Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

Tag CVE ID CVE Title
Active Directory CVE-2020-0761 Active Directory Remote Code Execution Vulnerability
Active Directory CVE-2020-0856 Active Directory Information Disclosure Vulnerability
Active Directory CVE-2020-0718 Active Directory Remote Code Execution Vulnerability
Active Directory CVE-2020-0664 Active Directory Information Disclosure Vulnerability
Active Directory Federation Services CVE-2020-0837 ADFS Spoofing Vulnerability
ASP.NET CVE-2020-1045 Microsoft ASP.NET Core Security Feature Bypass Vulnerability
Common Log File System Driver CVE-2020-1115 Windows Common Log File System Driver Elevation of Privilege Vulnerability
Internet Explorer CVE-2020-1012 WinINet API Elevation of Privilege Vulnerability
Internet Explorer CVE-2020-16884 Internet Explorer Browser Helper Object (BHO) Memory Corruption Vulnerability
Internet Explorer CVE-2020-1506 Windows Start-Up Application Elevation of Privilege Vulnerability
Microsoft Browsers CVE-2020-0878 Microsoft Browser Memory Corruption Vulnerability
Microsoft Dynamics CVE-2020-16857 Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
Microsoft Dynamics CVE-2020-16858 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2020-16860 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
Microsoft Dynamics CVE-2020-16859 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2020-16861 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2020-16872 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2020-16864 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2020-16878 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2020-16862 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
Microsoft Dynamics CVE-2020-16871 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Exchange Server CVE-2020-16875 Microsoft Exchange Memory Corruption Vulnerability
Microsoft Graphics Component CVE-2020-0921 Microsoft Graphics Component Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-0998 Windows Graphics Component Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2020-1091 Windows Graphics Component Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-1152 Windows Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2020-1097 Windows Graphics Component Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-1083 Microsoft Graphics Component Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-1053 DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2020-1308 DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2020-1245 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2020-1285 GDI+ Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2020-1256 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-1250 Win32k Information Disclosure Vulnerability
Microsoft JET Database Engine CVE-2020-1039 Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2020-1074 Jet Database Engine Remote Code Execution Vulnerability
Microsoft NTFS CVE-2020-0838 NTFS Elevation of Privilege Vulnerability
Microsoft Office CVE-2020-1594 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-1335 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-16855 Microsoft Office Information Disclosure Vulnerability
Microsoft Office CVE-2020-1338 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2020-1332 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-1224 Microsoft Excel Information Disclosure Vulnerability
Microsoft Office CVE-2020-1218 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2020-1193 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-1345 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2020-1205 Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePoint CVE-2020-1210 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-1514 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2020-1595 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-1523 Microsoft SharePoint Server Tampering Vulnerability
Microsoft Office SharePoint CVE-2020-1440 Microsoft SharePoint Server Tampering Vulnerability
Microsoft Office SharePoint CVE-2020-1200 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-1482 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2020-1198 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2020-1227 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2020-1576 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-1452 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-1575 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2020-1453 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-1460 Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft OneDrive CVE-2020-16853 OneDrive for Windows Elevation of Privilege Vulnerability
Microsoft OneDrive CVE-2020-16851 OneDrive for Windows Elevation of Privilege Vulnerability
Microsoft OneDrive CVE-2020-16852 OneDrive for Windows Elevation of Privilege Vulnerability
Microsoft Scripting Engine CVE-2020-1057 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2020-1180 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2020-1172 Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2020-1596 TLS Information Disclosure Vulnerability
Microsoft Windows CVE-2020-1169 Windows Runtime Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1593 Windows Media Audio Decoder Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-1159 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1598 Windows UPnP Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-0790 Microsoft splwow64 Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-0922 Microsoft COM for Windows Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-0782 Windows Cryptographic Catalog Services Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-0648 Windows RSoP Service Application Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-0766 Microsoft Store Runtime Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1590 Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1376 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1471 Windows CloudExperienceHost Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16879 Projected Filesystem Information Disclosure Vulnerability
Microsoft Windows CVE-2020-1013 Group Policy Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1532 Windows InstallService Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1491 Windows Function Discovery Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1303 Windows Runtime Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1252 Windows Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-1559 Windows Storage Services Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1507 Microsoft COM for Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1508 Windows Media Audio Decoder Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-0914 Windows State Repository Service Information Disclosure Vulnerability
Microsoft Windows CVE-2020-0886 Windows Storage Services Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-0989 Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability
Microsoft Windows CVE-2020-0875 Microsoft splwow64 Information Disclosure Vulnerability
Microsoft Windows CVE-2020-0912 Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1038 Windows Routing Utilities Denial of Service
Microsoft Windows CVE-2020-0908 Windows Text Service Module Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-1052 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-0911 Windows Modules Installer Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-0805 Projected Filesystem Security Feature Bypass Vulnerability
Microsoft Windows CVE-2020-1119 Windows Information Disclosure Vulnerability
Microsoft Windows CVE-2020-1146 Microsoft Store Runtime Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-0951 Windows Defender Application Control Security Feature Bypass Vulnerability
Microsoft Windows CVE-2020-1122 Windows Language Pack Installer Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1098 Windows Shell Infrastructure Component Elevation of Privilege Vulnerability
Microsoft Windows Codecs Library CVE-2020-1319 Microsoft Windows Codecs Library Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-0997 Windows Camera Codec Pack Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-1129 Microsoft Windows Codecs Library Remote Code Execution Vulnerability
Microsoft Windows DNS CVE-2020-0839 Windows dnsrslvr.dll Elevation of Privilege Vulnerability
Microsoft Windows DNS CVE-2020-1228 Windows DNS Denial of Service Vulnerability
Microsoft Windows DNS CVE-2020-0836 Windows DNS Denial of Service Vulnerability
Open Source Software CVE-2020-16873 Xamarin.Forms Spoofing Vulnerability
SQL Server CVE-2020-1044 SQL Server Reporting Services Security Feature Bypass Vulnerability
Visual Studio CVE-2020-16874 Visual Studio Remote Code Execution Vulnerability
Visual Studio CVE-2020-16856 Visual Studio Remote Code Execution Vulnerability
Visual Studio CVE-2020-16881 Visual Studio JSON Remote Code Execution Vulnerability
Windows DHCP Server CVE-2020-1031 Windows DHCP Server Information Disclosure Vulnerability
Windows Diagnostic Hub CVE-2020-1130 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Windows Diagnostic Hub CVE-2020-1133 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Windows Hyper-V CVE-2020-0904 Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V CVE-2020-0890 Windows Hyper-V Denial of Service Vulnerability
Windows Kernel CVE-2020-0941 Win32k Information Disclosure Vulnerability
Windows Kernel CVE-2020-0928 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2020-16854 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2020-1034 Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel CVE-2020-1033 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2020-1589 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2020-1592 Windows Kernel Information Disclosure Vulnerability
Windows Print Spooler Components CVE-2020-1030 Windows Print Spooler Elevation of Privilege Vulnerability
Windows Shell CVE-2020-0870 Shell infrastructure component Elevation of Privilege Vulnerability

CVE-2020-1345 - Microsoft Office SharePoint XSS Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1345
MITRE
NVD
CVE Title: Microsoft Office SharePoint XSS Vulnerability
Description:

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1345
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Important Spoofing 4484473 Base: 7.4
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486667 (Security Update) Important Spoofing 4484462
Base: 7.4
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Important Spoofing 4484487 Base: 7.4
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Important Spoofing 4484472 Base: 7.4
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1345 Huynh Phuoc Hung, @hph0var


CVE-2020-1460 - Microsoft SharePoint Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1460
MITRE
NVD
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context of the SharePoint application pool process.

To exploit the vulnerability, an authenticated user must create and invoke a specially crafted page on an affected version of Microsoft SharePoint Server.

The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles processing of created content.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1460
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484515 (Security Update) Critical Remote Code Execution 4484479
Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Critical Remote Code Execution 4484473 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486667 (Security Update) Critical Remote Code Execution 4484462
Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484488 (Security Update) Critical Remote Code Execution 4484411
Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Critical Remote Code Execution 4484472 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1460 Oleksandr Mirosh (@olekmirosh) from Micro Focus Fortify


CVE-2020-1532 - Windows InstallService Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1532
MITRE
NVD
CVE Title: Windows InstallService Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows InstallService improperly handles memory.

