Multiple Vulnerabilities in Microsoft Windows - CERT-In Vulnerability Note CIVN-2020-0178

Back

Multiple Vulnerabilities in Microsoft Windows - CERT-In Vulnerability Note CIVN-2020-0178

By Elite CIO
May 24, 2020
13

Multiple Vulnerabilities in Microsoft Windows - CERT-In Vulnerability Note CIVN-2020-0178

Source : https://www.cert-in.org.in/

Original Issue Date : May18, 2020

Severity Rating : HIGH

Software Affected

Windows 10 for x64-based Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 7 for x64-based Systems SP1

Windows 8.1 for x64-based systems

Windows Server 2008 for x64-based Systems SP2 & Server Core installation

Windows Server 2008 R2 for x64-based Systems SP1 & Server Core installation

Windows Server 2012 & Server Core installation

Windows Server 2012 R2 & Server Core installation

Windows Server 2016 & Server Core installation

Windows Server 2019 & Server Core installation

Windows Server, version 1803 (Server Core Installation)

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation)

Overview

Multiple vulnerabilities have been reported in Microsoft Windows which could allow an attacker to bypass security restrictions, may cause denial of service condition (Dos), access sensitive information, gain elevated privileges and execute arbitrary code on the targeted system.

Description

1. Windows Hyper-V Denial of Service Vulnerability ( CVE-2020-0909 )

A denial of service vulnerability exists in Microsoft Windows due to improper handling of network packets by the affected software. A remote attacker could exploit this vulnerability by sending specially crafted network packets to the Hyper-V Server. Successful exploitation of this vulnerability could lead to a Denial of Service condition.

2. Information Disclosure Vulnerability ( CVE-2020-0963 CVE-2020-1072 CVE-2020-1075 CVE-2020-1116CVE-2020-1141 CVE-2020-1145 CVE-2020-1179 )

Multiple information disclosure vulnerabilities exist in Microsoft Windows due to improper handling of the objects in memory by the affected software. A remote attacker could exploit these vulnerabilities by convincing a user to open a specially crafted document or by convincing a user to visit a malicious web application. Successful exploitation of these vulnerabilities could obtain the information to further compromise the user's system.

3. Microsoft Windows Elevation of Privilege Vulnerability ( CVE-2020-1010 )

Multiple elevation of privilege vulnerabilities exist in Microsoft Windows Block Level Backup Engine Service (wbengine) due to improper handling of the file operations by the affected software. A remote attacker could exploit this vulnerability by convincing a user to open a specially crafted document or to visit a malicious web application. Successful exploitation of this vulnerability could allow the attacker to gain elevated privileges of the targeted system.

4. Windows Error Reporting Elevation of Privilege Vulnerability ( CVE-2020-1021 CVE-2020-1082CVE-2020-1086 CVE-2020-1088 CVE-2020-1132 )

Multiple elevation of privilege vulnerabilities exist in Microsoft Windows Error Reporting (WER) when WER handles and executes files. A remote attacker could exploit these vulnerabilities by convincing a user to open a specially crafted document or to visit a malicious web application.

Successful exploitation of this vulnerability could allow the attacker to gain elevated privileges of the targeted system.

5. Elevation of Privilege Vulnerability ( CVE-2020-1028 CVE-2020-1054 CVE-2020-1077 CVE-2020-1079CVE-2020-1087 CVE-2020-1090 CVE-2020-1114 CVE-2020-1121 CVE-2020-1124CVE-2020-1125 CVE-2020-1126 CVE-2020- 5/24/2020 CERT-In Vulnerability Notes 2/61131 CVE-2020-1134 CVE-2020-1135 CVE-2020-1142 CVE-2020-1139 CVE-2020-1137CVE-2020-1143 CVE-2020- 1144 CVE-2020-1149 CVE-2020-1151 CVE-2020-1154CVE-2020-1155 CVE-2020-1156 CVE-2020-1157 CVE-2020-1158 CVE-2020-1164CVE-2020-1166 CVE-2020-1184 CVE-2020-1185 CVE-2020-1186 CVE-2020-1187 CVE-2020-1188CVE-2020-1189 CVE-2020-1190 CVE-2020-1191 )

Multiple elevation of privilege vulnerabilities exist in Microsoft Windows due to improper handling of objects in memory by the affected software.A remote attacker could exploit these vulnerabilities by running a specially crafted application on the victim system. Successful exploitation of this vulnerability could allow the attacker to gain elevated privileges of the targeted system.

6. Windows Print Spooler Elevation of Privilege Vulnerability ( CVE-2020-1048 CVE-2020-1070 )

Multiple elevation of privilege vulnerabilities exist in Microsoft Windows Print Spooler service due to improper handling of arbitrary writing to the file system by the affected Windows Print Spooler service. A remote attacker could exploit these vulnerabilities by running a specially crafted script or web application. Successful exploitation of these vulnerabilities could run arbitrary code in an elevated context.

7. Remote Code Execution Vulnerability ( CVE-2020-1051 CVE-2020-1061 CVE-2020-1174 CVE-2020-1175 CVE-2020-1176)

Multiple remote code execution vulnerabilities exist in Microsoft Windows due to improper handling of the objects in memory by the affected software. A remote attacker could exploit these vulnerabilities by running a specially crafted application on the victim system. Successful exploitation of these vulnerabilities could run arbitrary code on the targeted system.

8. Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability ( CVE-2020-1055 )

A cross-site-scripting (XSS) vulnerability exists in Microsoft Active Directory Federation Services (ADFS) when user inputs do not properly sanitize by the affected Active Directory Federation Services. A remote attacker could exploit this vulnerability by sending a specially crafted request to an affected ADFS server. Successful exploitation of this vulnerability could run arbitrary code on the targeted system and then perform cross-site scripting attacks on affected systems.

