SpiderLabs Blog

Patch Tuesday February 2020

Written by Karl Sigler | Feb 11, 2020 11:40:00 AM

February's Patch Tuesday is here and brings with it patches for 98 CVEs. These are split between 13 CVEs rated as "Critical" and 85 CVEs rated as "Important." Among the "Critical" patches, Remote Code Execution (RCE) vulnerabilities in the Scripting Engine make up more than half of the list. It's a regular piece of software patched pretty much every Patch Tuesday. Still, extra attention is currently on the Scripting Engine after a zero-day exploit (CVE-2020-0674) was discovered compromising systems just after January's Patch Tuesday. Closing out the "Critical" list are RCE vulnerabilities in Remote Desktop, Media Foundation, and LNK shortcuts.

The theme of the vulnerabilities in the list ranked as "Important" is "Privilege Escalation," with that class of vulnerability representing a full 53 out 85 patched. Privilege escalation vulnerabilities are a cornerstone of system exploitation. It allows an attacker to go from using just a regular "Joe User" account to full system ownership, potentially gaining administrative access to the entire network. Also included under "Important" are Remote Code Execution vulnerabilities in the Office Suite, MS Exchange, and MS-SQL server, as well as Denial of Service vulnerabilities in Windows Hyper-V.

Luckily, none of these vulnerabilities have any in the wild exploitation, so administrators have plenty of time to get the proper patches in place before there is public exploitation. So let's get patching and, as always, stay safe out there!

 

Critical

LNK Remote Code Execution Vulnerability
CVE-2020-0729
Remote Code Execution

Media Foundation Memory Corruption Vulnerability
CVE-2020-0738
Remote Code Execution

Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0681, CVE-2020-0734
Remote Code Execution

Scripting Engine Memory Corruption Vulnerability
CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767
Remote Code Execution

Windows Remote Code Execution Vulnerability
CVE-2020-0662
Remote Code Execution

February 2020 Adobe Flash Security Update
ADV200003
Remote Code Execution

 

Important

Active Directory Elevation of Privilege Vulnerability
CVE-2020-0665
Elevation of Privilege

Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749, CVE-2020-0750
Elevation of Privilege

Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-0727
Elevation of Privilege

DirectX Elevation of Privilege Vulnerability
CVE-2020-0709, CVE-2020-0732
Elevation of Privilege

DirectX Information Disclosure Vulnerability
CVE-2020-0714
Information Disclosure

Microsoft Browser Information Disclosure Vulnerability
CVE-2020-0706
Information Disclosure

Microsoft Edge Elevation of Privilege Vulnerability
CVE-2020-0663
Elevation of Privilege

Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-0759
Remote Code Execution

Microsoft Exchange Memory Corruption Vulnerability
CVE-2020-0688
Remote Code Execution

Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2020-0692
Elevation of Privilege

Microsoft Graphics Components Information Disclosure Vulnerability
CVE-2020-0746
Information Disclosure

Microsoft Office Online Server Spoofing Vulnerability
CVE-2020-0695
Spoofing

Microsoft Office SharePoint XSS Vulnerability
CVE-2020-0694
Spoofing

Microsoft Office Tampering Vulnerability
CVE-2020-0697
Tampering

Microsoft Outlook Security Feature Bypass Vulnerability
CVE-2020-0696
Security Feature Bypass

Microsoft Secure Boot Security Feature Bypass Vulnerability
CVE-2020-0689
Security Feature Bypass

Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
CVE-2020-0618
Remote Code Execution

Remote Desktop Services Remote Code Execution Vulnerability
CVE-2020-0655
Remote Code Execution

Win32k Elevation of Privilege Vulnerability
CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731
Elevation of Privilege

Win32k Information Disclosure Vulnerability
CVE-2020-0716, CVE-2020-0717
Information Disclosure

Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-0703
Elevation of Privilege

Windows Client License Service Elevation of Privilege Vulnerability
CVE-2020-0701
Elevation of Privilege

Windows COM Server Elevation of Privilege Vulnerability
CVE-2020-0685
Elevation of Privilege

Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-0657
Elevation of Privilege

Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2020-0658
Information Disclosure

Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2020-0659, CVE-2020-0747
Elevation of Privilege

Windows Elevation of Privilege Vulnerability
CVE-2020-0737, CVE-2020-0739
Elevation of Privilege

Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-0753, CVE-2020-0754
Elevation of Privilege

Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2020-0678
Elevation of Privilege

Windows Function Discovery Service Elevation of Privilege Vulnerability
CVE-2020-0679, CVE-2020-0680, CVE-2020-0682
Elevation of Privilege

Windows GDI Information Disclosure Vulnerability
CVE-2020-0744
Information Disclosure

Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-0715, CVE-2020-0745, CVE-2020-0792
Elevation of Privilege

Windows Hyper-V Denial of Service Vulnerability
CVE-2020-0661, CVE-2020-0751
Denial of Service

Windows Imaging Library Remote Code Execution Vulnerability
CVE-2020-0708
Remote Code Execution

Windows IME Elevation of Privilege Vulnerability
CVE-2020-0707
Elevation of Privilege

Windows Information Disclosure Vulnerability
CVE-2020-0698
Information Disclosure

Windows Installer Elevation of Privilege Vulnerability
CVE-2020-0683, CVE-2020-0686
Elevation of Privilege

Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0668, CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672
Elevation of Privilege

Windows Kernel Information Disclosure Vulnerability
CVE-2020-0736
Information Disclosure

Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755, CVE-2020-0756
Information Disclosure

Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
CVE-2020-0733
Elevation of Privilege

Windows Modules Installer Service Information Disclosure Vulnerability
CVE-2020-0728
Information Disclosure

Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability
CVE-2020-0705
Information Disclosure

Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
CVE-2020-0660
Denial of Service

Windows Search Indexer Elevation of Privilege Vulnerability
CVE-2020-0666, CVE-2020-0667, CVE-2020-0735, CVE-2020-0752
Elevation of Privilege

Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2020-0730
Elevation of Privilege

Windows Wireless Network Manager Elevation of Privilege Vulnerability
CVE-2020-0704
Elevation of Privilege

Microsoft Office SharePoint XSS Vulnerability
CVE-2020-0693
Spoofing

Surface Hub Security Feature Bypass Vulnerability
CVE-2020-0702
Security Feature Bypass