To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.

The security update addresses the vulnerability by correcting how the Windows InstallService handles memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1532
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1532 anonymous


CVE-2020-16856 - Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16856
MITRE
NVD
CVE Title: Visual Studio Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.

The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16856
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Visual Studio 2012 Update 5 4571479 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2013 Update 5 4571480 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2015 Update 3 4571481 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.0 Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16856 Wen guang Jiao working with Trend Micro's Zero Day Initiative


CVE-2020-16857 - Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16857
MITRE
NVD
CVE Title: Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server.

An authenticated attacker with privileges to import and export data could exploit this vulnerability by sending a specially crafted file to a vulnerable Dynamics server.

The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11 handles user input.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16857
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Dynamics 365 for Finance and Operations Release Notes (Security Update) Critical Remote Code Execution None Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16857 Nicolas Joly of Microsoft Corporation


CVE-2020-16858 - Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16858
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current authenticated user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16858
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16858 Ashar Javed of Hyundai AutoEver Europe GmbH


CVE-2020-16859 - Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16859
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current authenticated user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16859
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16859 Ashar Javed of Hyundai AutoEver Europe GmbH


CVE-2020-16860 - Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16860
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account.   An authenticated attacker could exploit this vulnerability by sending a specially crafted request to a vulnerable Dynamics server.   The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 (on-premises) validates and sanitizes user input.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16860
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Important Remote Code Execution None Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16860 Ashar Javed of Hyundai AutoEver Europe GmbH


CVE-2020-16861 - Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16861
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current authenticated user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16861
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8.2 4577501 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16861 Pham Van Khanh from Viettel Cyber Security


CVE-2020-16862 - Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16862
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account.   An authenticated attacker could exploit this vulnerability by sending a specially crafted request to a vulnerable Dynamics server.   The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 (on-premises) validates and sanitizes user input.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16862
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Critical Remote Code Execution None Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16862 Fabian Schmidt


CVE-2020-16864 - Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16864
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current authenticated user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16864
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16864 Pham Van Khanh from Viettel Cyber Security


CVE-2020-16872 - Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16872
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current authenticated user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16872
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Important Spoofing None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16872 Pham Van Khanh @rskvp93 from Viettel Cyber Security


CVE-2020-16878 - Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16878
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current authenticated user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16878
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8.2 4577501 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16878 Tevfik DEMİREL Cyber Security Engineer at ASELSAN


CVE-2020-16879 - Projected Filesystem Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16879
MITRE
NVD
CVE Title: Projected Filesystem Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability.

The security update addresses the vulnerability by correcting how Windows Projected Filesystem handle file redirections.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16879
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16879 Zhiniang Peng (@edwardzpeng) and Xuefeng Li


CVE-2020-16881 - Visual Studio JSON Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16881
MITRE
NVD
CVE Title: Visual Studio JSON Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.   To exploit this vulnerability, an attacker would need to convince a target to clone a repository and open it in Visual Studio Code. Attacker-specified code would execute when the target opens the malicious 'package.json' file.   The update address the vulnerability by modifying the way Visual Studio Code handles JSON files.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16881
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Visual Studio Code Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16881 David Dworken


CVE-2020-1376 - Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1376
MITRE
NVD
CVE Title: Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that fdSSDP.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the ssdpsrv.dll properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1376
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1376 Yuki Chen


CVE-2020-1452 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1452
MITRE
NVD
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.

The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1452
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484515 (Security Update) Critical Remote Code Execution 4484479
Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Critical Remote Code Execution 4484473 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486667 (Security Update) Critical Remote Code Execution 4484462
Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Critical Remote Code Execution 4484487 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Critical Remote Code Execution 4484472 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1452 Oleksandr Mirosh (@olekmirosh) from Micro Focus Fortify


CVE-2020-1453 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1453
MITRE
NVD
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.

The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1453
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484515 (Security Update) Critical Remote Code Execution 4484479
Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Critical Remote Code Execution 4484473 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486667 (Security Update) Critical Remote Code Execution 4484462
Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Critical Remote Code Execution 4484487 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Critical Remote Code Execution 4484472 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1453 Oleksandr Mirosh (@olekmirosh) from Micro Focus Fortify


CVE-2020-1471 - Windows CloudExperienceHost Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1471
MITRE
NVD
CVE Title: Windows CloudExperienceHost Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.

To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.

The security update addresses the vulnerability by checking COM objects.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1471
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1471 James Forshaw of Google Project Zero


CVE-2020-1491 - Windows Function Discovery Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1491
MITRE
NVD
CVE Title: Windows Function Discovery Service Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Function Discovery Service properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1491
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1491 Yuki Chen


CVE-2020-1506 - Windows Start-Up Application Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1506
MITRE
NVD
CVE Title: Windows Start-Up Application Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

There are multiple ways an attacker could exploit the vulnerability:

  • In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.

  • In a file sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit this vulnerability, and then convince a user to open the document file.

The security update addresses the vulnerability by ensuring the Wininit.dll properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1506
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2019 4570333 (Security Update) Low Elevation of Privilege 4565349
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1506 pgboy (http://weibo.com/pgboy1988) of 360vulcan


CVE-2020-1507 - Microsoft COM for Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1507
MITRE
NVD
CVE Title: Microsoft COM for Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.

To exploit the vulnerability, a user would have to open a specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft COM for Windows handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1507
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.9
Temporal: 7.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1507 Rick Veldhoven of Fox-IT Company


CVE-2020-1508 - Windows Media Audio Decoder Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1508
MITRE
NVD
CVE Title: Windows Media Audio Decoder Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.

There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.

The security update addresses the vulnerability by correcting how Windows Media Audio Decoder handles objects.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1508
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1508 yangkang (@dnpushme)


CVE-2020-1559 - Windows Storage Services Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1559
MITRE
NVD
CVE Title: Windows Storage Services Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.

To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Storage Services properly handle file operations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1559
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1559 pgboy


CVE-2020-1575 - Microsoft Office SharePoint XSS Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1575
MITRE
NVD
CVE Title: Microsoft Office SharePoint XSS Vulnerability
Description:

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1575
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Important Spoofing 4484487 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1575 Pham Van Khanh @rskvp93 from Viettel Cyber Security


CVE-2020-1576 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1576
MITRE
NVD
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.

The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1576
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484515 (Security Update) Critical Remote Code Execution 4484479
Base: 8.5
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Critical Remote Code Execution 4484473 Base: 8.5
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486667 (Security Update) Critical Remote Code Execution 4484462
Base: 8.5
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Critical Remote Code Execution 4484487 Base: 8.5
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2010 Service Pack 2 4486664 (Security Update) Critical Remote Code Execution 4484498 Base: 8.5
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Critical Remote Code Execution 4484472 Base: 8.5
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1576 Markus Wulftange (@mwulftange)


CVE-2020-1589 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1589
MITRE
NVD
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1589
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1589 JunGu and ZiMi of Alibaba Orion Security Lab


CVE-2020-1590 - Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1590
MITRE
NVD
CVE Title: Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.

To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application.

The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service handles file operations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1590
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1590 Xuefeng Li (@lxf02942370)


Zhiniang Peng (@edwardzpeng) & Jiadong Lu


Jonas Lykkegård


Fangming Gu (@afang5472)


CVE-2020-1592 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1592
MITRE
NVD
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.

To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1592
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.1
Temporal: 4.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.1
Temporal: 4.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.1
Temporal: 4.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.1
Temporal: 4.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.1
Temporal: 4.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.1
Temporal: 4.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.4
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.1
Temporal: 4.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1592 Clément Rouault @hakril from Exatrack


CVE-2020-1593 - Windows Media Audio Decoder Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1593
MITRE
NVD
CVE Title: Windows Media Audio Decoder Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.

There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.

The security update addresses the vulnerability by correcting how Windows Media Audio Decoder handles objects.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1593
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.6
Temporal: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1593 yangkang (@dnpushme)


CVE-2020-1596 - TLS Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1596
MITRE
NVD
CVE Title: TLS Information Disclosure Vulnerability
Description:

A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel.