9. Windows Remote Code Execution Vulnerability ( CVE-2020-1067 CVE-2020-1153 )

Multiple remote code execution vulnerabilities exist in Microsoft Windows due to improper handling of the objects in memory by the affected software. A remote attacker could exploit these vulnerabilities by creating a specially crafted request who has a domain user account. Successful exploitation of these vulnerabilities could run arbitrary code with elevated permissions on the targeted system.

10. Microsoft Windows Elevation of Privilege Vulnerability ( CVE-2020-1068 )

An elevation of privilege vulnerability exists in Windows Media Service when file creation allows in the arbitrary locations by the affected software.A remote attacker could exploit this vulnerability by running a specially crafted application on the victim system. Successful exploitation of this vulnerability could run arbitrary code in an elevated context.

11. Windows Remote Access Common Dialog Elevation of Privilege Vulnerability ( CVE-2020-1071 )

An elevation of privilege vulnerability exists in Microsoft Windows due to improper handling of errors tied to Remote Access Common Dialog by the affected software. A remote attacker could exploit this vulnerability to take physically access the booted machine to reach the logon screen. Successful exploitation of this vulnerability could run arbitrary code in an elevated context.

12. Denial of Service Vulnerability ( CVE-2020-1076 CVE-2020-1123 )

Multiple denial of service vulnerabilities exist in Microsoft Windows due to improper handling of the objects in memory by the affected software. A remote attacker could exploit these vulnerabilities by convincing a user to open a specially crafted document or to visit a malicious web application. Successful exploitation of these vulnerabilities could cause a target system to stop responding.

13. Windows Installer Elevation of Privilege Vulnerability ( CVE-2020-1078 CVE-2020-1138 )

Multiple elevation of privilege vulnerabilities exist in Windows Installer due to improper handling of the file operations by the affected software. A remote attacker could exploit these vulnerabilities by taking unprivileged execution on the victim system. Successful exploitation of these vulnerabilities could run arbitrary code with elevated privileges.

14. Windows Printer Serviceability Elevation of Privilege Vulnerability ( CVE-2020-1081 )

An elevation of privilege vulnerability exists in Microsoft Windows Printer Serviceability due to improper validation of file paths while loading printer drivers by the affected Windows Printer Serviceability. A remote attacker could exploit this vulnerability by convincing a user to open a specially crafted document or by convincing a user to visit a malicious web application. Successful exploitation of this vulnerability could allow the attacker to gain elevated privileges of the targeted system.

15. Connected User Experiences and Telemetry Service Denial of Service Vulnerability ( CVE-2020-1084 )

A Denial of Service vulnerability exists in Microsoft Windows due to improper handling validation of certain function values by the affected software. A remote attacker could exploit this vulnerability by convincing a user to open a specially crafted document or to visit a malicious web application. Successful exploitation of this vulnerability could deny dependent security feature functionality.

16. Windows Update Stack Elevation of Privilege Vulnerability ( CVE-2020-1109 CVE-2020-1110CVE-2020-1140 )

Multiple elevation of privilege vulnerabilities exist in Microsoft Windows Update Stack due to improper handling of the objects in memory by the affected software. A remote attacker could exploit these vulnerabilities by convincing a user to open a specially crafted document or to visit a malicious web application. Successful exploitation of this vulnerability could allow the attacker to gain elevated privileges of the targeted system.

17. Windows Clipboard Service Elevation of Privilege Vulnerability ( CVE-2020-1111 CVE-2020-1165 )

Multiple elevation of privilege vulnerabilities exist in Microsoft Windows Clipboard Service due to improper handling of the calls to Clipboard Service by the affected software. A remote attacker could exploit these vulnerabilities by convincing a user to open a specially crafted document or to visit a malicious web application. Successful exploitation of these vulnerabilities could run arbitrary code in the security context of the local system.

18. Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability (CVE-2020-1112 )

An elevation of privilege vulnerability exists in Microsoft Windows Background Intelligent Transfer Service (BITS) IIS Module due to improper handling of the uploaded content by the affected software. A remote attacker could exploit this vulnerability by submitting a specially crafted request to upload file via BITS. Successful exploitation of this vulnerability could upload restricted file types to an IIS-hosted folder.

19. Windows Task Scheduler Security Feature Bypass Vulnerability ( CVE-2020-1113 )

A security feature bypass vulnerability exists in Microsoft Windows due to improper verification of client connections over RPC by the affected software. A remote attacker could exploit this vulnerability by sending a specially crafted request to a vulnerable system. Successful exploitation of this vulnerability could run arbitrary code as an administrator on the targeted system.

20. Remote Code Execution Vulnerability ( CVE-2020-1117 )

A remote code execution vulnerability exists in Microsoft Color Management due to improper handling of the objects in memory by the affected software. A remote attacker could exploit this vulnerability by convincing a user to open a crafted website or to click a link sent through an email or instant messenger. Successful exploitation of this vulnerability could take control of the affected system and run arbitrary code as an administrator on the targeted system.

21. Microsoft Windows Transport Layer Security Denial of Service Vulnerability ( CVE-2020-1118 )

A denial of service vulnerability exists in the Windows implementation of Transport Layer Security (TLS) due to improper handling of the certain key exchanges by the affected software. A remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted request to a targeted system utilizing TLS 1.2 or lower, triggering the system to automatically reboot.Successful exploitation of this vulnerability could cause a target system to stop responding.

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/

Vendor Information

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/

References

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0909

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0963

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1010

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1021