This month’s Microsoft Patch Tuesday addresses 120 vulnerabilities with 17 of them labeled as Critical. The 17 Critical vulnerabilities cover Media Foundation, .NET Framework, Browsers, Scripting Engines, Office, Outlook, Windows Codecs and several other workstation vulnerabilities. Adobe released patches today for Acrobat/Reader, and Lightroom.
Today’s patch Tuesday fixes many vulnerabilities that would impact workstations. The Office, Outlook, Windows Codecs, and Media Foundation vulnerabilities should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.
Windows Spoofing Vulnerability
While listed as Important, there is an Actively Attacked spoofing vulnerability vulnerability (CVE-2020-1464) in Microsoft Windows. An attacker could exploit these vulnerabilities to take control of an affected system. This patch should be prioritized across all Windows devices.
Scripting Engine Memory Corruption Vulnerability
There is also an Actively Attacked memory corruption vulnerability (CVE-2020-1380) in the Scripting Engine. Often memory corruption vulnerabilities are “chained” with other vulnerabilities resulting in a full system compromise. This patch should be prioritized for scripting engines.
Windows Codecs Library RCE
Microsoft has patched 3 vulnerabilities (CVE-2020-1560, CVE-2020-1574, CVE-2020-1585) in Windows Codecs that would allow an attacker to obtain information to further compromise the user’s system. Microsoft notes that exploitation of this vulnerability is less likely, but these patches should still be prioritized for Windows Codecs Library.
Windows Media RCE
Microsoft patched a vulnerability (CVE-2020-1339) in Windows Media. Exploitation requires that a user opens a specially crafted document or webpage and could take complete control of the system. These patches should be prioritized for Windows Media installations.
Media Foundation Memory Corruption
Microsoft also released patches for 6 memory corruption vulnerabilities in Media Foundation (CVE-2020-1525, CVE-2020-1379, CVE-2020-1477, CVE-2020-1478, CVE-2020-1492, CVE-2020-1554). Exploiting the vulnerability would require the user to open a malicious file, and would grant the attacker the same rights as the user. All Media Foundation installations should be prioritized for patching.
Adobe issued patches today covering multiple vulnerabilities in Acrobat/Reader, andLightroom. The patches for Acrobat/Reader are labeled as Priority 2, while the remaining patches are set to Priority 3.
While none of the vulnerabilities disclosed in Adobe’s release are known to be Actively Attacked today, all patches should be prioritized on systems with these products installed.