Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

Tag CVE ID CVE Title
.NET Framework CVE-2020-16937 .NET Framework Information Disclosure Vulnerability
Adobe Flash Player ADV200012 October 2020 Adobe Flash Security Update
Azure CVE-2020-16995 Network Watcher Agent Virtual Machine Extension for Linux Elevation of Privilege Vulnerability
Azure CVE-2020-16904 Azure Functions Elevation of Privilege Vulnerability
Group Policy CVE-2020-16939 Group Policy Elevation of Privilege Vulnerability
Microsoft Dynamics CVE-2020-16978 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2020-16956 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2020-16943 Dynamics 365 Commerce Elevation of Privilege Vulnerability
Microsoft Exchange Server CVE-2020-16969 Microsoft Exchange Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-16911 GDI+ Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2020-16914 Windows GDI+ Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-16923 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2020-1167 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft NTFS CVE-2020-16938 Windows Kernel Information Disclosure Vulnerability
Microsoft Office CVE-2020-16933 Microsoft Word Security Feature Bypass Vulnerability
Microsoft Office CVE-2020-16929 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-16934 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Microsoft Office CVE-2020-16932 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-16930 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-16955 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Microsoft Office CVE-2020-16928 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Microsoft Office CVE-2020-16957 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2020-16918 Base3D Remote Code Execution Vulnerability
Microsoft Office CVE-2020-16949 Microsoft Outlook Denial of Service Vulnerability
Microsoft Office CVE-2020-16947 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office CVE-2020-16931 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-16954 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17003 Base3D Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-16948 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2020-16953 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2020-16942 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2020-16951 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-16944 Microsoft SharePoint Reflective XSS Vulnerability
Microsoft Office SharePoint CVE-2020-16945 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2020-16946 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint CVE-2020-16941 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2020-16950 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2020-16952 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-16900 Windows Event System Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16901 Windows Kernel Information Disclosure Vulnerability
Microsoft Windows CVE-2020-16899 Windows TCP/IP Denial of Service Vulnerability
Microsoft Windows CVE-2020-16908 Windows Setup Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16909 Windows Error Reporting Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16912 Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16940 Windows - User Profile Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16907 Win32k Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16936 Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16898 Windows TCP/IP Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-16897 NetBT Information Disclosure Vulnerability
Microsoft Windows CVE-2020-16895 Windows Error Reporting Manager Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16919 Windows Enterprise App Management Service Information Disclosure Vulnerability
Microsoft Windows CVE-2020-16921 Windows Text Services Framework Information Disclosure Vulnerability
Microsoft Windows CVE-2020-16920 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16972 Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16877 Windows Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16876 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16975 Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16973 Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16974 Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16922 Windows Spoofing Vulnerability
Microsoft Windows CVE-2020-0764 Windows Storage Services Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16980 Windows iSCSI Target Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-1080 Windows Hyper-V Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16887 Windows Network Connections Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16885 Windows Storage VSP Driver Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16924 Jet Database Engine Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-16976 Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16935 Windows COM Server Elevation of Privilege Vulnerability
Microsoft Windows Codecs Library CVE-2020-16967 Windows Camera Codec Pack Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-16968 Windows Camera Codec Pack Remote Code Execution Vulnerability
PowerShellGet CVE-2020-16886 PowerShellGet Module WDAC Security Feature Bypass Vulnerability
Visual Studio CVE-2020-16977 Visual Studio Code Python Extension Remote Code Execution Vulnerability
Windows COM CVE-2020-16916 Windows COM Server Elevation of Privilege Vulnerability
Windows Error Reporting CVE-2020-16905 Windows Error Reporting Elevation of Privilege Vulnerability
Windows Hyper-V CVE-2020-16894 Windows NAT Remote Code Execution Vulnerability
Windows Hyper-V CVE-2020-1243 Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V CVE-2020-16891 Windows Hyper-V Remote Code Execution Vulnerability
Windows Installer CVE-2020-16902 Windows Installer Elevation of Privilege Vulnerability
Windows Kernel CVE-2020-16889 Windows KernelStream Information Disclosure Vulnerability
Windows Kernel CVE-2020-16892 Windows Image Elevation of Privilege Vulnerability
Windows Kernel CVE-2020-16913 Win32k Elevation of Privilege Vulnerability
Windows Kernel CVE-2020-1047 Windows Hyper-V Elevation of Privilege Vulnerability
Windows Kernel CVE-2020-16910 Windows Security Feature Bypass Vulnerability
Windows Media Player CVE-2020-16915 Media Foundation Memory Corruption Vulnerability
Windows RDP CVE-2020-16863 Windows Remote Desktop Service Denial of Service Vulnerability
Windows RDP CVE-2020-16927 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Windows RDP CVE-2020-16896 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Windows Secure Kernel Mode CVE-2020-16890 Windows Kernel Elevation of Privilege Vulnerability

