Patch Tuesday, August 2020
August's Patch Tuesday is here with 120 CVEs patched. That includes 100 rated as "Important" and 20 rated as "Critical". The bulk of the "Critical" list is made up of various media libraries and codecs where a Remote Code Execution vulnerability can be exploited simply by opening or playing a maliciously generated image, video, or sound file. You'll also find an RCE vulnerability patched in .NET and a Privilege Escalation vulnerability patched in NetLogon.
The long list of vulnerabilities rated as "Important" is mainly a list of Privilege Escalation issues across a variety of software packages including the Office suite, Jet Database, .NET, Sharepoint, the Windows Backup engine and others.
Two of these vulnerabilities, CVE-2020-1380, and CVE-2020-1464, have been publicly exploited. CVE-2020-1464 is a Spoofing vulnerability that affects how Windows identifies digitally signed files. An attacker could potentially bypass the signature verification process in order to execute unauthorized code. CVE-2020-1380 is a Remote Code Execution vulnerability in the Windows Scripting Engine.
With two of these vulnerabilities already being exploited, make sure you patch asap.
Critical
.NET Framework Remote Code Execution Vulnerability
CVE-2020-1046
Remote Code Execution
Media Foundation Memory Corruption Vulnerability
CVE-2020-1379, CVE-2020-1477, CVE-2020-1492, CVE-2020-1525, CVE-2020-1554
Remote Code Execution
Microsoft Edge PDF Remote Code Execution Vulnerability
CVE-2020-1568
Remote Code Execution
Microsoft Outlook Memory Corruption Vulnerability
CVE-2020-1483
Remote Code Execution
Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2020-1560, CVE-2020-1574, CVE-2020-1585
Remote Code Execution
MSHTML Engine Remote Code Execution Vulnerability
CVE-2020-1567
Remote Code Execution
NetLogon Elevation of Privilege Vulnerability
CVE-2020-1472
Elevation of Privilege
Scripting Engine Memory Corruption Vulnerability
CVE-2020-1380, CVE-2020-1555, CVE-2020-1570
Remote Code Execution
Windows Media Remote Code Execution Vulnerability
CVE-2020-1339
Remote Code Execution
Important
ASP.NET and .NET Elevation of Privilege Vulnerability
CVE-2020-1476
Elevation of Privilege
ASP.NET Core Denial of Service Vulnerability
CVE-2020-1597
Denial of Service
Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-1511
Elevation of Privilege
DirectWrite Information Disclosure Vulnerability
CVE-2020-1577
Information Disclosure
DirectX Elevation of Privilege Vulnerability
CVE-2020-1479
Elevation of Privilege
Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-1473, CVE-2020-1557, CVE-2020-1558, CVE-2020-1564
Remote Code Execution
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2020-1509
Elevation of Privilege
Media Foundation Information Disclosure Vulnerability
CVE-2020-1487
Information Disclosure
Media Foundation Memory Corruption Vulnerability
CVE-2020-1478
Remote Code Execution
Microsoft Access Remote Code Execution Vulnerability
CVE-2020-1582
Remote Code Execution
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
CVE-2020-1591
Spoofing
Microsoft Edge Memory Corruption Vulnerability
CVE-2020-1569
Remote Code Execution
Microsoft Excel Information Disclosure Vulnerability
CVE-2020-1497
Information Disclosure
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-1494, CVE-2020-1495, CVE-2020-1496, CVE-2020-1498, CVE-2020-1504
Remote Code Execution
Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2020-1561, CVE-2020-1562
Remote Code Execution
Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
CVE-2020-1581
Elevation of Privilege
Microsoft Office Remote Code Execution Vulnerability
CVE-2020-1563
Remote Code Execution
Microsoft Office SharePoint XSS Vulnerability
CVE-2020-1580
Spoofing
Microsoft Outlook Information Disclosure Vulnerability
CVE-2020-1493
Information Disclosure
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2020-1505
Information Disclosure
Microsoft SharePoint Spoofing Vulnerability
CVE-2020-1499, CVE-2020-1500, CVE-2020-1501
Spoofing
Microsoft SQL Server Management Studio Denial of Service Vulnerability
CVE-2020-1455
Denial of Service
Microsoft Word Information Disclosure Vulnerability
CVE-2020-1502, CVE-2020-1503, CVE-2020-1583
Information Disclosure
Visual Studio Code Remote Code Execution Vulnerability
CVE-2020-0604
Remote Code Execution
Win32k Information Disclosure Vulnerability
