Patch Tuesday (September 2020): Microsoft Addresses 129 Vulnerabilities
32 have been classified as remote code execution (RCE) bugs. Make sure you patch your systems!
Last updated on June 22, 2022
Microsoft’s September 2020 Patch Tuesday brings along its traditional monthly updates, enabling network administrators to address the latest discovered security issues associated with the vendor’s products. Malicious hackers are notorious for following these security updates and leveraging the most dangerous software flaws in their attacks, so, in this article, I’ve summarized what potential threats the latest batch of updates will protect your organization from.
This month, the company has patched 129 vulnerabilities in 15 products, ranging from Microsoft Windows to ASP.NET, Microsoft OneDrive, or Azure DevOps. Out of these, 32 have been classified as remote code execution (RCE) bugs, which would allow cybercriminals to exploit the software remotely, regardless of where the endpoint would be located in the world. What’s more, of these 32, 20 have been rated as “critical”, the highest severity on the company’s scale.
Antivirus is no longer enough to keep an organization’s systems secure.
Heimdal® DNS Security Solution
Is our next gen proactive DNS-Layer security that stops unknown
threats before they reach your endpoints.
Machine learning powered scans for all incoming online traffic;
Stops data breaches before sensitive info can be exposed to the outside;
Advanced DNS, HTTP and HTTPS filtering for all your endpoints;
Protection against data leakage, APTs, ransomware and exploits;
Windows(CVE-2020-1252) – Microsoft warns its users that attackers who manage to exploit this vulnerability could execute arbitrary code and completely take control of the affected systems, being able to install programs, view, change, or delete data as they please, or even create new accounts with full user rights. These types of threats highlight the notion that admin rights can stir up trouble in your organization, so be careful how you manage them.
System admins waste 30% of their time manually managing user
rights or installations
Heimdal® Privileged Access
Is the automatic PAM solution that makes everything
Automate the elevation of admin rights on request;
Windows Graphics Device Interface (GDI) (CVE-2020-1285) – This vulnerability can be traced back to the faulty way in which the GDI handles objects in memory, potentially becoming the root cause for both web-based and file-sharing attack scenarios.
Microsoft Dynamics 365 for Finance and Operations (on-premises) (CVE-2020-16857, CVE-2020-16862) – In these instances, attackers could gain remote code execution via server-side script execution on the victims’ servers. Again, authenticated attackers with elevated privileges would benefit from this vulnerability.
Windows Media Audio Decoder (CVE-2020-1593, CVE-2020-1508) – An RCE vulnerability exists when Windows Media Audio Decoder incorrectly handles objects, which would allow cyber attackers to take control of the vulnerable systems – for instance, by convincing users to open an infected document or by luring them into visiting a malicious website.
Windows Text Service Module (CVE-2020-0908) – This is related to a vulnerability found in Microsoft Edge (Chromium-based), that attackers would be able to exploit by tricking users into visiting a compromised website.
Microsoft Windows Codecs Library (CVE-2020-1319, CVE-2020-1129) – As Visual Studio improperly handles objects in memory, attackers who leverage these vulnerabilities could be able to run arbitrary code as the affected users. The ones “whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights”, says Microsoft.
Visual Studio (CVE-2020-16874) – Yet another RCE vulnerability, this time found in Microsoft Windows Codecs library, would allow attackers to override the vulnerable systems and be able to take advantage of having full user rights.
None of these Microsoft software vulnerabilities have been spotted being exploited in the wild thus far, however, this is not a decisive factor when it comes to whether you should be patching your systems or not.
The process of patching should not be skipped or delayed. As you probably already know, various major attacks happened due to bad patching habits. Therefore, we strongly advise you to take every month’s patched vulnerabilities seriously and start planning your deployment as soon as possible. We also encourage you to review our patch management best practices and take a look at this piece on how you can create your own patch management policy.
Simple standalone security solutions are no longer enough.
Heimdal™ Patch & Asset Management is an Automated Patch Management and Software Deployment and Inventory tool that allows you to efficiently manage vulnerabilities. It is very easy to deploy and use and works anywhere in the world, so it’s a great addition for any organization, regardless of its size and its employees’ location.
Contact us today to learn more!
If you liked this post, you will enjoy our newsletter.
Get cybersecurity updates you'll actually want to read directly in your inbox.