CVE-2020-16863 - Windows Remote Desktop Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16863
MITRE
NVD
CVE Title: Windows Remote Desktop Service Denial of Service Vulnerability
Description:

A denial of service vulnerability exists in Windows Remote Desktop Service when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the Remote Desktop Service on the target system to stop responding.

To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Service.

The update addresses the vulnerability by correcting how Remote Desktop Service handles connection requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16863
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 7 for 32-bit Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Denial of Service 4577051
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Denial of Service 4577051
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Denial of Service 4577051
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Denial of Service 4577051
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16863 VictorV (Tang Tianwen)


CVE-2020-16876 - Windows Application Compatibility Client Library Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16876
MITRE
NVD
CVE Title: Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.

To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Application Compatibility Client Library properly handles registry operations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16876
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Elevation of Privilege 4577049
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Elevation of Privilege 4577049
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16876 Tao Yan (@Ga1ois), Ken Hsu, and Qi Deng from Palo Alto Networks


Yuki Chen


CVE-2020-16877 - Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16877
MITRE
NVD
CVE Title: Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and overwrite or delete files.

The security update addresses the vulnerability by correcting how Windows handles reparse points.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16877
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16877 Donato Ferrante of IOActive


CVE-2020-16889 - Windows KernelStream Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16889
MITRE
NVD
CVE Title: Windows KernelStream Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows KernelStream handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16889
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Information Disclosure 4577049
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Information Disclosure 4577049
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Information Disclosure 4577051
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Information Disclosure 4577051
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Information Disclosure 4577064
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Information Disclosure 4577064
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Information Disclosure 4577064
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Information Disclosure 4577064
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Information Disclosure 4577051
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Information Disclosure 4577051
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Information Disclosure 4577038
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Information Disclosure 4577038
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16889 nghiadt12(@nghiadt1098) from Viettel Cyber Security


CVE-2020-16890 - Windows Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16890
MITRE
NVD
CVE Title: Windows Kernel Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16890
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16890 Nicolas Economou from Blue Frost Security


CVE-2020-16891 - Windows Hyper-V Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16891
MITRE
NVD
CVE Title: Windows Hyper-V Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.

The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16891
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for x64-based Systems 4580327 (Security Update) Critical Remote Code Execution 4577049
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Critical Remote Code Execution 4577015
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Critical Remote Code Execution 4577041
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Critical Remote Code Execution 4577032
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Critical Remote Code Execution 4570333
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Critical Remote Code Execution 4571756
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Critical Remote Code Execution 4577051
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Critical Remote Code Execution 4577066
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Critical Remote Code Execution 4577064
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Critical Remote Code Execution 4577064
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Critical Remote Code Execution 4577051
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Critical Remote Code Execution 4577051
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Critical Remote Code Execution 4577038
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Critical Remote Code Execution 4577038
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Critical Remote Code Execution 4577066
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Critical Remote Code Execution 4577066
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Critical Remote Code Execution 4577015
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Critical Remote Code Execution 4577015
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Critical Remote Code Execution 4570333
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Critical Remote Code Execution 4570333
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Critical Remote Code Execution 4571756
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16891 HongZhenhao of IceSword Lab


CVE-2020-16892 - Windows Image Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16892
MITRE
NVD
CVE Title: Windows Image Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16892
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Elevation of Privilege 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Elevation of Privilege 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Elevation of Privilege 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Elevation of Privilege 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16892 anonymous


CVE-2020-16894 - Windows NAT Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16894
MITRE
NVD
CVE Title: Windows NAT Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Windows Network Address Translation (NAT) fails to properly handle UDP traffic. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system.

