December 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing
December 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics, and DNS SpoofingFor the last Patch Tuesday of the year, Microsoft provided updates fixing 58 vulnerabilities, which is at the low end of what we have seen this year. 9 of the vulnerabilities are rated critical.
The largest CVSS score is 8.8 this month, which was assigned to vulnerabilities affecting Microsoft Dynamics. The 6 vulnerabilities in Microsoft Exchange should also not be ignored. One of the vulnerabilities is an information disclosure problem. But the other 5 vulnerabilities are remote code execution issues. Note that older Exchange vulnerabilities still remain unpatched at some organizations and have been used in attacks this last year.
Sharepoint remains another regular participant in patch Tuesday with two remote code execution vulnerabilities, one reaching a CVSS score of 8.8.
In addition, Microsoft released an advisory regarding a DNS spoofing vulnerability. This DNS spoofing issue involves fragmentation, but Microsoft is not very specific as to the exact methodology. There have been a few different fragmentation related cache spoofing issues that people have written about in the last few years. The workaround is to avoid fragmentation by reducing the buffer size to 1221 bytes, which should be small enough to not cause fragmentation. As a side effect of the workaround, you may see more TCP port 53 traffic to your DNS servers.
I did not see an advisory regarding Adobe Flash. This would be the last month for an Adobe Flash advisory which will officially be retired at the end of the year.
Patch Tuesday Dashboard: https://patchtuesdaydashboard.com/
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| Azure DevOps Server Spoofing Vulnerability | |||||||
| CVE-2020-17135 | No | No | Less Likely | Less Likely | Important | 6.4 | 5.6 |
| Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | |||||||
| CVE-2020-17145 | No | No | Less Likely | Less Likely | Important | 5.4 | 4.7 |
| Azure SDK for C Security Feature Bypass Vulnerability | |||||||
| CVE-2020-17002 | No | No | Less Likely | Less Likely | Important | 7.4 | 6.4 |
| Azure SDK for Java Security Feature Bypass Vulnerability | |||||||
| CVE-2020-16971 | No | No | Less Likely | Less Likely | Important | 7.4 | 6.4 |
| Azure Sphere Security Feature Bypass Vulnerability | |||||||
| CVE-2020-17160 | No | No | Less Likely | Less Likely | Important | 7.4 | 6.4 |
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
| CVE-2020-17131 | No | No | Less Likely | Less Likely | Critical | 4.2 | 3.8 |
| DirectX Graphics Kernel Elevation of Privilege Vulnerability | |||||||
| CVE-2020-17137 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Dynamics CRM Webclient Cross-site Scripting Vulnerability | |||||||
| CVE-2020-17147 | No | No | Less Likely | Less Likely | Important | 8.7 | 7.6 |
| Hyper-V Remote Code Execution Vulnerability | |||||||
| CVE-2020-17095 | No | No | Less Likely | Less Likely | Critical | 8.5 | 7.4 |
| Kerberos Security Feature Bypass Vulnerability | |||||||
| CVE-2020-16996 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | |||||||
| CVE-2020-17152 | No | No | More Likely | More Likely | Critical | 8.8 | 7.7 |
| CVE-2020-17158 | No | No | More Likely | More Likely | Critical | 8.8 | 7.7 |
| Microsoft Dynamics Business Central/NAV Information Disclosure | |||||||
| CVE-2020-17133 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Microsoft Edge for Android Spoofing Vulnerability | |||||||
| CVE-2020-17153 | No | No | Less Likely | Less Likely | Moderate | 4.3 | 3.9 |
| Microsoft Excel Information Disclosure Vulnerability | |||||||
| CVE-2020-17126 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Microsoft Excel Remote Code Execution Vulnerability | |||||||
| CVE-2020-17122 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-17123 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-17125 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-17127 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-17128 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-17129 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft Excel Security Feature Bypass Vulnerability | |||||||
| CVE-2020-17130 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Microsoft Exchange Information Disclosure Vulnerability | |||||||
| CVE-2020-17143 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.9 |
| Microsoft Exchange Remote Code Execution Vulnerability | |||||||
| CVE-2020-17117 | No | No | Less Likely | Less Likely | Critical | 6.6 | 5.9 |
| CVE-2020-17132 | No | No | Less Likely | Less Likely | Critical | 8.4 | 7.6 |
| CVE-2020-17141 | No | No | Less Likely | Less Likely | Important | 8.4 | 7.6 |
| CVE-2020-17142 | No | No | Less Likely | Less Likely | Critical | 8.4 | 7.6 |
| CVE-2020-17144 | No | No | More Likely | More Likely | Important | 8.4 | 7.6 |
| Microsoft Guidance for Addressing Spoofing Vulnerability in DNS Resolver | |||||||
| ADV200013 | No | No | Less Likely | Less Likely | Important | ||
| Microsoft Outlook Information Disclosure Vulnerability | |||||||
| CVE-2020-17119 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
| Microsoft PowerPoint Remote Code Execution Vulnerability | |||||||
| CVE-2020-17124 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||||
| CVE-2020-17089 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.4 |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||||
| CVE-2020-17120 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.6 |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||||
| CVE-2020-17118 | No | No | More Likely | More Likely | Critical | 8.1 | 7.3 |
| CVE-2020-17121 | No | No | More Likely | More Likely | Critical | 8.8 | 7.7 |
| Microsoft SharePoint Spoofing Vulnerability | |||||||
| CVE-2020-17115 | No | No | Less Likely | Less Likely | Moderate | 8.0 | 7.0 |
| Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | |||||||
| CVE-2020-17159 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Visual Studio Code Remote Code Execution Vulnerability | |||||||
| CVE-2020-17150 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability | |||||||
| CVE-2020-17148 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Visual Studio Remote Code Execution Vulnerability | |||||||
| CVE-2020-17156 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Backup Engine Elevation of Privilege Vulnerability | |||||||
| CVE-2020-16958 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-16959 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-16960 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-16961 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-16962 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-16963 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-16964 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||||
| CVE-2020-17103 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
| CVE-2020-17134 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2020-17136 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | |||||||
| CVE-2020-17097 | No | No | Less Likely | Less Likely | Important | 3.3 | 2.9 |
| Windows Error Reporting Information Disclosure Vulnerability | |||||||
| CVE-2020-17094 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| CVE-2020-17138 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows GDI+ Information Disclosure Vulnerability | |||||||
| CVE-2020-17098 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Lock Screen Security Feature Bypass Vulnerability | |||||||
| CVE-2020-17099 | No | No | Less Likely | Less Likely | Important | 6.8 | 5.9 |
| Windows NTFS Remote Code Execution Vulnerability | |||||||
| CVE-2020-17096 | No | No | More Likely | More Likely | Important | 7.5 | 6.5 |
| Windows Network Connections Service Elevation of Privilege Vulnerability | |||||||
| CVE-2020-17092 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Overlay Filter Security Feature Bypass Vulnerability | |||||||
| CVE-2020-17139 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows SMB Information Disclosure Vulnerability | |||||||
| CVE-2020-17140 | No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
| Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments