Microsoft September 2020 Patch Tuesday

Published: 2020-09-08. Last Updated: 2020-09-08 17:54:43 UTC
by Renato Marinho (Version: 1)

This month we got patches for 129 vulnerabilities. Of these, 23 are critical and none of them was previously disclosed or is being exploited according to Microsoft.

Amongst the critical ones, there is a remote code execution (RCE) vulnerability in Microsoft SharePoint (CVE-2020-1210) with a CVSS score of 9.9 (the highest this month). The vulnerability exists when the software fails to check the source markup of an application package. To exploit this vulnerability, an attacker has to upload a specially crafted SharePoint application package to a vulnerable SharePoint.

There is also an RCE in Microsoft Exchange (CVE-2020-16875), with a CVSS score of 9.1. To exploit this vulnerability, an attacker has to send a specially crafted e-mail to a vulnerable Exchange Server. An attacker who successfully exploits this vulnerability could run arbitrary code in the context of System user.

A third vulnerability worth mentioning is an RCE affecting Active Directory (CVE-2020-0761) when integrated with DNS (ADIDNS). An authenticated attacker could run arbitrary code in the context of Local System account if successfully exploits this vulnerability. To exploit the vulnerability, an authenticated attacker could send malicious requests to an Active Directory integrated DNS (ADIDNS) server. The CVSS score for this vulnerability is 8.8.