An attacker who successfully exploited the vulnerability could cause memory corruption on a host operating system.

The security update addresses the vulnerability by correcting how Windows NAT handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16894
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Remote Code Execution 4577015
Base: 7.7
Temporal: 6.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Remote Code Execution 4577015
Base: 7.7
Temporal: 6.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Remote Code Execution 4577015
Base: 7.7
Temporal: 6.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16894 Huichen Lin and Dong Seong Kim of School of Information Technology and Electrical Engineering - The University of Queensland


CVE-2020-16895 - Windows Error Reporting Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16895
MITRE
NVD
CVE Title: Windows Error Reporting Manager Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The security update addresses the vulnerability by correcting how Windows Error Reporting manager handles process crashes.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16895
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16895 Tao Yan (@Ga1ois) from Palo Alto Networks


CVE-2020-16896 - Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16896
MITRE
NVD
CVE Title: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.

The update addresses the vulnerability by correcting how RDP handles connection requests.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized read access to Windows RDP server process.


Mitigations:

Workarounds:

The following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave these workarounds in place:

1. Enable Network Level Authentication (NLA)

You can enable Network Level Authentication to block unauthenticated attackers from exploiting this vulnerability. With NLA turned on, an attacker would first need to authenticate to Remote Desktop Services using a valid account on the target system before the attacker could exploit the vulnerability.

2. Block TCP port 3389 at the enterprise perimeter firewall

TCP port 3389 is used to initiate a connection with the affected component. Blocking this port at the network perimeter firewall will help protect systems that are behind that firewall from attempts to exploit this vulnerability. This can help protect networks from attacks that originate outside the enterprise perimeter. Blocking the affected ports at the enterprise perimeter is the best defense to help avoid Internet-based attacks. However, systems could still be vulnerable to attacks from within their enterprise perimeter.


Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16896
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Information Disclosure 4577049
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Information Disclosure 4577049
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Information Disclosure 4577015
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Information Disclosure 4577015
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Information Disclosure 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Information Disclosure 4577015
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Information Disclosure 4577015
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Information Disclosure 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Information Disclosure 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Information Disclosure 4571756
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16896 VictorV (Tang Tianwen)


CVE-2020-16897 - NetBT Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16897
MITRE
NVD
CVE Title: NetBT Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how a NetBT handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16897
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Information Disclosure 4577049
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Information Disclosure 4577049
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Information Disclosure 4577051
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Information Disclosure 4577051
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Information Disclosure 4577064
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Information Disclosure 4577064
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Information Disclosure 4577064
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Information Disclosure 4577064
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Information Disclosure 4577051
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Information Disclosure 4577051
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Information Disclosure 4577038
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Information Disclosure 4577038
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Information Disclosure 4577066
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16897 ZiMi and JunGu of Alibaba Orion Security Lab


CVE-2020-16904 - Azure Functions Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16904
MITRE
NVD
CVE Title: Azure Functions Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.

An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.

This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.


FAQ:

How do I get the Azure Functions update?

Re-start your Azure Functions app to get the latest version with the security update.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16904
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Azure Functions Important Elevation of Privilege None Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16904 James Hardaker


CVE-2020-16918 - Base3D Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16918
MITRE
NVD
CVE Title: Base3D Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.

An attacker who successfully exploited the vulnerability would gain execution on a victim system.

The security update addresses the vulnerability by correcting how the Base3D rendering engine handles memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16918
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
3D Viewer Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16918 Keqi Hu


CVE-2020-16919 - Windows Enterprise App Management Service Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16919
MITRE
NVD
CVE Title: Windows Enterprise App Management Service Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.

