Microsoft выпустил сентябрьское обновление исправляющее 129 уязвимостей
В Microsoft уже давно существует традиция – “вторник патчей”. Это когда по вторникам в начале месяца Мелкомягкий гигант выпускает обновления своих продуктов. К сожалению из месяца в месяц заплаток меньше не становится. В этот раз Microsoft выпустил патч закрывающий целых 129 дыр. Однако в отличии от предидущих месяцев, ни одна из уязвимостей, исправляемых в сентябре, не была ранее заявлена публично и не находилась под активной атакой на момент выпуска обновлений. По крайней мере, так заявляют в Microsoft.
Давайте разбираться что именно “латали” в Microsoft.
Из 129 багов, затрагивающих такие продукты компании как Microsoft Windows, браузер Edge, Internet Explorer, ChakraCore, SQL Server, Exchange Server, Office, ASP.NET, OneDrive, Azure DevOps, Visual Studio и Microsoft Dynamics, 23 названы критическими, 105 – важными и один – средней степени серьезности.
Стоит отметить баг CVE-2020-16875 в Microsoft Exchange. Отправив специально созданное письмо на уязвимый сервер Exchange, злоумышленник может выполнить произвольный код с привилегиями SYSTEM.
“В Microsoft Exchange есть RCE уязвимость, так как Exchange не обрабатывает должным образом объекты в памяти”, – объясняет Microsoft. “В случае успешной атаки злоумышленник может установить программы, просмотреть, изменить или удалить данные или создать новые учетные записи”. Круто. Особенно учитывая “любовь” некоторых админов обновлять Exchange. Ждём эксплоит.
Ещё 2 критические уязвимости были обнаружены в Microsoft Windows Codecs Library, обе связаны с тем как библиотека кодеков обрабатывает объекты в памяти. CVE-2020-1129 может быть использована для сбора информации о системе, а вот с помощью CVE-2020-1319 уже можно захватить контроль над скомпрометиованной системой.
Microsoft также исправила шесть критических уязвимостей RCE в SharePoint и одну в SharePoint Server. Хотя для эксплуатации уязвимости в SharePoint Server требуется аутентификация, другие уязвимости SharePoint её не требуют.
Другие критические уязвимости, исправленные MS в этом месяце, связаны с Windows, аудиодекодером Windows Media, модулем Windows Text Service, пакетом кодеков камеры Windows, Visual Studio, механизмом Scripting Engine, Microsoft COM, браузероми интерфейсом графических устройств (GDI).Внушительный список. Радует только то, что в широком доступе эксплоитов на эти уязвимости не было.
Что ещё?
CVE-2020-1285 | GDI+ Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-0878 | Microsoft Browser Memory Corruption Vulnerability | Critical | RCE |
CVE-2020-0922 | Microsoft COM for Windows Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-16862 | Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-16857 | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-16875 | Microsoft Exchange Memory Corruption Vulnerability | Critical | RCE |
CVE-2020-1200 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1210 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1452 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1453 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1576 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1595 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1460 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1129 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1319 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1057 | Scripting Engine Memory Corruption Vulnerability | Critical | RCE |
CVE-2020-1172 | Scripting Engine Memory Corruption Vulnerability | Critical | RCE |
CVE-2020-16874 | Visual Studio Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-0997 | Windows Camera Codec Pack Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1508 | Windows Media Audio Decoder Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1593 | Windows Media Audio Decoder Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-1252 | Windows Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-0908 | Windows Text Service Module Remote Code Execution Vulnerability | Critical | RCE |
CVE-2020-0664 | Active Directory Information Disclosure Vulnerability | Important | Info |
CVE-2020-0856 | Active Directory Information Disclosure Vulnerability | Important | Info |
CVE-2020-0718 | Active Directory Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-0761 | Active Directory Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-0837 | ADFS Spoofing Vulnerability | Important | Spoofing |
CVE-2020-1590 | Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1130 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1133 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1053 | DirectX Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1308 | DirectX Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1013 | Group Policy Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-16884 | Internet Explorer Browser Helper Object (BHO) Memory Corruption Vulnerability | Important | RCE |
CVE-2020-1039 | Jet Database Engine Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-1074 | Jet Database Engine Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-1045 | Microsoft ASP.NET Core Security Feature Bypass Vulnerability | Important | SFB |
CVE-2020-1507 | Microsoft COM for Windows Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-16858 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | XSS |
CVE-2020-16859 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | XSS |
CVE-2020-16861 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | XSS |
CVE-2020-16864 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | XSS |
CVE-2020-16871 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | XSS |
CVE-2020-16872 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | XSS |
CVE-2020-16878 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | XSS |
CVE-2020-16860 | Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-1224 | Microsoft Excel Information Disclosure Vulnerability | Important | Info |
CVE-2020-1193 | Microsoft Excel Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-1332 | Microsoft Excel Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-1335 | Microsoft Excel Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-1594 | Microsoft Excel Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-0921 | Microsoft Graphics Component Information Disclosure Vulnerability | Important | Info |