See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
ADFS Spoofing Vulnerability
CVE-2020-0837	No	No	Less Likely	Less Likely	Important	5.0	4.5
Active Directory Information Disclosure Vulnerability
CVE-2020-0664	No	No	More Likely	More Likely	Important	6.5	5.9
CVE-2020-0856	No	No	More Likely	More Likely	Important	6.5	5.9
Active Directory Remote Code Execution Vulnerability
CVE-2020-0718	No	No	Less Likely	Less Likely	Important	8.8	7.9
CVE-2020-0761	No	No	Less Likely	Less Likely	Important	8.8	7.9
Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-1590	No	No	Less Likely	Less Likely	Important	5.5	5.0
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2020-1130	No	No	Less Likely	Less Likely	Important	6.6	5.9
CVE-2020-1133	No	No	Less Likely	Less Likely	Important	5.5	5.0
DirectX Elevation of Privilege Vulnerability
CVE-2020-1053	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1308	No	No	More Likely	More Likely	Important	7.0	6.3
GDI+ Remote Code Execution Vulnerability
CVE-2020-1285	No	No	Less Likely	Less Likely	Critical	8.4	7.6
Group Policy Elevation of Privilege Vulnerability
CVE-2020-1013	No	No	Less Likely	Less Likely	Important	7.5	6.7
Internet Explorer Browser Helper Object (BHO) Memory Corruption Vulnerability
CVE-2020-16884	No	No	Less Likely	Less Likely	Important	4.2	3.8
Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-1039	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1074	No	No	Less Likely	Less Likely	Important	7.8	7.0
Microsoft ASP.NET Core Security Feature Bypass Vulnerability
CVE-2020-1045	No	No	Less Likely	Less Likely	Important	7.5	6.7
Microsoft Browser Memory Corruption Vulnerability
CVE-2020-0878	No	No	Less Likely	Less Likely	Critical	4.2	3.8
Microsoft COM for Windows Elevation of Privilege Vulnerability
CVE-2020-1507	No	No	Less Likely	Less Likely	Important	7.9	7.1
Microsoft COM for Windows Remote Code Execution Vulnerability
CVE-2020-0922	No	No	Less Likely	Less Likely	Critical	8.8	7.9
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
CVE-2020-16858	No	No	Less Likely	Less Likely	Important	5.4	4.9
CVE-2020-16859	No	No	Less Likely	Less Likely	Important	5.4	4.9
CVE-2020-16861	No	No	Less Likely	Less Likely	Important	5.4	4.9
CVE-2020-16864	No	No	Less Likely	Less Likely	Important	5.4	4.9
CVE-2020-16872	No	No	Less Likely	Less Likely	Important	7.6	6.8
CVE-2020-16878	No	No	Less Likely	Less Likely	Important	5.4	4.9
CVE-2020-16871	No	No	Less Likely	Less Likely	Important	5.4	4.9
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
CVE-2020-16860	No	No	Less Likely	Less Likely	Important	6.8	6.1
CVE-2020-16862	No	No	Less Likely	Less Likely	Critical	7.1	6.4
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
CVE-2020-16857	No	No	-	-	Critical	7.1	6.4
Microsoft Excel Information Disclosure Vulnerability
CVE-2020-1224	No	No	Less Likely	Less Likely	Important	5.5	5.0
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-1193	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1332	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1335	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1594	No	No	Less Likely	Less Likely	Important	7.8	7.0
Microsoft Exchange Memory Corruption Vulnerability
CVE-2020-16875	No	No	Less Likely	Less Likely	Critical	9.1	8.2
Microsoft Graphics Component Information Disclosure Vulnerability
CVE-2020-0921	No	No	Less Likely	Less Likely	Important	5.5	5.0
CVE-2020-1083	No	No	Less Likely	Less Likely	Important	5.5	5.0
Microsoft Office Information Disclosure Vulnerability
CVE-2020-16855	No	No	Less Likely	Less Likely	Important	5.5	5.0
Microsoft Office SharePoint XSS Vulnerability
CVE-2020-1345	No	No	Less Likely	Less Likely	Important	7.4	6.7
CVE-2020-1575	No	No	Less Likely	Less Likely	Important	5.4	4.9
CVE-2020-1198	No	No	-	-	Important	7.4	6.7
CVE-2020-1227	No	No	-	-	Important	5.4	4.9
CVE-2020-1482	No	No	Less Likely	Less Likely	Important	6.3	5.7
CVE-2020-1514	No	No	Less Likely	Less Likely	Important	5.4	4.9
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-1452	No	No	Less Likely	Less Likely	Critical	8.6	7.7
CVE-2020-1453	No	No	Less Likely	Less Likely	Critical	8.6	7.7
CVE-2020-1576	No	No	Less Likely	Less Likely	Critical	8.5	7.6
CVE-2020-1200	No	No	Less Likely	Less Likely	Critical	8.6	7.7
CVE-2020-1210	No	No	Less Likely	Less Likely	Critical	9.9	8.9
CVE-2020-1595	No	No	Less Likely	Less Likely	Critical	9.9	8.9
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2020-1460	No	No	Less Likely	Less Likely	Critical	8.6	7.7
Microsoft SharePoint Server Tampering Vulnerability
CVE-2020-1440	No	No	Less Likely	Less Likely	Important	6.3	5.7
CVE-2020-1523	No	No	Less Likely	Less Likely	Important	8.9	8.0
Microsoft SharePoint Spoofing Vulnerability
CVE-2020-1205	No	No	Less Likely	Less Likely	Important	4.6	4.2
Microsoft Store Runtime Elevation of Privilege Vulnerability
CVE-2020-0766	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1146	No	No	Less Likely	Less Likely	Important	6.6	5.9
Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2020-1129	No	No	Less Likely	Less Likely	Critical	8.8	7.9
CVE-2020-1319	No	No	Less Likely	Less Likely	Critical	7.3	6.6
Microsoft Word Remote Code Execution Vulnerability
CVE-2020-1218	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1338	No	No	Less Likely	Less Likely	Important	7.8	7.0
Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2020-0790	No	No	Less Likely	Less Likely	Important	7.8	7.0
Microsoft splwow64 Information Disclosure Vulnerability
CVE-2020-0875	No	No	Less Likely	Less Likely	Important	5.5	5.0
NTFS Elevation of Privilege Vulnerability
CVE-2020-0838	No	No	Less Likely	Less Likely	Important	7.8	7.0
OneDrive for Windows Elevation of Privilege Vulnerability
CVE-2020-16851	No	No	Less Likely	Less Likely	Important	7.1	6.4
CVE-2020-16852	No	No	Less Likely	Less Likely	Important	7.1	6.4
CVE-2020-16853	No	No	Less Likely	Less Likely	Important	7.1	6.4
Projected Filesystem Information Disclosure Vulnerability
CVE-2020-16879	No	No	Less Likely	Less Likely	Important	5.5	5.0
Projected Filesystem Security Feature Bypass Vulnerability
CVE-2020-0805	No	No	Less Likely	Less Likely	Important	5.3	4.8
SQL Server Reporting Services Security Feature Bypass Vulnerability