CVE-2020-1510
Information Disclosure
Windows 10 Update Assistant Elevation of Privilege Vulnerability
CVE-2020-1571
Elevation of Privilege
Windows Accounts Control Elevation of Privilege Vulnerability
CVE-2020-1531
Elevation of Privilege
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2020-1587
Elevation of Privilege
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVE-2020-1488
Elevation of Privilege
Windows ARM Information Disclosure Vulnerability
CVE-2020-1459
Information Disclosure
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-1535, CVE-2020-1536, CVE-2020-1539, CVE-2020-1540, CVE-2020-1541, CVE-2020-1542, CVE-2020-1543, CVE-2020-1544, CVE-2020-1545, CVE-2020-1546, CVE-2020-1547, CVE-2020-1551, CVE-2020-1534
Elevation of Privilege
Windows CDP User Components Elevation of Privilege Vulnerability
CVE-2020-1549, CVE-2020-1550
Elevation of Privilege
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2020-1489, CVE-2020-1513
Elevation of Privilege
Windows Custom Protocol Engine Elevation of Privilege Vulnerability
CVE-2020-1527
Elevation of Privilege
Windows dnsrslvr.dll Elevation of Privilege Vulnerability
CVE-2020-1584
Elevation of Privilege
Windows Elevation of Privilege Vulnerability
CVE-2020-1565
Elevation of Privilege
Windows File Server Resource Management Service Elevation of Privilege Vulnerability
CVE-2020-1517, CVE-2020-1518
Elevation of Privilege
Windows Font Driver Host Remote Code Execution Vulnerability
CVE-2020-1520
Remote Code Execution
Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability
CVE-2020-1579
Elevation of Privilege
Windows GDI Elevation of Privilege Vulnerability
CVE-2020-1480, CVE-2020-1529
Elevation of Privilege
Windows Hard Link Elevation of Privilege Vulnerability
CVE-2020-1467
Elevation of Privilege
Windows Image Acquisition Service Information Disclosure Vulnerability
CVE-2020-1474, CVE-2020-1485
Information Disclosure
Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1417, CVE-2020-1486, CVE-2020-1566
Elevation of Privilege
Windows Kernel Information Disclosure Vulnerability
CVE-2020-1578
Information Disclosure
Windows Network Connection Broker Elevation of Privilege Vulnerability
CVE-2020-1526
Elevation of Privilege
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-1337
Spoofing
Windows Radio Manager API Elevation of Privilege Vulnerability
CVE-2020-1528
Elevation of Privilege
Windows Registry Elevation of Privilege Vulnerability
CVE-2020-1377, CVE-2020-1378
Elevation of Privilege
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-1530, CVE-2020-1537
Elevation of Privilege
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVE-2020-1466
Denial of Service
Windows RRAS Service Information Disclosure Vulnerability
CVE-2020-1383
Information Disclosure
Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1553
Elevation of Privilege
Windows Server Resource Management Service Elevation of Privilege Vulnerability
CVE-2020-1475
Elevation of Privilege
Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2020-1521, CVE-2020-1522
Elevation of Privilege
Windows Speech Shell Components Elevation of Privilege Vulnerability
CVE-2020-1524
Elevation of Privilege
Windows Spoofing Vulnerability
CVE-2020-1464
Spoofing
Windows State Repository Service Information Disclosure Vulnerability
CVE-2020-1512
Information Disclosure
Windows Storage Service Elevation of Privilege Vulnerability
CVE-2020-1490
Elevation of Privilege
Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2020-1515
Elevation of Privilege
Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2020-1519, CVE-2020-1538
Elevation of Privilege
Windows WaasMedic Service Information Disclosure Vulnerability
CVE-2020-1548
Information Disclosure
Windows WalletService Elevation of Privilege Vulnerability
CVE-2020-1533, CVE-2020-1556
Elevation of Privilege
Windows Work Folderw Service Elevation of Privilege Vulnerability
CVE-2020-1552, CVE-2020-1470, CVE-2020-1484, CVE-2020-1516
Elevation of Privilege
Microsoft Office SharePoint XSS Vulnerability
CVE-2020-1573
Spoofing
About the Author
Karl Sigler is Security Research Manager, SpiderLabs Threat Intelligence at Trustwave. Karl is a 20- year infosec veteran responsible for research and analysis of current vulnerabilities, malware and threat trends at Trustwave. Follow Karl on LinkedIn.
ABOUT TRUSTWAVE
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.