To exploit the vulnerability, an attacker would have to conduct a man-in-the-middle attack.

The update addresses the vulnerability by correcting how TLS components use hash algorithms.


FAQ:

What type of information disclosure does the CVE address?

This CVE addresses protocol limitations associated with TLS_DHE ephemeral key reusage which can lead to key disclosure.

Are there any advice regarding using TLS_DHE keys?

The industry has mostly stopped using TLS_DHE. Microsoft advises customers to disable TLS_DHE .


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1596
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1596 Robert Merget (Ruhr University Bochum), Marcus Brinkmann (Ruhr University Bochum), Nimrod Aviram (Tel Aviv University), Juraj Somorovsky (Paderborn University)


CVE-2020-1598 - Windows UPnP Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1598
MITRE
NVD
CVE Title: Windows UPnP Service Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.

The update addresses the vulnerability by correcting how the Windows UPnP service handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1598
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1598 Yuki Chen


CVE-2020-0648 - Windows RSoP Service Application Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0648
MITRE
NVD
CVE Title: Windows RSoP Service Application Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory.

To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.

The security update addresses the vulnerability by correcting how the Windows RSoP Service Application handles memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0648
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0648 Zhiniang Peng (@edwardzpeng) & Haoran Qin


CVE-2020-0664 - Active Directory Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0664
MITRE
NVD
CVE Title: Active Directory Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system.

To exploit this condition, an authenticated attacker would need to send a specially crafted request to the AD|DNS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system.

The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0664
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0664 Dirk-jan Mollema (@_dirkjan)


CVE-2020-0718 - Active Directory Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0718
MITRE
NVD
CVE Title: Active Directory Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account

To exploit the vulnerability, an authenticated attacker could send malicious requests to an Active Directory integrated DNS (ADIDNS) server.

The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0718
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Remote Code Execution 4571736
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Remote Code Execution 4571736
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0718 Dirk-jan Mollema (@_dirkjan)


CVE-2020-0761 - Active Directory Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0761
MITRE
NVD
CVE Title: Active Directory Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account

To exploit the vulnerability, an authenticated attacker could send malicious requests to an Active Directory integrated DNS (ADIDNS) server.

The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0761
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Remote Code Execution 4571736
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Remote Code Execution 4571736
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0761 Dirk-jan Mollema (@_dirkjan)


CVE-2020-0766 - Microsoft Store Runtime Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0766
MITRE
NVD
CVE Title: Microsoft Store Runtime Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.

To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.

The security update addresses the vulnerability by correcting how the Microsoft Store Runtime handles memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0766
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0766 anonymous


CVE-2020-0782 - Windows Cryptographic Catalog Services Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0782
MITRE
NVD
CVE Title: Windows Cryptographic Catalog Services Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The security update addresses the vulnerability by addressing how the Windows Cryptographic Catalog Services handle objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0782
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0782 WenQunWang of Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-0790 - Microsoft splwow64 Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0790
MITRE
NVD
CVE Title: Microsoft splwow64 Elevation of Privilege Vulnerability
Description:

A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.

This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.

The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls..


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0790
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0790 pgboy


CVE-2020-0805 - Projected Filesystem Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0805
MITRE
NVD
CVE Title: Projected Filesystem Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could delete a targeted file they would not have permissions to.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability.

The security update addresses the vulnerability by correcting how Windows Projected Filesystem handle file redirections.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0805
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Security Feature Bypass 4566782
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Security Feature Bypass 4566782
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Security Feature Bypass 4566782
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Security Feature Bypass 4566782
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0805 Jonas Lykkegård


Zhiniang Peng (@edwardzpeng) and Fangming Gu (@afang5472)


0xfff


CVE-2020-0836 - Windows DNS Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0836
MITRE
NVD
CVE Title: Windows DNS Denial of Service Vulnerability
Description:

A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive.

To exploit the vulnerability, an authenticated attacker could send malicious DNS queries to a target, resulting in a denial of service.

The update addresses the vulnerability by correcting how Windows DNS processes queries.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0836
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Denial of Service 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Denial of Service 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Denial of Service 4571736
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Denial of Service 4571736
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Denial of Service 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Denial of Service 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Denial of Service 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Denial of Service 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Denial of Service 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Denial of Service 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Denial of Service 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0836 Quan Luo from Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-0837 - ADFS Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0837
MITRE
NVD
CVE Title: ADFS Spoofing Vulnerability
Description:

A spoofing vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests.

To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors.

This security update corrects how ADFS handles multi-factor authentication requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0837
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Spoofing 4571694
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Spoofing 4571694
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Spoofing 4565349
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Spoofing 4565349
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Spoofing 4565349
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Spoofing 4565351 Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Spoofing 4565351 Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Spoofing 4565351 Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Spoofing 4565351 Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Spoofing 4565351 Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Spoofing 4565351 Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Spoofing 4566782
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Spoofing 4566782
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Spoofing 4566782
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Spoofing 4571694
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Spoofing 4571694
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Spoofing 4565349
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Spoofing 4565349
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Spoofing 4565351 Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Spoofing 4565351 Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Spoofing 4566782
Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0837 Christopher Currens


CVE-2020-0838 - NTFS Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0838
MITRE
NVD
CVE Title: NTFS Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.

The security update addresses the vulnerability by correcting how NTFS checks access.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0838
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0838 Clément Lavoillotte @clavoillotte of Almond


CVE-2020-0839 - Windows dnsrslvr.dll Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0839
MITRE
NVD
CVE Title: Windows dnsrslvr.dll Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the dnsrslvr.dll properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0839
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0839 pgboy (http://weibo.com/pgboy1988) of 360vulcan


CVE-2020-0856 - Active Directory Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0856
MITRE
NVD
CVE Title: Active Directory Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system.

To exploit this condition, an authenticated attacker would need to send a specially crafted request to the AD|DNS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system.

The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0856
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0856 Nicolas Joly of Microsoft Corporation


CVE-2020-0870 - Shell infrastructure component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0870
MITRE
NVD
CVE Title: Shell infrastructure component Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses the vulnerability by correcting the way in which the Shell infrastructure component handles objects in memory and preventing unintended elevation from lower integrity application.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0870
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0870 anonymous researcher


CVE-2020-0875 - Microsoft splwow64 Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0875
MITRE
NVD
CVE Title: Microsoft splwow64 Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity).

This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.

The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0875
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0875 pgboy


CVE-2020-0878 - Microsoft Browser Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0878
MITRE
NVD
CVE Title: Microsoft Browser Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment.

The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0878
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Release Notes (Security Update) Critical Remote Code Execution None Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Internet Explorer 11 on Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 4577010 (IE Cumulative)
4577051 (Monthly Rollup)
Critical Remote Code Execution 4571687
4571729
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 4577010 (IE Cumulative)
4577051 (Monthly Rollup)
Critical Remote Code Execution 4571687
4571729
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 4577010 (IE Cumulative)
4577066 (Monthly Rollup)
Critical Remote Code Execution 4571687
4571703
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 4577010 (IE Cumulative)
4577066 (Monthly Rollup)
Critical Remote Code Execution 4571687
4571703
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows RT 8.1 4577066 (Monthly Rollup) Critical Remote Code Execution 4571703
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577010 (IE Cumulative)
4577051 (Monthly Rollup)
Moderate Remote Code Execution 4571687
4571729
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows Server 2012 4577010 (IE Cumulative)
4577038 (Monthly Rollup)
Moderate Remote Code Execution 4571687
4571736
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows Server 2012 R2 4577010 (IE Cumulative)
4577066 (Monthly Rollup)
Moderate Remote Code Execution 4571687
4571703
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows Server 2016 4577015 (Security Update) Moderate Remote Code Execution 4571694
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 11 on Windows Server 2019 4570333 (Security Update) Moderate Remote Code Execution 4565349
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577010 (IE Cumulative)
Moderate Remote Code Execution 4571730

4571687
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577010 (IE Cumulative)
Moderate Remote Code Execution 4571730

4571687
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2016 4577015 (Security Update) Moderate Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2019 4570333 (Security Update) Moderate Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0878 None

CVE-2020-0886 - Windows Storage Services Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0886
MITRE
NVD
CVE Title: Windows Storage Services Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.