An attacker with unprivileged access to a vulnerable system could exploit this vulnerability.

The security update addresses the vulnerability by ensuring the Windows Enterprise App Management Service properly handles file operations.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16919
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Information Disclosure 4577049
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Information Disclosure 4577049
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Information Disclosure 4577015
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16919 JeongOh Kyea (kkokkokye) of THEORI


CVE-2020-16920 - Windows Application Compatibility Client Library Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16920
MITRE
NVD
CVE Title: Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.

To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Application Compatibility Client Library properly handles registry operations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16920
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Elevation of Privilege 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Elevation of Privilege 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Elevation of Privilege 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Elevation of Privilege 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Elevation of Privilege 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Elevation of Privilege 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Elevation of Privilege 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Elevation of Privilege 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16920 Feeker Wang from Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-16921 - Windows Text Services Framework Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16921
MITRE
NVD
CVE Title: Windows Text Services Framework Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

To exploit this vulnerability, an attacker would have to log on to an affected system and open a specially crafted file.

The update addresses the vulnerability by correcting how Text Services Framework handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16921
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Information Disclosure 4577041
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Information Disclosure 4577032
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Information Disclosure 4570333
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Information Disclosure 4574727
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16921 WenQunWang of Codesafe Team of Legendsec at Qi'anxin Group


CVE-2020-16922 - Windows Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16922
MITRE
NVD
CVE Title: Windows Spoofing Vulnerability
Description:

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.

In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded.

The update addresses the vulnerability by correcting how Windows validates file signatures.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16922
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Spoofing 4577049
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Spoofing 4577049
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Spoofing 4577015
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Spoofing 4577015
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Spoofing 4577041
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Spoofing 4577041
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Spoofing 4577041
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Spoofing 4577032
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Spoofing 4577032
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Spoofing 4577032
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Spoofing 4570333
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Spoofing 4570333
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Spoofing 4570333
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Spoofing 4574727
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Spoofing 4574727
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Spoofing 4574727
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Spoofing 4574727
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Spoofing 4574727
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Spoofing 4574727
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Spoofing 4571756
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Spoofing 4571756
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Spoofing 4571756
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Spoofing 4577051
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Spoofing 4577051
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Spoofing 4577066
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Spoofing 4577066
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Spoofing 4577066
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Spoofing 4577064
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Spoofing 4577064
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Spoofing 4577064
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Spoofing 4577064
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Spoofing 4577051
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Spoofing 4577051
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Spoofing 4577038
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Spoofing 4577038
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Spoofing 4577066
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Spoofing 4577066
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Spoofing 4577015
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Spoofing 4577015
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Spoofing 4570333
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Spoofing 4570333
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Spoofing 4574727
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Spoofing 4574727
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Spoofing 4571756
Base: 5.3
Temporal: 5.1
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16922 RedDrip Team (@RedDrip7) of QiAnXin TIC (https://ti.qianxin.com)


CVE-2020-16923 - Microsoft Graphics Components Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16923
MITRE
NVD
CVE Title: Microsoft Graphics Components Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.

To exploit the vulnerability, a user would have to open a specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16923
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Critical Remote Code Execution 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Critical Remote Code Execution 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Critical Remote Code Execution 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Critical Remote Code Execution 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Critical Remote Code Execution 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Critical Remote Code Execution 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Critical Remote Code Execution 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Critical Remote Code Execution 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Critical Remote Code Execution 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Critical Remote Code Execution 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Critical Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Critical Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Critical Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Critical Remote Code Execution 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Critical Remote Code Execution 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Critical Remote Code Execution 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Critical Remote Code Execution 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Critical Remote Code Execution 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Critical Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Critical Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Critical Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Critical Remote Code Execution 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Critical Remote Code Execution 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Critical Remote Code Execution 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Critical Remote Code Execution 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Critical Remote Code Execution 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Critical Remote Code Execution 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Critical Remote Code Execution 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Critical Remote Code Execution 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Critical Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Critical Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Critical Remote Code Execution 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Critical Remote Code Execution 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Critical Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Critical Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Critical Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Critical Remote Code Execution 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16923 Zhangjie and willJ


CVE-2020-16924 - Jet Database Engine Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16924
MITRE
NVD
CVE Title: Jet Database Engine Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.

