This patch Tuesday contains 129 fixes, including 20 critical fixes for remote code execution, which allows unauthorised access to a system with this type of vulnerability. This is an increase from 17 critical vulnerabilities in the August patch Tuesday rollup. More than 5 fixes require follow up actions to ensure security.
Organisations are highly encouraged to apply these patches as soon as possible, while still following their patch verification and impact assessment method. The 20 critical CVEs in descending CVSS scores are:
| CVE | Vulnerability | CVSS | Description |
| CVE-2020-1210 | Microsoft Sharepoint Remote Code Execution Vulnerability | 9.9 | Allows an attacker to run arbitrary code due to the software failing to check the source markup of an application package. |
| CVE-2020-1595 | Microsoft Sharepoint Remote Code Execution Vulnerability | 9.9 | Allows an attacker to run arbitrary code due to the software failing to check the source markup of an application package. Requires that users access a susceptible API on an affected version of SharePoint with specially formatted input. |
| CVE-2020-1129 | Windows Codecs Library Remote Code Execution Vulnerability | 8.8 | Allows adversary to access information that can be used to further compromise the user’s system. |
| CVE-2020-1319 | Windows Codecs Library Remote Code Execution Vulnerability | 8.8 | Allows adversary to take control of the user’s system. |
| CVE-2020-0922 | Microsoft COM for Windows Remote Code Execution Vulnerability | 8.8 | Allows adversary to execute arbitrary code on the target system. |
| CVE-2020-1200 | Microsoft Sharepoint Remote Code Execution Vulnerability | 8.6 | Allows an attacker to run arbitrary code due to the software failing to check the source markup of an application package. |
| CVE-2020-1452 | Microsoft Sharepoint Remote Code Execution Vulnerability | 8.6 | Allows an attacker to run arbitrary code due to the software failing to check the source markup of an application package. |
| CVE-2020-1453 | Microsoft Sharepoint Remote Code Execution Vulnerability | 8.6 | Allows an attacker to run arbitrary code due to the software failing to check the source markup of an application package. |
| CVE-2020-1460 | Microsoft Sharepoint Remote Code Execution Vulnerability | 8.6 | Sharepoint fails to filter unsafe ASP.Net web controls, allowing hackers to perform actions in the security context of Sharepoint. |
| CVE-2020-1576 | Microsoft Sharepoint Remote Code Execution Vulnerability | 8.5 | Allows an attacker to run arbitrary code due to the software failing to check the source markup of an application package. |
| CVE-2020-16875 | Exchange Server Remote Code Execution Vulnerability | 8.4 | Attacker can run arbitrary code by sending a specially crafted email to a vulnerable server. |
| CVE-2020-1285 | GDI+ Remote Code Execution Vulnerability | 8.4 | Allows attacker to take control of the system, installing programs, changing/deleting data and creating new accounts. |
| CVE-2020-1252 | Windows Remote Code Execution Vulnerability | 7.8 | Requires some social engineering to trick user into running a specially crafted application. |
| CVE-2020-0997 | Windows Camera CODEC Pack Remote Code Execution Vulnerability | 7.8 | CODEC improperly handles objects. allowing attacker to take control of the system and/or install arbitrary programs or code. |
| CVE-2020-16862 | Visual Studio Remote Code Execution Vulnerability | 7.8 | Allows adversary to run arbitrary code in the context of the logged in user. |
| CVE-2020-1593 | Windows Media Audio Decoder Remote Code Execution Vulnerability | 7.6 | Decoder improperly handles objects, allowing attacker to take control of the system. |
| CVE-2020-1508 | Windows Media Audio Decoder Remote Code Execution Vulnerability | 7.6 | Convincing user to open a specially crafted document or website allows adversary to take control of the user’s system. |
| CVE-2020-0908 | Windows Text Service Module Remote Code Execution Vulnerability | 7.5 | Allows adversary to gain execution on a victim system. |
| CVE-2020-16857 | Microsoft Dynamics 365 for Finance and Operations Remote Code Execution Vulnerability | 7.1 | Allows adversary to gain remote code execution capabilities on the victim’s server. |
| CVE-2020-16853 | OneDrive for Windows Elevation of Privilege Vulnerability | 7.1 | Allows adversary to overwrite a file with an elevated status. |
If you need assistance with managing software or hardware updates, please contact Agilient to discuss.
Author: David Steele, Agilient Consultant