To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Storage Services properly handle file operations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0886
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0886 James Forshaw of Google Project Zero


CVE-2020-0890 - Windows Hyper-V Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0890
MITRE
NVD
CVE Title: Windows Hyper-V Denial of Service Vulnerability
Description:

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.

To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.

The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0890
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Denial of Service 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0890 Daniel Fernandez Kuehr of Blue Frost Security GmbH


Arthur Khudyaev


CVE-2020-0904 - Windows Hyper-V Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0904
MITRE
NVD
CVE Title: Windows Hyper-V Denial of Service Vulnerability
Description:

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.

To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.

The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0904
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Denial of Service 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Denial of Service 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Denial of Service 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Denial of Service 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Denial of Service 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Denial of Service 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Denial of Service 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Denial of Service 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Denial of Service 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0904 Daniel Fernandez Kuehr of Blue Frost Security GmbH


CVE-2020-0908 - Windows Text Service Module Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0908
MITRE
NVD
CVE Title: Windows Text Service Module Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (Chromium-based), and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email.

The security update addresses the vulnerability by correcting how the Windows Text Service Module handles memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0908
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0908 Liu Long of Ant Group Light-Year Security Lab


cc working with Trend Micro's Zero Day Initiative


CVE-2020-0911 - Windows Modules Installer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0911
MITRE
NVD
CVE Title: Windows Modules Installer Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

An attacker could exploit this vulnerability by running a specially crafted application on the victim system.

The update addresses the vulnerability by correcting the way the Windows Modules Installer handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0911
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0911 Clément Lavoillotte @clavoillotte of Almond


CVE-2020-0912 - Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0912
MITRE
NVD
CVE Title: Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.

To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.

The security update addresses the vulnerability by correcting how the Windows Function Discovery SSDP Provider handles memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0912
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0912 Yuki Chen


CVE-2020-0914 - Windows State Repository Service Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0914
MITRE
NVD
CVE Title: Windows State Repository Service Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

An attacker could exploit this vulnerability by running a specially crafted application on the victim system.

The update addresses the vulnerability by correcting the way the Windows State Repository Service handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0914
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0914 Anonymous working with Trend Micro's Zero Day Initiative


CVE-2020-0921 - Microsoft Graphics Component Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0921
MITRE
NVD
CVE Title: Microsoft Graphics Component Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0921
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0921 Wayne Low of Fortinet’s FortiGuard Labs


CVE-2020-0922 - Microsoft COM for Windows Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0922
MITRE
NVD
CVE Title: Microsoft COM for Windows Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.

To exploit the vulnerability, a user would have to open a specially crafted file or lure the target to a website hosting malicious JavaScript.

The security update addresses the vulnerability by correcting how Microsoft COM for Windows handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0922
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Critical Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0922 Yuki Chen working with 360 BugCloud


CVE-2020-0928 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0928
MITRE
NVD
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0928
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0928 Guopengfei from Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-0941 - Win32k Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0941
MITRE
NVD
CVE Title: Win32k Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application.

The security update addresses the vulnerability by correcting how win32k handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0941
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0941 Liu Wang


CVE-2020-0951 - Windows Defender Application Control Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0951
MITRE
NVD
CVE Title: Windows Defender Application Control Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.

To exploit the vulnerability, an attacker need administrator access on a local machine where PowerShell is running. The attacker could then connect to a PowerShell session and send commands to execute arbitrary code.

The update addresses the vulnerability by correcting how PowerShell commands are validated when WDAC protection is enabled.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0951
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Security Feature Bypass 4571694
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Security Feature Bypass 4571694
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Security Feature Bypass 4571741 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Security Feature Bypass 4571741 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Security Feature Bypass 4571741 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Security Feature Bypass 4571709 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Security Feature Bypass 4571709 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Security Feature Bypass 4571709 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Security Feature Bypass 4565349
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Security Feature Bypass 4565349
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Security Feature Bypass 4565349
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Security Feature Bypass 4565351 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Security Feature Bypass 4565351 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Security Feature Bypass 4565351 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Security Feature Bypass 4565351 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Security Feature Bypass 4565351 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Security Feature Bypass 4565351 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Security Feature Bypass 4566782
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Security Feature Bypass 4566782
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Security Feature Bypass 4566782
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Security Feature Bypass 4571694
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Security Feature Bypass 4571694
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Security Feature Bypass 4565349
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Security Feature Bypass 4565349
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Security Feature Bypass 4565351 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Security Feature Bypass 4565351 Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Security Feature Bypass 4566782
Base: 6.7
Temporal: 6.0
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0951 Paul Higinbotham


CVE-2020-0989 - Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0989
MITRE
NVD
CVE Title: Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to read files.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and access files.

The security update addresses the vulnerability by correcting the how Windows MDM Diagnostics handles files.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0989
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0989 Jonas Lykkegård


Zhiniang Peng (@edwardzpeng)


CVE-2020-0997 - Windows Camera Codec Pack Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0997
MITRE
NVD
CVE Title: Windows Camera Codec Pack Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of the Windows Camera Codec Pack. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how the Windows Camera Codec Pack handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0997
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0997 Dhanesh Kizhakkinan of FireEye Inc


Hossein Lotfi of Trend Micro's Zero Day Initiative


CVE-2020-0998 - Windows Graphics Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-0998
MITRE
NVD
CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system.

The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-0998
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-0998 Linshuang Li


Zhang WangJunJie and He YiShen of Hillstone Network Neuron Security Team


CVE-2020-1012 - WinINet API Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1012
MITRE
NVD
CVE Title: WinINet API Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

There are multiple ways an attacker could exploit the vulnerability:

  • In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.

  • In a file sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit this vulnerability, and then convince a user to open the document file.

The security update addresses the vulnerability by ensuring the Wininit.dll properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1012
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Internet Explorer 11 on Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577010 (IE Cumulative)
Important Elevation of Privilege 4571729

4571687
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577010 (IE Cumulative)
Important Elevation of Privilege 4571729

4571687
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 4577010 (IE Cumulative)
4577066 (Monthly Rollup)
Important Elevation of Privilege 4571687
4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 4577010 (IE Cumulative)
4577066 (Monthly Rollup)
Important Elevation of Privilege 4571687
4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577010 (IE Cumulative)
Low Elevation of Privilege 4571729

4571687
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 4577010 (IE Cumulative)
4577038 (Monthly Rollup)
Low Elevation of Privilege 4571687
4571736
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 R2 4577010 (IE Cumulative)
4577066 (Monthly Rollup)
Low Elevation of Privilege 4571687
4571703
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2016 4577015 (Security Update) Low Elevation of Privilege 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2019 4570333 (Security Update) Low Elevation of Privilege 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1012 pgboy (http://weibo.com/pgboy1988) of 360vulcan


CVE-2020-1013 - Group Policy Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1013
MITRE
NVD
CVE Title: Group Policy Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.

To exploit this vulnerability, an attacker would need to launch a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine. An attacker could then create a group policy to grant administrator rights to a standard user.

The security update addresses the vulnerability by enforcing Kerberos authentication for certain calls over LDAP.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1013
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1013 Maxime Nadeau, Julien Pineault and Mathieu Novis of GoSecure, inc.


CVE-2020-1030 - Windows Print Spooler Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1030
MITRE
NVD
CVE Title: Windows Print Spooler Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.

The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1030
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1030 Victor Mata of FusionX, Accenture Security


JeongOh Kyea (@kkokkokye) of THEORI


CVE-2020-1031 - Windows DHCP Server Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1031
MITRE
NVD
CVE Title: Windows DHCP Server Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory.