The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16924
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Remote Code Execution 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Remote Code Execution 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Remote Code Execution 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Remote Code Execution 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Remote Code Execution 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Remote Code Execution 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Remote Code Execution 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Remote Code Execution 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Remote Code Execution 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Remote Code Execution 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Remote Code Execution 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Remote Code Execution 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Remote Code Execution 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Remote Code Execution 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Remote Code Execution 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Remote Code Execution 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Remote Code Execution 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Remote Code Execution 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Remote Code Execution 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Remote Code Execution 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Remote Code Execution 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Remote Code Execution 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Remote Code Execution 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Remote Code Execution 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Remote Code Execution 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Remote Code Execution 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Remote Code Execution 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Remote Code Execution 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Remote Code Execution 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16924 Zhibin Zhang of Palo Alto Networks


CVE-2020-16927 - Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16927
MITRE
NVD
CVE Title: Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Description:

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.

To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.

The update addresses the vulnerability by correcting how RDP handles connection requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16927
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Denial of Service 4577049
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Denial of Service 4577049
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Denial of Service 4577015
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Denial of Service 4577015
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Denial of Service 4577041
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Denial of Service 4577041
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Denial of Service 4577041
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Denial of Service 4577032
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Denial of Service 4577032
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Denial of Service 4577032
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Denial of Service 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Denial of Service 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Denial of Service 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Denial of Service 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Denial of Service 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Denial of Service 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Denial of Service 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Denial of Service 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Denial of Service 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Denial of Service 4571756
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Denial of Service 4571756
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Denial of Service 4571756
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Denial of Service 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Denial of Service 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Denial of Service 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Denial of Service 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Denial of Service 4577066
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Denial of Service 4577015
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Denial of Service 4577015
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Denial of Service 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Denial of Service 4570333
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Denial of Service 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Denial of Service 4574727
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Denial of Service 4571756
Base: 7.5
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16927 VictorV (Tang Tianwen)


CVE-2020-16928 - Microsoft Office Click-to-Run Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16928
MITRE
NVD
CVE Title: Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges.

To exploit this vulnerability, an attacker would need to convince a user to open a specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Office Click-to-Run (C2R) components handle these files.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16928
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Click-to-Run (C2R) for 32-bit editions Click to Run (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Click-to-Run (C2R) for 64-bit editions Click to Run (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16928 Ben Faull of Microsoft Corporation


CVE-2020-16929 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16929
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16929
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4486707 (Security Update) Important Remote Code Execution 4486665 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4486707 (Security Update) Important Remote Code Execution 4486665 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4486678 (Security Update) Important Remote Code Execution 4484507 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4486678 (Security Update) Important Remote Code Execution 4484507 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel Web App 2010 Service Pack 2 4462175 (Security Update) Important Remote Code Execution 3101522 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4486700 (Security Update) Important Remote Code Execution 4484532 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4486700 (Security Update) Important Remote Code Execution 4484532 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 RT Service Pack 1 4486688 (Security Update) Important Remote Code Execution 4484517 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4486688 (Security Update) Important Remote Code Execution 4484517 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4486688 (Security Update) Important Remote Code Execution 4484517 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4486682 (Security Update) Important Remote Code Execution 4484513 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4486682 (Security Update) Important Remote Code Execution 4484513 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 for Mac Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for Mac Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office Online Server 4486674 (Security Update) Important Remote Code Execution 4484503 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2010 Service Pack 2 4462175 (Security Update) Important Remote Code Execution 3101522 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2013 Service Pack 1 4486689 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4486687 (Security Update) Important Remote Code Execution 4484516 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2010 Service Pack 2 4484531 (Security Update) Important Remote Code Execution 4484191 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16929 kdot working with Trend Micro's Zero Day Initiative


