As part of October Patch Tuesday, Microsoft patched 87 vulnerabilities in its products, including 11 critical vulnerabilities and 21 remote code execution (RCE) issues.The fixed bugs affected Windows itself, Office, Office Services and Web Apps, Visual Studio, Azure Functions, Azure Sphere, .NET Framework, Microsoft Dynamics, Exchange Server, Windows Codecs Library, and so on.
It is reported that, according to experts, none of the vulnerabilities were under attack.
The most dangerous problem of this month was the bug CVE-2020-16898, which is an RCE bug in the Windows TCP/IP stack, which received 9.8 points out of 10 on the CVSS vulnerability rating scale.
Microsoft engineers that discovered this issue state that Windows 10 and Windows Server 2019 are vulnerable to it.
If the installation of updates is impossible for some reason, it is strongly recommended to use at least workarounds to fix the bug, including temporarily disabling ICMPv6 RDNSS support.
McAfee experts point out that such a problem may have the potential of a worm, that is, hackers can launch attacks that will spread from one vulnerable computer to another without human intervention.
Researchers from SophosLabs have published a video demonstrating how the vulnerability can be used to provoke a blue screen of death (BSoD) and named the bug Ping of Death.
Let me remind you that this is not the first extremely dangerous vulnerability in Windows, discovered in the “happy” 2020.
Another high-profile vulnerability of this month that deserves special mention is CVE-2020-16947, which allows remote code execution in Outlook. Microsoft claims that this error can be exploited by tricking a user into opening a specially crafted file in a vulnerable version of Microsoft Outlook (that is, getting a malicious email from attackers is enough).
What is also worth mentioning is the Windows Hyper-V RCE bug (CVE-2020-16891), which scored 8.8 on the CVSS scale. The problem is related to incorrect validation of the imput from the authenticated user in the guest operating system. By exploiting this issue, an attacker could run a specially crafted program in the guest OS, forcing the Hyper-V host’s OS to execute arbitrary code.
Two more critical RCE flaws (CVE-2020-16967 and CVE-2020-16968) affect the Windows Camera Codec Pack, allowing an attacker to send a malicious file to the victim, which, when opened, will provoke arbitrary code execution in the context of the current user.
User Review( votes)