To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

The security update addresses the vulnerability by correcting how DHCP servers initializes memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1031
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1031 WenQunWang from Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-1033 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1033
MITRE
NVD
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

An authenticated attacker could exploit this vulnerability by running a specially crafted application.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1033
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.0
Temporal: 4.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 4.0
Temporal: 3.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1033 Microsoft Product Security & Vulnerability Research


CVE-2020-1034 - Windows Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1034
MITRE
NVD
CVE Title: Windows Kernel Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1034
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1034 Microsoft Product Security & Vulnerability Research


CVE-2020-1038 - Windows Routing Utilities Denial of Service

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1038
MITRE
NVD
CVE Title: Windows Routing Utilities Denial of Service
Description:

A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding.

The update addresses the vulnerability by correcting how Windows handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1038
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Denial of Service 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Denial of Service 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Denial of Service 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Denial of Service 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Denial of Service 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Denial of Service 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Denial of Service 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Denial of Service 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Denial of Service 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Denial of Service 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Denial of Service 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Denial of Service 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Denial of Service 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Denial of Service 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Denial of Service 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Denial of Service 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Denial of Service 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Denial of Service 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Denial of Service 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Denial of Service 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Denial of Service 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Denial of Service 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Denial of Service 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Denial of Service 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Denial of Service 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Denial of Service 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Denial of Service 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1038 Xuefeng Li (@lxf02942370)


CVE-2020-1039 - Jet Database Engine Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1039
MITRE
NVD
CVE Title: Jet Database Engine Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.

The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1039
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Remote Code Execution 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Remote Code Execution 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Remote Code Execution 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Remote Code Execution 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1039 Hossein Lotfi of Trend Micro's Zero Day Initiative


CVE-2020-1044 - SQL Server Reporting Services Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1044
MITRE
NVD
CVE Title: SQL Server Reporting Services Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists in SQL Server Reporting Services (SSRS) when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an administrator.

To exploit the vulnerability, an authenticated attacker would need to send a specially crafted request to an affected SSRS server.

The update addresses the vulnerability by modifying how SSRS validates attachment uploads.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Moderate Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1044
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
SQL Server 2017 Reporting Services Release Notes (Security Update) Moderate Security Feature Bypass None Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Maybe
SQL Server 2019 Reporting Services Release Notes (Security Update) Moderate Security Feature Bypass None Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1044 Piotr Cielas


CVE-2020-1045 - Microsoft ASP.NET Core Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1045
MITRE
NVD
CVE Title: Microsoft ASP.NET Core Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.

The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.

The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1045
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ASP.NET Core 2.1 Release Notes (Security Update) Important Security Feature Bypass None Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Maybe
ASP.NET Core 3.1 Release Notes (Security Update) Important Security Feature Bypass None Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1045 Matt Langlois of Github Security Team


CVE-2020-1052 - Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1052
MITRE
NVD
CVE Title: Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the ssdpsrv.dll properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1052
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1052 Yuki Chen


WenQunWang of Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-1053 - DirectX Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1053
MITRE
NVD
CVE Title: DirectX Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses the vulnerability by correcting how DirectX handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1053
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1053 Jaeseung Choi, Kangsu Kim, Daejin Lee and Sang Kil Cha (https://softsec.kaist.ac.kr)


CVE-2020-1057 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1057
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1057
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Release Notes (Security Update) Critical Remote Code Execution None Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2016 4577015 (Security Update) Moderate Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2019 4570333 (Security Update) Moderate Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1057 None

CVE-2020-1074 - Jet Database Engine Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1074
MITRE
NVD
CVE Title: Jet Database Engine Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.

The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1074
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Remote Code Execution 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Remote Code Execution 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Remote Code Execution 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Remote Code Execution 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1074 Zhibin Zhang of Palo Alto Networks


Hossein Lotfi of Trend Micro's Zero Day Initiative


CVE-2020-1083 - Microsoft Graphics Component Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1083
MITRE
NVD
CVE Title: Microsoft Graphics Component Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1083
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1083 Ke Liu of Tencent Security Xuanwu Lab


CVE-2020-1091 - Windows Graphics Component Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1091
MITRE
NVD
CVE Title: Windows Graphics Component Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.

There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.

The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1091
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1091 0xfff


CVE-2020-1097 - Windows Graphics Component Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1097
MITRE
NVD
CVE Title: Windows Graphics Component Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.

There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.

The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1097
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1097 0xfff


CVE-2020-1098 - Windows Shell Infrastructure Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1098
MITRE
NVD
CVE Title: Windows Shell Infrastructure Component Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses the vulnerability by correcting the way in which the Shell infrastructure component handles objects in memory and preventing unintended elevation from lower integrity application.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1098
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1098 Anonymous researcher


CVE-2020-1115 - Windows Common Log File System Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1115
MITRE
NVD
CVE Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.

The security update addresses the vulnerability by correcting how CLFS handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1115
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1115 Marcin “Icewall” Noga of Cisco Talos


CVE-2020-1119 - Windows Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1119
MITRE
NVD
CVE Title: Windows Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when StartTileData.dll improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

The update addresses the vulnerability by correcting the way in which StartTileData.dll handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1119
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1119 Guest Anonymous


CVE-2020-1122 - Windows Language Pack Installer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1122
MITRE
NVD
CVE Title: Windows Language Pack Installer Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

An attacker could exploit this vulnerability by running a specially crafted application on the victim system.

The update addresses the vulnerability by correcting the way the Windows Language Pack Installer handles file operations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1122
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1122 Xuefeng Li (@lxf02942370)


CVE-2020-1129 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1129
MITRE
NVD
CVE Title: Microsoft Windows Codecs Library Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Exploitation of the vulnerability requires that a program process a specially crafted image file.

The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1129
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1129 Hossein Lotfi of Trend Micro Zero Day Initiative


CVE-2020-1130 - Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1130
MITRE
NVD
CVE Title: Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

An attacker could exploit this vulnerability by running a specially crafted application on the victim system.

The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1130
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Visual Studio 2015 Update 3 4576950 (Security Update) Important Elevation of Privilege None Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Important Elevation of Privilege None Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Release Notes (Security Update) Important Elevation of Privilege None Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Release Notes (Security Update) Important Elevation of Privilege None Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Maybe
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1130 Outlaw


Yuki Chen working with 360 BugCloud


CVE-2020-1133 - Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1133
MITRE
NVD
CVE Title: Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

An attacker could exploit this vulnerability by running a specially crafted application on the victim system.

The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1133
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Visual Studio 2015 Update 3 4576950 (Security Update) Important Elevation of Privilege None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Important Elevation of Privilege None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Release Notes (Security Update) Important Elevation of Privilege None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Release Notes (Security Update) Important Elevation of Privilege None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1133 Yuki Chen working with 360 BugCloud


CVE-2020-1146 - Microsoft Store Runtime Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1146
MITRE
NVD
CVE Title: Microsoft Store Runtime Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.

To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.

The security update addresses the vulnerability by correcting how the Microsoft Store Runtime handles memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1146
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1146 Zhiniang Peng (@edwardzpeng) and Fangming Gu (@afang5472)


CVE-2020-1152 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1152
MITRE
NVD
CVE Title: Windows Win32k Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.

To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.

The update addresses the vulnerability by correcting how Windows handles calls to Win32k.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1152
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.8
Temporal: 5.2
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1152 Jarvis_1oop of Pinduoduo Security Research Lab


CVE-2020-1159 - Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1159
MITRE
NVD
CVE Title: Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the StartTileData.dll properly handles this type of function.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1159
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1159 None

CVE-2020-1169 - Windows Runtime Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1169
MITRE
NVD
CVE Title: Windows Runtime Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

An attacker could exploit this vulnerability by running a specially crafted application on the victim system.

The update addresses the vulnerability by correcting the way the Windows Runtime handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1169
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1169 Shefang Zhong


CVE-2020-1172 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1172
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1172
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Release Notes (Security Update) Critical Remote Code Execution None Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2016 4577015 (Security Update) Moderate Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2019 4570333 (Security Update) Moderate Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1172 None

CVE-2020-1180 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1180
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1180
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Release Notes (Security Update) Important Remote Code Execution None Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems 4577049 (Security Update) Important Remote Code Execution 4571692 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems 4577049 (Security Update) Important Remote Code Execution 4571692 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Remote Code Execution 4571741 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Remote Code Execution 4571709 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Remote Code Execution 4565351 Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Remote Code Execution 4566782
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2016 4577015 (Security Update) Low Remote Code Execution 4571694
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2019 4570333 (Security Update) Low Remote Code Execution 4565349
Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1180 None

CVE-2020-1193 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1193
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office for Mac currently available?

