944, CVE-2020-16945, CVE-2020-16946, CVE-2020-16950, CVE-2020-16951, CVE-2020-16952 |
| Windows Media Player | 1 | CVE-2020-16915 |
Other Information In addition to the Microsoft vulnerabilities included in the October Security Guidance, an advisory was released today.
October 2020 Adobe Flash Security Update [ADV200012]
Microsoft has released an advisory for Adobe Security Bulletin APSB20-58. This advisory contains updates for CVE-2020-9746. To learn more about Tripwire VERT, click here.
