This month’s Microsoft Patch Tuesday addresses 128 vulnerabilities with 11 of them labeled as Critical. The 11 Critical vulnerabilities cover SharePoint server, Browsers, Scripting Engines, Windows, GDI+, OLE and LNK files. Adobe issued patches today for Experience Manager, Flash Player and Framemaker.
The Browser, Scripting Engine, LNK files (CVE-2020-1299), GDI+(CVE-2020-1248) and OLE (CVE-2020-1281) should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.
A remote code execution vulnerability (CVE-2020-1181) is patched in Sharepoint Server that would allow an authenticated user on a guest system to perform security actions for an application pool process. Microsoft notes that exploitation of this vulnerability is less likely, but these patches should still be prioritized for all SharePoint servers.
Microsoft has also released a fix for a Windows vulnerability (CVE-2020-1300) that could lead to Remote Code Execution vulnerability. This would allow an attacker to trick a user to open a specially crafted cabinet file, thereby installing malicious file that appears to be a printer driver. Based on the information given, this should be prioritized across all Windows servers and workstations.
Windows OLE RCE
A remote code execution vulnerability (CVE-2020-1281) is patched in Windows OLE (Object Linking and Embedding). This would allow an attacker to convince a user to open a specially crafted file or program form email or webpage, and executing malicious code on the host system. All Windows OLE installations should prioritized for patching.
Adobe issued patches today covering multiple vulnerabilities in Experience Manager, Flash Player and Framemaker. Today was a light release for Adobe. They have fixed one critical vulnerability in Adobe Flash, which should be prioritized on any workstation-type systems. The patches for Adobe Flash and Experience Manager are labeled as Priority 2, while Adobe Framemaker patches are set to Priority 3.
While none of the vulnerabilities disclosed in Adobe’s release are known to be Actively Attacked today, all patches should be prioritized on systems with these products installed.