The security update for Microsoft Office 2016 for Mac and Microsoft Office 2019 for Mac are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1193
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4484530 (Security Update) Important Remote Code Execution 4484373 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4484530 (Security Update) Important Remote Code Execution 4484373 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 RT Service Pack 1 4484469 (Security Update) Important Remote Code Execution 4484351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4484469 (Security Update) Important Remote Code Execution 4484351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4484469 (Security Update) Important Remote Code Execution 4484351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4484466 (Security Update) Important Remote Code Execution 4484342 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4484466 (Security Update) Important Remote Code Execution 4484342 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 for Mac Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for Mac Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1193 ecN4L working with Trend Micro's Zero Day Initiative


CVE-2020-1198 - Microsoft Office SharePoint XSS Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1198
MITRE
NVD
CVE Title: Microsoft Office SharePoint XSS Vulnerability
Description:

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1198
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484515 (Security Update) Important Spoofing 4484479
Base: 7.4
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Important Spoofing 4484473 Base: 7.4
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update)
4484488 (Security Update)
Important Spoofing 4484487
4484411
Base: 7.4
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update)
4484504 (Security Update)
Important Spoofing 4484472
Base: 7.4
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1198 Huynh Phuoc Hung, @hph0var


CVE-2020-1200 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1200
MITRE
NVD
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.

The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1200
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Critical Remote Code Execution 4484473 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486667 (Security Update) Critical Remote Code Execution 4484462
Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Critical Remote Code Execution 4484487 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Critical Remote Code Execution 4484472 Base: 8.6
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1200 Oleksandr Mirosh (@olekmirosh) from Micro Focus Fortify


CVE-2020-1205 - Microsoft SharePoint Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1205
MITRE
NVD
CVE Title: Microsoft SharePoint Spoofing Vulnerability
Description:

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1205
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Important Spoofing 4484473 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486667 (Security Update) Important Spoofing 4484462
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Important Spoofing 4484487 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Important Spoofing 4484472 Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1205 Huynh Phuoc Hung, @hph0var


CVE-2020-1210 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1210
MITRE
NVD
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.

The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1210
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Business Productivity Servers 2010 Service Pack 2 3101523 (Security Update) Critical Remote Code Execution None Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484480 (Security Update) Critical Remote Code Execution 4484353 Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update)
4484512 (Security Update)
Critical Remote Code Execution 4484473
4484476
Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2010 Service Pack 2 4486664 (Security Update) Critical Remote Code Execution 4484498 Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update)
4484504 (Security Update)
Critical Remote Code Execution 4484472
Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1210 Jonathan Birch of Microsoft Office Security Team




CVE-2020-1218 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1218
MITRE
NVD
CVE Title: Microsoft Word Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office for Mac currently available?

The security update for Microsoft Office 2016 for Mac and Microsoft Office 2019 for Mac are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1218
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4484533 (Security Update) Important Remote Code Execution 4484492 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4484533 (Security Update) Important Remote Code Execution 4484492 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 for Mac Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for Mac Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Microsoft Office Online Server 4484503 (Security Update) Important Remote Code Execution 4484470 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2010 Service Pack 2 4486661 (Security Update) Important Remote Code Execution 4484495 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2013 Service Pack 1 4484481 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484514 (Security Update) Important Remote Code Execution 4484478 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update)
4484512 (Security Update)
Important Remote Code Execution 4484473
4484476
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2010 Service Pack 2 4484528 (Security Update) Important Remote Code Execution 4484490 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update)
4484504 (Security Update)
Important Remote Code Execution 4484472
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2010 Service Pack 2 (32-bit editions) 4486660 (Security Update) Important Remote Code Execution 4484494 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2010 Service Pack 2 (64-bit editions) 4486660 (Security Update) Important Remote Code Execution 4484494 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2013 RT Service Pack 1 4484522 (Security Update) Important Remote Code Execution 4484484 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2013 Service Pack 1 (32-bit editions) 4484522 (Security Update) Important Remote Code Execution 4484484 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2013 Service Pack 1 (64-bit editions) 4484522 (Security Update) Important Remote Code Execution 4484484 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2016 (32-bit edition) 4484510 (Security Update) Important Remote Code Execution 4484474 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2016 (64-bit edition) 4484510 (Security Update) Important Remote Code Execution 4484474 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1218 Haifei Li of McAfee IPS Security Research Team


CVE-2020-1224 - Microsoft Excel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1224
MITRE
NVD
CVE Title: Microsoft Excel Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.

To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created.

The update addresses the vulnerability by changing the way certain Excel functions handle objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office for Mac currently available?

The security update for Microsoft Office 2016 for Mac and Microsoft Office 2019 for Mac are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1224
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Information Disclosure None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Information Disclosure None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4486665 (Security Update) Important Information Disclosure 4484461 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4486665 (Security Update) Important Information Disclosure 4484461 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4484526 (Security Update) Important Information Disclosure 4484449 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4484526 (Security Update) Important Information Disclosure 4484449 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4484526 (Security Update) Important Information Disclosure 4484449 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4484507 (Security Update) Important Information Disclosure 4484465 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4484507 (Security Update) Important Information Disclosure 4484465 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 for Mac Important Information Disclosure None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Unknown
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Information Disclosure None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Information Disclosure None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
No
Microsoft Office 2019 for Mac Important Information Disclosure None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Unknown
Microsoft Office Online Server 4484503 (Security Update) Important Information Disclosure 4484470 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2013 Service Pack 1 4484518 (Security Update) Important Information Disclosure 4484481 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484516 (Security Update) Important Information Disclosure 4484183 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1224 Jinquan(@jq0904) of DBAPPSecurity Co., Ltd


CVE-2020-1227 - Microsoft Office SharePoint XSS Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1227
MITRE
NVD
CVE Title: Microsoft Office SharePoint XSS Vulnerability
Description:

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1227
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484515 (Security Update) Important Spoofing 4484479
Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Important Spoofing 4484473 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Important Spoofing 4484472 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1227 Huynh Phuoc Hung, @hph0var


CVE-2020-1228 - Windows DNS Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1228
MITRE
NVD
CVE Title: Windows DNS Denial of Service Vulnerability
Description:

A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive.

To exploit the vulnerability, an authenticated attacker could send malicious DNS queries to a target, resulting in a denial of service.

The update addresses the vulnerability by correcting how Windows DNS processes queries.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1228
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Denial of Service 4571730
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Denial of Service 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Denial of Service 4571729
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Denial of Service 4571736
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Denial of Service 4571736
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Denial of Service 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Denial of Service 4571703
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Denial of Service 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Denial of Service 4571694
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Denial of Service 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Denial of Service 4565349
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Denial of Service 4565351 Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Denial of Service 4566782
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1228 Quan Luo from Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-1245 - Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1245
MITRE
NVD
CVE Title: Win32k Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses this vulnerability by correcting how Win32k handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1245
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Elevation of Privilege 4571730
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Elevation of Privilege 4571729
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Elevation of Privilege 4571736
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Elevation of Privilege 4571703
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1245 None

CVE-2020-1250 - Win32k Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1250
MITRE
NVD
CVE Title: Win32k Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

The security update addresses the vulnerability by correcting how win32k handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1250
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Important Information Disclosure 4571730
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1250 Guopengfei from Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-1252 - Windows Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1252
MITRE
NVD
CVE Title: Windows Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited this vulnerability could take control of an affected system.

To exploit the vulnerability, an attacker would first have to log on to the target system and then run a specially crafted application.

The updates address the vulnerability by correcting how Windows handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1252
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Critical Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1252 Kakushi Gotou


CVE-2020-1256 - Windows GDI Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1256
MITRE
NVD
CVE Title: Windows GDI Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.

