Patch Tuesday Update - October 2020

October 15, 2020 | 3 min read | Trending Topics

It’s that time again… Patch Tuesday!

Some good news finally. This is the first month in the past 8 that we’ve had less than 100 CVE’s released. This month’s list of 87 includes 11 critical vulnerabilities (down from 23 last month) with the typical variety of OS, software, and browser-based flaws.

There is one scary flaw to note, CVE-2020-16898, which has already been dubbed “Bad Neighbor” by the security community. This is a nasty Remote Code Execution (RCE) bug in the TCP/IP stack of Windows 10 and Windows Server 2019 that could be abused to install malware, just by sending malformed packets to the vulnerable systems.

“It results in an immediate BSOD (Blue Screen of Death), but more so, indicates the likelihood of exploitation for those who can manage to bypass Windows 10 and Windows Server 2019 mitigations,” McAfee’s Steve Povolny wrote. “The effects of an exploit that would grant remote code execution would be widespread and highly impactful, as this type of bug could be made wormable.” CVE-2020-16898 carries a CVSS Score of 9.8 out of 10.

Another flaw of note is CVE-2020-16947, another RCE issue, but this time for Outlook. Microsoft says this bug can be exploited by tricking a user “to open a specially crafted file with an affected version of Microsoft Outlook software.” The tricky part about this one is the malware can be loaded onto a system just by previewing the malicious email in Outlook, it doesn’t even have to be opened.

All software affected includes:

  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Microsoft JET Database Engine
  • Azure Functions
  • Open Source Software
  • Microsoft Exchange Server
  • Visual Studio
  • PowerShellGet
  • Microsoft .NET Framework
  • Microsoft Dynamics
  • Adobe Flash Player
  • Microsoft Windows Codecs Library

For more information or to access the security updates, see

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Oct

To view the list of affected assets for a specific CVE in your Balbix dashboard:

Enter the CVE in the Search field and hit Enter. Balbix automatically prioritizes the search results for remediation. You can also use the filtered search functionality to search for the CVE by site, subnet, location or other distinguishing factors.

If you have additional questions, please contact support@balbix.com.