CVE-2020-16930 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16930
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16930
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2013 RT Service Pack 1 4484435 (Security Update) Important Remote Code Execution 4011104 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4484435 (Security Update) Important Remote Code Execution 4011104 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4484435 (Security Update) Important Remote Code Execution 4011104 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4484417 (Security Update) Important Remote Code Execution 3128012 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4484417 (Security Update) Important Remote Code Execution 3128012 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16930 kdot working with Trend Micro's Zero Day Initiative


kdot working with Trend Micro's Zero Day Initiative


CVE-2020-16931 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16931
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16931
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4486707 (Security Update) Important Remote Code Execution 4486665 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4486707 (Security Update) Important Remote Code Execution 4486665 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4486678 (Security Update) Important Remote Code Execution 4484507 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4486678 (Security Update) Important Remote Code Execution 4484507 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office Online Server 4486674 (Security Update) Important Remote Code Execution 4484503 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2013 Service Pack 1 4486689 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16931 kdot working with Trend Micro's Zero Day Initiative


CVE-2020-16932 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16932
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16932
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4486707 (Security Update) Important Remote Code Execution 4486665 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4486707 (Security Update) Important Remote Code Execution 4486665 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4486695 (Security Update) Important Remote Code Execution 4484526 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4486678 (Security Update) Important Remote Code Execution 4484507 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4486678 (Security Update) Important Remote Code Execution 4484507 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office Online Server 4486674 (Security Update) Important Remote Code Execution 4484503 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2013 Service Pack 1 4486689 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16932 kdot working with Trend Micro's Zero Day Initiative


CVE-2020-16933 - Microsoft Word Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16933
MITRE
NVD
CVE Title: Microsoft Word Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Word handles these files.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


I have Microsoft Office 2010 installed. Why am I not being offered the 4486701 update?

The 4486701 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be offered the update.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16933
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2016 for Mac Release Notes (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2019 for Mac Release Notes (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Word 2010 Service Pack 2 (32-bit editions) 4486703 (Security Update)
4486701 (Security Update)
Important Security Feature Bypass 4486660
4484533
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2010 Service Pack 2 (64-bit editions) 4486703 (Security Update)
4486701 (Security Update)
Important Security Feature Bypass 4486660
4484533
Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2013 RT Service Pack 1 4486692 (Security Update) Important Security Feature Bypass 4484522 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2013 Service Pack 1 (32-bit editions) 4486692 (Security Update) Important Security Feature Bypass 4484522 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2013 Service Pack 1 (64-bit editions) 4486692 (Security Update) Important Security Feature Bypass 4484522 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2016 (32-bit edition) 4486679 (Security Update) Important Security Feature Bypass 4484510 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Word 2016 (64-bit edition) 4486679 (Security Update) Important Security Feature Bypass 4484510 Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16933 Gabriele Pippi from Certego IRT


CVE-2020-16934 - Microsoft Office Click-to-Run Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16934
MITRE
NVD
CVE Title: Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges.

To exploit this vulnerability, an attacker would need to convince a user to open a specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Office Click-to-Run (C2R) components handle these files.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16934
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Click-to-Run (C2R) for 32-bit editions Click to Run (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Click-to-Run (C2R) for 64-bit editions Click to Run (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16934 marxixing of Kingsoft Cloud Security Team (@marxixing)


CVE-2020-16935 - Windows COM Server Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16935
MITRE
NVD
CVE Title: Windows COM Server Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses the vulnerability by correcting how the Windows COM Server creates COM objects.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16935
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4580327 (Security Update) Important Elevation of Privilege 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4580327 (Security Update) Important Elevation of Privilege 4577049
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4580328 (Security Update) Important Elevation of Privilege 4577041
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4580330 (Security Update) Important Elevation of Privilege 4577032
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Elevation of Privilege 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Elevation of Privilege 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4580347 (Monthly Rollup) Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Elevation of Privilege 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Elevation of Privilege 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Elevation of Privilege 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4580378 (Monthly Rollup)
4580385 (Security Only)
Important Elevation of Privilege 4577064
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Elevation of Privilege 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4580345 (Monthly Rollup)
4580387 (Security Only)
Important Elevation of Privilege 4577051
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Elevation of Privilege 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4580382 (Monthly Rollup)
4580353 (Security Only)
Important Elevation of Privilege 4577038
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4580347 (Monthly Rollup)
4580358 (Security Only)
Important Elevation of Privilege 4577066
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4580346 (Security Update) Important Elevation of Privilege 4577015
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4577668 (Security Update) Important Elevation of Privilege 4570333
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4577671 (Security Update) Important Elevation of Privilege 4574727
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Elevation of Privilege 4571756
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16935 Anonymous researcher