The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1256
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Important Information Disclosure 4571729
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Important Information Disclosure 4571736
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1256 0xfff


CVE-2020-1285 - GDI+ Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1285
MITRE
NVD
CVE Title: GDI+ Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

There are multiple ways an attacker could exploit the vulnerability:

  • In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to open an email attachment or click a link in an email or instant message.
  • In a file-sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file.

The security update addresses the vulnerability by correcting the way that the Windows GDI handles objects in the memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1285
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Critical Remote Code Execution 4571703
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1285 0xfff


CVE-2020-1303 - Windows Runtime Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1303
MITRE
NVD
CVE Title: Windows Runtime Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

An attacker could exploit this vulnerability by running a specially crafted application on the victim system.

The update addresses the vulnerability by correcting the way the Windows Runtime handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1303
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1303 Georgios Baltas of MSRC Vulnerabilities & Mitigations Team


CVE-2020-1308 - DirectX Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1308
MITRE
NVD
CVE Title: DirectX Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses the vulnerability by correcting how DirectX handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1308
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Elevation of Privilege 4571692 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Elevation of Privilege 4571741 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Elevation of Privilege 4571709 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Elevation of Privilege 4571694
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Elevation of Privilege 4565349
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Elevation of Privilege 4565351 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Elevation of Privilege 4566782
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1308 liuxiaoliang and pjf


CVE-2020-1319 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1319
MITRE
NVD
CVE Title: Microsoft Windows Codecs Library Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Exploitation of the vulnerability requires that a program process a specially crafted image file.

The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory.


FAQ:

Is Windows vulnerable in the default configuration?

Only customers who have installed the optional "VP9 Video Extension" media codec from Microsoft Store may be vulnerable.

How do I get the updated Windows Media Codec?

Affected customers will be automatically updated by Microsoft Store. Customers do not need to take any action to receive the update.

Alternatively, customers who want to receive the update immediately can check for updates with the Microsoft Store App; more information on this process can be found here.

Why are these security updates offered to affected clients via the Microsoft Store and not Windows Update?

These updates are for optional apps/components that are offered to customers as a download via the Microsoft Store. Updates for optional store apps/components are provided via the Microsoft Store.

My server is in a disconnected environment, is it vulnerable?

AV1 is not available for offline distribution and not supported on Windows Server. Users should not have it installed in these environments. Enterprise customers using Store for Business will receive the update in the same manner as consumer Store.

Why are these updates being offered outside of Update Tuesday?

Servicing for store apps/components does not follow the monthly “Update Tuesday” cadence, but are offered whenever necessary.

Are these updates for Microsoft store apps/components offered automatically when an affected component is on the system?

Yes. However, it is possible to turn off automatic updating for store apps. In that scenario, these updates would not be installed automatically.

How can I check from PowerShell if the update is installed?

The following command will display the version of the installed package:

Get-AppxPackage -Name Microsoft.VP9VideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1319
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Critical Remote Code Execution 4571692 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Critical Remote Code Execution 4571741 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Critical Remote Code Execution 4571709 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Critical Remote Code Execution 4571703
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4577064 (Monthly Rollup)
4577070 (Security Only)
Critical Remote Code Execution 4571730
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4577051 (Monthly Rollup)
4577053 (Security Only)
Critical Remote Code Execution 4571729
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4577038 (Monthly Rollup)
4577048 (Security Only)
Critical Remote Code Execution 4571736
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Critical Remote Code Execution 4571703
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Critical Remote Code Execution 4571694
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Critical Remote Code Execution 4565349
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Critical Remote Code Execution 4565351 Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Critical Remote Code Execution 4566782
Base: 7.3
Temporal: 6.6
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1319 Keqi Hu


Simon Barsky @expend20


Wen guang Jiao working with Trend Micro's Zero Day Initiative


Le Huu Quang Linh (@linhlhq) from VinCSS (Member of Vingroup)


CVE-2020-1332 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1332
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1332
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4486665 (Security Update) Important Remote Code Execution 4484461 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4486665 (Security Update) Important Remote Code Execution 4484461 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4484507 (Security Update) Important Remote Code Execution 4484465 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4484507 (Security Update) Important Remote Code Execution 4484465 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1332 marxixing of Kingsoft Cloud Security Team (@marxixing)


CVE-2020-1335 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1335
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1335
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4486665 (Security Update) Important Remote Code Execution 4484461 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4486665 (Security Update) Important Remote Code Execution 4484461 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4484507 (Security Update) Important Remote Code Execution 4484465 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4484507 (Security Update) Important Remote Code Execution 4484465 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4484532 (Security Update) Important Remote Code Execution 4484375 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4484532 (Security Update) Important Remote Code Execution 4484375 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 RT Service Pack 1 4484517 (Security Update) Important Remote Code Execution 4484354 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4484517 (Security Update) Important Remote Code Execution 4484354 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4484517 (Security Update) Important Remote Code Execution 4484354 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4484513 (Security Update) Important Remote Code Execution 4484346 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4484513 (Security Update) Important Remote Code Execution 4484346 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office Online Server 4484503 (Security Update) Important Remote Code Execution 4484470 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2013 Service Pack 1 4484518 (Security Update) Important Remote Code Execution 4484481 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Important Remote Code Execution 4484472 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1335 Jinquan(@jq0904) of DBAPPSecurity Co., Ltd


CVE-2020-1338 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1338
MITRE
NVD
CVE Title: Microsoft Word Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office for Mac currently available?

The security update for Microsoft Office 2016 for Mac and Microsoft Office 2019 for Mac are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1338
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2016 for Mac Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for Mac Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Unknown
Microsoft Office Online Server 4484503 (Security Update) Important Remote Code Execution 4484470 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update)
4484504 (Security Update)
Important Remote Code Execution 4484472
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1338 Anonymous working with Trend Micro's Zero Day Initiative


CVE-2020-1440 - Microsoft SharePoint Server Tampering Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1440
MITRE
NVD
CVE Title: Microsoft SharePoint Server Tampering Vulnerability
Description:

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data.

To exploit the vulnerability, an attacker would need to be authenticated on an affected SharePoint Server. The attacker would then need to send a specially modified request to the server, targeting a specific user.

The security update addresses the vulnerability by modifying how Microsoft SharePoint Server handles profile data.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Tampering

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1440
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484515 (Security Update) Important Tampering 4484479
Base: 6.3
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Important Tampering 4484473 Base: 6.3
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2010 Service Pack 2 4486664 (Security Update) Important Tampering 4484498 Base: 6.3
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Important Tampering 4484472 Base: 6.3
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1440 Steven Seeley (mr_me) of Source Incite


CVE-2020-1482 - Microsoft Office SharePoint XSS Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1482
MITRE
NVD
CVE Title: Microsoft Office SharePoint XSS Vulnerability
Description:

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1482
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Important Spoofing 4484473 Base: 6.3
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486667 (Security Update) Important Spoofing 4484462
Base: 6.3
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Important Spoofing 4484487 Base: 6.3
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Important Spoofing 4484472 Base: 6.3
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1482 Huynh Phuoc Hung, @hph0var


CVE-2020-1514 - Microsoft Office SharePoint XSS Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1514
MITRE
NVD
CVE Title: Microsoft Office SharePoint XSS Vulnerability
Description:

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1514
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Important Spoofing 4484473 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Important Spoofing 4484487 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Important Spoofing 4484472 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1514 Huynh Phuoc Hung, @hph0var


CVE-2020-1523 - Microsoft SharePoint Server Tampering Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1523
MITRE
NVD
CVE Title: Microsoft SharePoint Server Tampering Vulnerability
Description:

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data.

To exploit the vulnerability, an attacker would need to be authenticated on an affected SharePoint Server. The attacker would then need to send a specially modified request to the server, targeting a specific user.

