July, 2020: Patch Tuesday: Potentially Wormable Vulnerability

Welcome to this July Patch Tuesday Bulletin. This is another big month for MS patches with 125 unique CVE’s listed, 6 technologies with critical updates, and one publicly disclosed vulnerability. The publicly disclosed vulnerability (CVE-2020-1463) is an elevation of privilege flaw but was not reported to be attacked in the wild. Another big vulnerability (CVE-2020-1350) has a reported workaround that every organization should consider applying if patches cannot be applied in a timely fashion. CVE-2020-1350 is a remote code execution vulnerability in DNS servers that Microsoft identifies as potentially wormable. At this time, there are no known exploits, but it should be assumed that adversaries are attempting to craft exploits at this time. The workaround involves changing a registry key and does not require a reboot of the DNS server. Windows DNS servers are prevalent in most enterprises so this flaw should be taken seriously.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of MS patches this month.

Patch data provided by:

Technology

Products Affected

Severity

Reference

Workaround/ Exploited

Vulnerability Info

Windows

Win 8.1, RT 8.1, 10

Server 2012, 2016, 2019

Critical

CVE-2020-1032

CVE-2020-1036

CVE-2020-1040

CVE-2020-1041

CVE-2020-1042

CVE-2020-1043

CVE-2020-1085

CVE-2020-1249

CVE-2020-1267

CVE-2020-1330

CVE-2020-1333

CVE-2020-1336

CVE-2020-1344

CVE-2020-1346

CVE-2020-1347

CVE-2020-1350*

CVE-2020-1351

CVE-2020-1352

CVE-2020-1353

CVE-2020-1354

CVE-2020-1355

CVE-2020-1356

CVE-2020-1357

CVE-2020-1358

CVE-2020-1359

CVE-2020-1360

CVE-2020-1361

CVE-2020-1362

CVE-2020-1363

CVE-2020-1364

CVE-2020-1365

CVE-2020-1366

CVE-2020-1367

CVE-2020-1368

CVE-2020-1369

CVE-2020-1370

CVE-2020-1371

CVE-2020-1372

CVE-2020-1373

CVE-2020-1374

CVE-2020-1375

CVE-2020-1381

CVE-2020-1382

CVE-2020-1384

CVE-2020-1385

CVE-2020-1386

CVE-2020-1387

CVE-2020-1388

CVE-2020-1389

CVE-2020-1390

CVE-2020-1391

CVE-2020-1392

CVE-2020-1393

CVE-2020-1394

CVE-2020-1395

CVE-2020-1396

CVE-2020-1397

CVE-2020-1398

CVE-2020-1399

CVE-2020-1400

CVE-2020-1401

CVE-2020-1402

CVE-2020-1404

CVE-2020-1405

CVE-2020-1406

CVE-2020-1407

CVE-2020-1408

CVE-2020-1409

CVE-2020-1410

CVE-2020-1411

CVE-2020-1412

CVE-2020-1413

CVE-2020-1414

CVE-2020-1415

CVE-2020-1418

CVE-2020-1419

CVE-2020-1420

CVE-2020-1421

CVE-2020-1422

CVE-2020-1423

CVE-2020-1424

CVE-2020-1425

CVE-2020-1426

CVE-2020-1427

CVE-2020-1428

CVE-2020-1429

CVE-2020-1430

CVE-2020-1431

CVE-2020-1434

CVE-2020-1435

CVE-2020-1436

CVE-2020-1437

CVE-2020-1438

CVE-2020-1441

CVE-2020-1457

CVE-2020-1463**

CVE-2020-1468

*Workaround: Yes

**Public: No

Exploited: No

Remote Code Execution

Elevation of Privilege

Information Disclosure

Denial of Service

Tampering

 

Edge

EdgeHTML-based

Important

CVE-2020-1433

CVE-2020-1462

*Workaround: No

**Public: Yes

Exploited: No

Information Disclosure

Internet Explorer

IE 11

Critical

CVE-2020-1403

CVE-2020-1432

 

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Information Disclosure

Office, Office Services and Web Apps

Office 2010, 2016 for Mac, 2019, 2019 for Mac

Office Web Apps 2010, 2013

Outlook 2010, 2013, 2016

Sharepoint Enterprise Server 2013, 2016, Foundation 2013, Server 2010, Server 2019

Word 2010, 2013, 2016

365 Apps

Critical

CVE-2020-1025

CVE-2020-1147

CVE-2020-1240

CVE-2020-1342

CVE-2020-1349

CVE-2020-1409

CVE-2020-1439

CVE-2020-1442

CVE-2020-1443

CVE-2020-1444

CVE-2020-1445

CVE-2020-1446

CVE-2020-1447

CVE-2020-1448

CVE-2020-1449

CVE-2020-1450

CVE-2020-1451

CVE-2020-1454

CVE-2020-1456

CVE-2020-1458

CVE-2020-1465

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

Spoofing

 

Defender

All

Important

CVE-2020-1461

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Skype for Business

Skype for Business 2015, 2019

Critical

CVE-2020-1025

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Visual Studio

Visual Studio 2015, 2017, 2019, Code, Code ESLint extension

Critical

CVE-2020-1147

CVE-2020-1393

CVE-2020-1416

CVE-2020-1481

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Remote Code Execution

OneDrive

OneDrive for Windows

Important

CVE-2020-1465

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

.NET Framework

.NET Core 2.1, 2.1

.NET Framework 2.0, 3.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.1.7.2, 4.8

Critical

CVE-2020-1147

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Azure DevOps

DevOps Server 2019

Storage Explorer

Important

CVE-2020-1326

CVE-2020-1416

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Spoofing