Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
February's Patch Tuesday is here and brings with it patches for 98 CVEs. These are split between 13 CVEs rated as "Critical" and 85 CVEs rated as "Important." Among the "Critical" patches, Remote Code Execution (RCE) vulnerabilities in the Scripting Engine make up more than half of the list. It's a regular piece of software patched pretty much every Patch Tuesday. Still, extra attention is currently on the Scripting Engine after a zero-day exploit (CVE-2020-0674) was discovered compromising systems just after January's Patch Tuesday. Closing out the "Critical" list are RCE vulnerabilities in Remote Desktop, Media Foundation, and LNK shortcuts.
The theme of the vulnerabilities in the list ranked as "Important" is "Privilege Escalation," with that class of vulnerability representing a full 53 out 85 patched. Privilege escalation vulnerabilities are a cornerstone of system exploitation. It allows an attacker to go from using just a regular "Joe User" account to full system ownership, potentially gaining administrative access to the entire network. Also included under "Important" are Remote Code Execution vulnerabilities in the Office Suite, MS Exchange, and MS-SQL server, as well as Denial of Service vulnerabilities in Windows Hyper-V.
Luckily, none of these vulnerabilities have any in the wild exploitation, so administrators have plenty of time to get the proper patches in place before there is public exploitation. So let's get patching and, as always, stay safe out there!
Critical
LNK Remote Code Execution Vulnerability
CVE-2020-0729
Remote Code Execution
Media Foundation Memory Corruption Vulnerability
CVE-2020-0738
Remote Code Execution
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0681, CVE-2020-0734
Remote Code Execution
Scripting Engine Memory Corruption Vulnerability
CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767
Remote Code Execution
Windows Remote Code Execution Vulnerability
CVE-2020-0662
Remote Code Execution
February 2020 Adobe Flash Security Update
ADV200003
Remote Code Execution
Important
Active Directory Elevation of Privilege Vulnerability
CVE-2020-0665
Elevation of Privilege
Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749, CVE-2020-0750
Elevation of Privilege
Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-0727
Elevation of Privilege
DirectX Elevation of Privilege Vulnerability
CVE-2020-0709, CVE-2020-0732
Elevation of Privilege
DirectX Information Disclosure Vulnerability
CVE-2020-0714
Information Disclosure
Microsoft Browser Information Disclosure Vulnerability
CVE-2020-0706
Information Disclosure
Microsoft Edge Elevation of Privilege Vulnerability
CVE-2020-0663
Elevation of Privilege
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-0759
Remote Code Execution
Microsoft Exchange Memory Corruption Vulnerability
CVE-2020-0688
Remote Code Execution
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2020-0692
Elevation of Privilege
Microsoft Graphics Components Information Disclosure Vulnerability
CVE-2020-0746
Information Disclosure
Microsoft Office Online Server Spoofing Vulnerability
CVE-2020-0695
Spoofing
Microsoft Office SharePoint XSS Vulnerability
CVE-2020-0694
Spoofing
Microsoft Office Tampering Vulnerability
CVE-2020-0697
Tampering
Microsoft Outlook Security Feature Bypass Vulnerability
CVE-2020-0696
Security Feature Bypass
Microsoft Secure Boot Security Feature Bypass Vulnerability
CVE-2020-0689
Security Feature Bypass
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
CVE-2020-0618
Remote Code Execution
Remote Desktop Services Remote Code Execution Vulnerability
CVE-2020-0655
Remote Code Execution
Win32k Elevation of Privilege Vulnerability
CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731
Elevation of Privilege
Win32k Information Disclosure Vulnerability
CVE-2020-0716, CVE-2020-0717
Information Disclosure
Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-0703
Elevation of Privilege
Windows Client License Service Elevation of Privilege Vulnerability
CVE-2020-0701
Elevation of Privilege
Windows COM Server Elevation of Privilege Vulnerability
CVE-2020-0685
Elevation of Privilege
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-0657
Elevation of Privilege
Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2020-0658
Information Disclosure
Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2020-0659, CVE-2020-0747
Elevation of Privilege
Windows Elevation of Privilege Vulnerability
CVE-2020-0737, CVE-2020-0739
Elevation of Privilege
Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-0753, CVE-2020-0754
Elevation of Privilege
Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2020-0678
Elevation of Privilege
Windows Function Discovery Service Elevation of Privilege Vulnerability
CVE-2020-0679, CVE-2020-0680, CVE-2020-0682
Elevation of Privilege
Windows GDI Information Disclosure Vulnerability
CVE-2020-0744
Information Disclosure
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-0715, CVE-2020-0745, CVE-2020-0792
Elevation of Privilege
Windows Hyper-V Denial of Service Vulnerability
CVE-2020-0661, CVE-2020-0751
Denial of Service
Windows Imaging Library Remote Code Execution Vulnerability
CVE-2020-0708
Remote Code Execution
Windows IME Elevation of Privilege Vulnerability
CVE-2020-0707
Elevation of Privilege
Windows Information Disclosure Vulnerability
CVE-2020-0698
Information Disclosure
Windows Installer Elevation of Privilege Vulnerability
CVE-2020-0683, CVE-2020-0686
Elevation of Privilege
Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0668, CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672
Elevation of Privilege
Windows Kernel Information Disclosure Vulnerability
CVE-2020-0736
Information Disclosure
Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755, CVE-2020-0756
Information Disclosure
Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
CVE-2020-0733
Elevation of Privilege
Windows Modules Installer Service Information Disclosure Vulnerability
CVE-2020-0728
Information Disclosure
Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability
CVE-2020-0705
Information Disclosure
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
CVE-2020-0660
Denial of Service
Windows Search Indexer Elevation of Privilege Vulnerability
CVE-2020-0666, CVE-2020-0667, CVE-2020-0735, CVE-2020-0752
Elevation of Privilege
Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2020-0730
Elevation of Privilege
Windows Wireless Network Manager Elevation of Privilege Vulnerability
CVE-2020-0704
Elevation of Privilege
Microsoft Office SharePoint XSS Vulnerability
CVE-2020-0693
Spoofing
Surface Hub Security Feature Bypass Vulnerability
CVE-2020-0702
Security Feature Bypass
Karl Sigler is Security Research Manager, SpiderLabs Threat Intelligence at Trustwave. Karl is a 20- year infosec veteran responsible for research and analysis of current vulnerabilities, malware and threat trends at Trustwave. Follow Karl on LinkedIn.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.