CVE-2020-16938 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16938
MITRE
NVD
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16938
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 2004 for 32-bit Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4579311 (Security Update) Important Information Disclosure 4571756
Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16938 Jonas Lykkegård


CVE-2020-16941 - Microsoft SharePoint Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16941
MITRE
NVD
CVE Title: Microsoft SharePoint Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.

To take advantage of the vulnerability, an attacker would require access to the specific SharePoint page affected by this vulnerability.

The security update addresses the vulnerability by correcting how scripts are referenced on some SharePoint pages.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16941
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4486677 (Security Update) Important Information Disclosure 4484506 Base: 4.1
Temporal: 3.7
Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486708 (Security Update) Important Information Disclosure 4486667 Base: 4.1
Temporal: 3.7
Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4486694 (Security Update) Important Information Disclosure 4484525 Base: 4.1
Temporal: 3.7
Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4486676 (Security Update) Important Information Disclosure 4484505 Base: 4.1
Temporal: 3.7
Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16941 Markus Wulftange (@mwulftange)


CVE-2020-16942 - Microsoft SharePoint Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16942
MITRE
NVD
CVE Title: Microsoft SharePoint Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.

To take advantage of the vulnerability, an attacker would require access to the specific SharePoint page affected by this vulnerability.

The security update addresses the vulnerability by correcting how scripts are referenced on some SharePoint pages.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16942
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4486677 (Security Update) Important Information Disclosure 4484506 Base: 4.1
Temporal: 3.7
Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486708 (Security Update) Important Information Disclosure 4486667 Base: 4.1
Temporal: 3.7
Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4486694 (Security Update) Important Information Disclosure 4484525 Base: 4.1
Temporal: 3.7
Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4486676 (Security Update) Important Information Disclosure 4484505 Base: 4.1
Temporal: 3.7
Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16942 Markus Wulftange (@mwulftange)


CVE-2020-16948 - Microsoft SharePoint Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16948
MITRE
NVD
CVE Title: Microsoft SharePoint Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16948
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4486677 (Security Update) Important Information Disclosure 4484506 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486708 (Security Update) Important Information Disclosure 4486667 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4486694 (Security Update) Important Information Disclosure 4484525 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4486676 (Security Update) Important Information Disclosure 4484505 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16948 Markus Wulftange (@mwulftange)


CVE-2020-16953 - Microsoft SharePoint Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16953
MITRE
NVD
CVE Title: Microsoft SharePoint Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16953
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4486677 (Security Update) Important Information Disclosure 4484506 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4486708 (Security Update) Important Information Disclosure 4486667 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4486694 (Security Update) Important Information Disclosure 4484525 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4486676 (Security Update) Important Information Disclosure 4484505 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-16953 Markus Wulftange (@mwulftange)


CVE-2020-16954 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-16954
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Office handles objects in memory.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-10-13T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-16954
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
No
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4486700 (Security Update) Important Remote Code Execution 4484532 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4486700 (Security Update) Important Remote Code Execution 4484532 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 RT Service Pack 1 4486688 (Security Update) Important Remote Code Execution 4484517 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4486688 (Security Update) Important Remote Code Execution 4484517 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4486688 (Security Update) Important Remote Code Execution 4484517 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4486682 (Security Update) Important Remote Code Execution 4484513 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4486682 (Security Update) Important Remote Code Execution 4484513 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C