CVE-2020-1083 | Microsoft Graphics Component Information Disclosure Vulnerability | Important | Info |
CVE-2020-16855 | Microsoft Office Information Disclosure Vulnerability | Important | Info |
CVE-2020-1198 | Microsoft Office SharePoint XSS Vulnerability | Important | XSS |
CVE-2020-1227 | Microsoft Office SharePoint XSS Vulnerability | Important | XSS |
CVE-2020-1345 | Microsoft Office SharePoint XSS Vulnerability | Important | XSS |
CVE-2020-1482 | Microsoft Office SharePoint XSS Vulnerability | Important | XSS |
CVE-2020-1514 | Microsoft Office SharePoint XSS Vulnerability | Important | XSS |
CVE-2020-1575 | Microsoft Office SharePoint XSS Vulnerability | Important | XSS |
CVE-2020-1440 | Microsoft SharePoint Server Tampering Vulnerability | Important | Tampering |
CVE-2020-1523 | Microsoft SharePoint Server Tampering Vulnerability | Important | Tampering |
CVE-2020-1205 | Microsoft SharePoint Spoofing Vulnerability | Important | Spoofing |
CVE-2020-0790 | Microsoft splwow64 Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-0875 | Microsoft splwow64 Information Disclosure Vulnerability | Important | Info |
CVE-2020-0766 | Microsoft Store Runtime Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1146 | Microsoft Store Runtime Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1218 | Microsoft Word Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-1338 | Microsoft Word Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-0838 | NTFS Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-16851 | OneDrive for Windows Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-16852 | OneDrive for Windows Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-16853 | OneDrive for Windows Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-16879 | Projected Filesystem Information Disclosure Vulnerability | Important | Info |
CVE-2020-0805 | Projected Filesystem Security Feature Bypass Vulnerability | Important | SFB |
CVE-2020-1180 | Scripting Engine Memory Corruption Vulnerability | Important | RCE |
CVE-2020-0870 | Shell infrastructure component Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1596 | TLS Information Disclosure Vulnerability | Important | Info |
CVE-2020-16881 | Visual Studio JSON Remote Code Execution | Important | RCE |
CVE-2020-16856 | Visual Studio Remote Code Execution Vulnerability | Important | RCE |
CVE-2020-1245 | Win32k Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-0941 | Win32k Information Disclosure Vulnerability | Important | Info |
CVE-2020-1250 | Win32k Information Disclosure Vulnerability | Important | Info |
CVE-2020-1471 | Windows CloudExperienceHost Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1115 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-0782 | Windows Cryptographic Catalog Services Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-0951 | Windows Defender Application Control Security Feature Bypass Vulnerability | Important | SFB |
CVE-2020-1031 | Windows DHCP Server Information Disclosure Vulnerability | Important | Info |
CVE-2020-0836 | Windows DNS Denial of Service Vulnerability | Important | DoS |
CVE-2020-1228 | Windows DNS Denial of Service Vulnerability | Important | DoS |
CVE-2020-0839 | Windows dnsrslvr.dll Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1052 | Windows Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1159 | Windows Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1376 | Windows Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1491 | Windows Function Discovery Service Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-0912 | Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1256 | Windows GDI Information Disclosure Vulnerability | Important | Info |
CVE-2020-0998 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1091 | Windows Graphics Component Information Disclosure Vulnerability | Important | Info |
CVE-2020-1097 | Windows Graphics Component Information Disclosure Vulnerability | Important | Info |
CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability | Important | DoS |
CVE-2020-0904 | Windows Hyper-V Denial of Service Vulnerability | Important | DoS |
CVE-2020-1119 | Windows Information Disclosure Vulnerability | Important | Info |
CVE-2020-1532 | Windows InstallService Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1034 | Windows Kernel Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-0928 | Windows Kernel Information Disclosure Vulnerability | Important | Info |
CVE-2020-1033 | Windows Kernel Information Disclosure Vulnerability | Important | Info |
CVE-2020-1589 | Windows Kernel Information Disclosure Vulnerability | Important | Info |
CVE-2020-1592 | Windows Kernel Information Disclosure Vulnerability | Important | Info |
CVE-2020-16854 | Windows Kernel Information Disclosure Vulnerability | Important | Info |
CVE-2020-1122 | Windows Language Pack Installer Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-0989 | Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability | Important | Info |
CVE-2020-0911 | Windows Modules Installer Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1030 | Windows Print Spooler Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1038 | Windows Routing Utilities Denial of Service | Important | DoS |
CVE-2020-0648 | Windows RSoP Service Application Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1169 | Windows Runtime Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1303 | Windows Runtime Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1098 | Windows Shell Infrastructure Component Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1012 | Windows Start-Up Application Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1506 | Windows Start-Up Application Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-0914 | Windows State Repository Service Information Disclosure Vulnerability | Important | Info |
CVE-2020-0886 | Windows Storage Services Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1559 | Windows Storage Services Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1598 | Windows UPnP Service Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-1152 | Windows Win32k Elevation of Privilege Vulnerability | Important | EoP |
CVE-2020-16873 | Xamarin.Forms Spoofing Vulnerability | Important | Spoofing |
CVE-2020-1044 | SQL Server Reporting Services Security Feature Bypass Vulnerability |
Не забываем обновляться