CVE-2020-1044	No	No	Less Likely	Less Likely	Moderate	4.3	3.9
Scripting Engine Memory Corruption Vulnerability
CVE-2020-1057	No	No	Less Likely	Less Likely	Critical	4.2	3.8
CVE-2020-1172	No	No	Less Likely	Less Likely	Critical	4.2	3.8
CVE-2020-1180	No	No	Less Likely	Less Likely	Important	4.2	3.8
Shell infrastructure component Elevation of Privilege Vulnerability
CVE-2020-0870	No	No	Less Likely	Less Likely	Important	7.8	7.0
TLS Information Disclosure Vulnerability
CVE-2020-1596	No	No	Less Likely	Less Likely	Important	5.4	4.9
Visual Studio JSON Remote Code Execution Vulnerability
CVE-2020-16881	No	No	Less Likely	Less Likely	Important	7.8	7.0
Visual Studio Remote Code Execution Vulnerability
CVE-2020-16856	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-16874	No	No	Less Likely	Less Likely	Critical	7.8	7.0
Win32k Elevation of Privilege Vulnerability
CVE-2020-1245	No	No	More Likely	More Likely	Important	7.0	6.3
Win32k Information Disclosure Vulnerability
CVE-2020-0941	No	No	More Likely	More Likely	Important	5.5	5.0
CVE-2020-1250	No	No	Less Likely	Less Likely	Important	5.5	5.0
WinINet API Elevation of Privilege Vulnerability
CVE-2020-1012	No	No	Less Likely	Less Likely	Important	8.8	7.9
Windows Camera Codec Pack Remote Code Execution Vulnerability
CVE-2020-0997	No	No	Less Likely	Less Likely	Critical	7.8	7.0
Windows CloudExperienceHost Elevation of Privilege Vulnerability
CVE-2020-1471	No	No	Less Likely	Less Likely	Important	6.1	5.5
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-1115	No	No	More Likely	More Likely	Important	7.8	7.0
Windows Cryptographic Catalog Services Elevation of Privilege Vulnerability
CVE-2020-0782	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows DHCP Server Information Disclosure Vulnerability
CVE-2020-1031	No	No	Less Likely	Less Likely	Important	7.5	6.7
Windows DNS Denial of Service Vulnerability
CVE-2020-0836	No	No	Less Likely	Less Likely	Important	7.5	6.7
CVE-2020-1228	No	No	Less Likely	Less Likely	Important	7.5	6.7
Windows Defender Application Control Security Feature Bypass Vulnerability
CVE-2020-0951	No	No	Less Likely	Less Likely	Important	6.7	6.0
Windows Elevation of Privilege Vulnerability
CVE-2020-1376	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1052	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1159	No	No	Less Likely	Less Likely	Important	5.3	4.8
Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability
CVE-2020-0912	No	No	Less Likely	Less Likely	Important	7.0	6.3
Windows Function Discovery Service Elevation of Privilege Vulnerability
CVE-2020-1491	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows GDI Information Disclosure Vulnerability
CVE-2020-1256	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-0998	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-1091	No	No	Less Likely	Less Likely	Important	6.5	5.9
CVE-2020-1097	No	No	Less Likely	Less Likely	Important	6.5	5.9
Windows Hyper-V Denial of Service Vulnerability
CVE-2020-0890	No	No	Less Likely	Less Likely	Important	6.5	5.9
CVE-2020-0904	No	No	Less Likely	Less Likely	Important	6.5	5.9
Windows Information Disclosure Vulnerability
CVE-2020-1119	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows InstallService Elevation of Privilege Vulnerability
CVE-2020-1532	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1034	No	No	Less Likely	Less Likely	Important	6.8	6.1
Windows Kernel Information Disclosure Vulnerability
CVE-2020-1589	No	No	Less Likely	Less Likely	Important	4.4	4.0
CVE-2020-1592	No	No	Less Likely	Less Likely	Important	5.1	4.6
CVE-2020-0928	No	No	Less Likely	Less Likely	Important	5.5	5.0
CVE-2020-1033	No	No	Less Likely	Less Likely	Important	4.0	3.6
CVE-2020-16854	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Language Pack Installer Elevation of Privilege Vulnerability
CVE-2020-1122	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Media Audio Decoder Remote Code Execution Vulnerability
CVE-2020-1508	No	No	Less Likely	Less Likely	Critical	7.6	6.8
CVE-2020-1593	No	No	Less Likely	Less Likely	Critical	7.6	6.8
Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability
CVE-2020-0989	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Modules Installer Elevation of Privilege Vulnerability
CVE-2020-0911	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-1030	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows RSoP Service Application Elevation of Privilege Vulnerability
CVE-2020-0648	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Remote Code Execution Vulnerability
CVE-2020-1252	No	No	Less Likely	Less Likely	Critical	7.8	7.0
Windows Routing Utilities Denial of Service
CVE-2020-1038	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1169	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-1303	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Shell Infrastructure Component Elevation of Privilege Vulnerability
CVE-2020-1098	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Start-Up Application Elevation of Privilege Vulnerability
CVE-2020-1506	No	No	Less Likely	Less Likely	Important	6.1	5.5
Windows State Repository Service Information Disclosure Vulnerability
CVE-2020-0914	No	No	Less Likely	Less Likely	Important	5.5	5.0
Windows Storage Services Elevation of Privilege Vulnerability
CVE-2020-1559	No	No	Less Likely	Less Likely	Important	7.8	7.0
CVE-2020-0886	No	No	Less Likely	Less Likely	Important	7.8	7.0
Windows Text Service Module Remote Code Execution Vulnerability
CVE-2020-0908	No	No	Less Likely	Less Likely	Critical	7.5	6.7
Windows UPnP Service Elevation of Privilege Vulnerability
CVE-2020-1598	No	No	Less Likely	Less Likely	Important	6.1	5.5
Windows Win32k Elevation of Privilege Vulnerability
CVE-2020-1152	No	No	More Likely	More Likely	Important	5.8	5.2
Windows dnsrslvr.dll Elevation of Privilege Vulnerability
CVE-2020-0839	No	No	Less Likely	Less Likely	Important	7.8	7.0
Xamarin.Forms Spoofing Vulnerability
CVE-2020-16873	No	No	Less Likely	Less Likely	Important	4.7	4.4

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:

0 comment(s)

Internet Storm Center

Microsoft September 2020 Patch Tuesday

Comments