The security update addresses the vulnerability by modifying how Microsoft SharePoint Server handles profile data.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Tampering

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1523
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Server 2019 4484505 (Security Update) Important Tampering 4484472 Base: 8.9
Temporal: 8.0
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1523 Steven Seeley (mr_me) of Source Incite


CVE-2020-1594 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1594
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1594
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4486665 (Security Update) Important Remote Code Execution 4484461 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4486665 (Security Update) Important Remote Code Execution 4484461 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4484526 (Security Update) Important Remote Code Execution 4484449 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4484507 (Security Update) Important Remote Code Execution 4484465 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4484507 (Security Update) Important Remote Code Execution 4484465 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1594 kdot working with Trend Micro's Zero Day Initiative


CVE-2020-1595 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1595
MITRE
NVD
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

Exploitation of this vulnerability requires that a user access a susceptible API on an affected version of SharePoint with specially-formatted input.

The security update addresses the vulnerability by correcting how SharePoint handles deserialization of untrusted data.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1595
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4484515 (Security Update) Critical Remote Code Execution 4484479
Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4484506 (Security Update) Critical Remote Code Execution 4484473 Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4484525 (Security Update) Critical Remote Code Execution 4484487 Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4484505 (Security Update) Critical Remote Code Execution 4484472 Base: 9.9
Temporal: 8.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1595 Markus Wulftange (@mwulftange)


CVE-2020-16851 - OneDrive for Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16851
MITRE
NVD
CVE Title: OneDrive for Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.

The update addresses this vulnerability by correcting where the OneDrive updater performs file writes while running with elevation.


FAQ:

Do I need to take any action to protect myself from this vulnerability?

Most customers have been protected from this vulnerability because OneDrive has its own updater that periodically checks and updates the OneDrive binary. If your network is air-gapped, you can update the binary from the link in the Security Updates table.

In which situations does this vulnerability apply?

This vulnerability only applies when OneDrive is installed per machine and does not apply to the default per user install. Please see Per Machine Installation for more information.


Which release contains the updates to protect against the vulnerability?

20.170.0824.0001 is the minimum version. The version and all new versions are protected from this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16851
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
OneDrive for Windows Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16851 Zhiniang Peng (@edwardzpeng) and Fangming Gu (@afang5472)


CVE-2020-16852 - OneDrive for Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16852
MITRE
NVD
CVE Title: OneDrive for Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.

The update addresses this vulnerability by correcting where the OneDrive updater performs file writes while running with elevation.


FAQ:

Do I need to take any action to protect myself from this vulnerability?

Most customers have been protected from this vulnerability because OneDrive has its own updater that periodically checks and updates the OneDrive binary. If your network is air-gapped, you can update the binary from the link in the Security Updates table.

In which situations does this vulnerability apply?

This vulnerability only applies when OneDrive is installed per machine and does not apply to the default per user install. Please see Per Machine Installation for more information.


Which release contains the updates to protect against the vulnerability?

20.170.0824.0001 is the minimum version. The version and all new versions are protected from this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16852
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
OneDrive for Windows Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16852 Zhiniang Peng (@edwardzpeng) and Fangming Gu (@afang5472)


CVE-2020-16853 - OneDrive for Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16853
MITRE
NVD
CVE Title: OneDrive for Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.

The update addresses this vulnerability by correcting where the OneDrive updater performs file writes while running with elevation.


FAQ:

Do I need to take any action to protect myself from this vulnerability?

Most customers have been protected from this vulnerability because OneDrive has its own updater that periodically checks and updates the OneDrive binary. If your network is air-gapped, you can update the binary from the link in the Security Updates table.

In which situations does this vulnerability apply?

This vulnerability only applies when OneDrive is installed per machine and does not apply to the default per user install. Please see Per Machine Installation for more information.


Which release contains the updates to protect against the vulnerability?

20.170.0824.0001 is the minimum version. The version and all new versions are protected from this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16853
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
OneDrive for Windows Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16853 Zhiniang Peng (@edwardzpeng) and Fangming Gu (@afang5472)


CVE-2020-16854 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16854
MITRE
NVD
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16854
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4577049 (Security Update) Important Information Disclosure 4571692 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4577041 (Security Update) Important Information Disclosure 4571741 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4577032 (Security Update) Important Information Disclosure 4571709 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4577066 (Monthly Rollup) Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4577066 (Monthly Rollup)
4577071 (Security Only)
Important Information Disclosure 4571703
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4577015 (Security Update) Important Information Disclosure 4571694
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4570333 (Security Update) Important Information Disclosure 4565349
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4574727 (Security Update) Important Information Disclosure 4565351 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4571756 (Security Update) Important Information Disclosure 4566782
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16854 Stephen Fewer of Relyze


CVE-2020-16855 - Microsoft Office Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16855
MITRE
NVD
CVE Title: Microsoft Office Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.

The security update addresses the vulnerability by properly initializing the affected variable.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office for Mac currently available?

The security update for Microsoft Office 2016 for Mac and Microsoft Office 2019 for Mac are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16855
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2016 for Mac Important Information Disclosure None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Unknown
Microsoft Office 2019 for Mac Important Information Disclosure None Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16855 0xfff


CVE-2020-16871 - Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16871
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current authenticated user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16871
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8.2 4577501 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Dynamics 365 (on-premises) version 9.0 4574742 (Security Update) Important Spoofing None Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16871 SURESH C


CVE-2020-16873 - Xamarin.Forms Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16873
MITRE
NVD
CVE Title: Xamarin.Forms Spoofing Vulnerability
Description:

A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106. This vulnerability could allow an attacker to execute arbitrary Javascript code on a target system.

For the attack to be successful, the targeted user would need to browse to a malicious website or a website serving the malicious code through Xamarin.Forms.

The security update addresses this vulnerability by preventing the malicious Javascript from running in the WebView.


FAQ:
None
Mitigations:

Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16873
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
xamarin.forms Release Notes (Security Update) Important Spoofing None Base: 4.7
Temporal: 4.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N/E:F/RL:O/RC:C/CR:M/MAV:N/MAC:L/MPR:N/MUI:R/MS:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16873 Alesandro Ortiz


CVE-2020-16874 - Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16874
MITRE
NVD
CVE Title: Visual Studio Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.

The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16874
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Visual Studio 2012 Update 5 4571479 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2013 Update 5 4571480 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2015 Update 3 4571481 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.0 Release Notes (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Release Notes (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Release Notes (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16874 Anonymous working with Trend Micro's Zero Day Initiative


Wen guang Jiao working with Trend Micro's Zero Day Initiative


CVE-2020-16875 - Microsoft Exchange Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16875
MITRE
NVD
CVE Title: Microsoft Exchange Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view, change, or delete data; or create new accounts.

Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Exchange server.

The security update addresses the vulnerability by correcting how Microsoft Exchange handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16875
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Exchange Server 2016 Cumulative Update 16 4577352 (Security Update) Critical Remote Code Execution 4540123
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 17 4577352 (Security Update) Critical Remote Code Execution 4540123
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 5 4577352 (Security Update) Critical Remote Code Execution 4540123
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 6 4577352 (Security Update) Critical Remote Code Execution 4540123
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16875 Steven Seeley (mr_me) of Source Incite


CVE-2020-16884 - Internet Explorer Browser Helper Object (BHO) Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16884
MITRE
NVD
CVE Title: Internet Explorer Browser Helper Object (BHO) Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The security update addresses the vulnerability by modifying how the IEToEdge BHO plug-in handles objects in memory.


FAQ:

What is the IEToEdgeBHO plugin?

The IEToEdgeBHO plugin is a Browser Helper Object, which is a plugin that runs inside Internet Explorer. This plugin causes Internet Explorer to switch to Microsoft Edge (Chromium) for sites that no longer work optimally on Internet Explorer.

Who is affected by this vulnerability?

Users who have both Internet Explorer and Microsoft Edge (Chromium), and who use Internet Explorer to browse the Internet, are affected by this vulnerability. Users who only have Internet Explorer or Microsoft Edge (Chromium) installed are not affected.

**How can I be protected from this vulnerability?

Users who are running both Internet Explorer and Microsoft Edge (Chromium) need to have Microsoft Edge Stable Channel v85.0.564.44, available as of August 31, installed to be protected from this vulnerability. This build includes the update for the BHO plugin that addresses this vulnerability.

How can I see the version of Microsoft Edge?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-09-08T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16884
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Release Notes (Security Update) Important Remote Code Execution None Base: 4.2
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
No

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16884 Michael Maltsev of ZecOps