Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2020.0082
Microsoft Patch Tuesday update for Windows for April 2020
15 April 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Windows
Operating System: Windows
Impact/Access: Administrator Compromise -- Existing Account
Execute Arbitrary Code/Commands -- Remote with User Interaction
Increased Privileges -- Existing Account
Access Privileged Data -- Existing Account
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-1094 CVE-2020-1029 CVE-2020-1027
CVE-2020-1020 CVE-2020-1017 CVE-2020-1016
CVE-2020-1015 CVE-2020-1014 CVE-2020-1011
CVE-2020-1009 CVE-2020-1008 CVE-2020-1007
CVE-2020-1006 CVE-2020-1005 CVE-2020-1004
CVE-2020-1003 CVE-2020-1001 CVE-2020-1000
CVE-2020-0999 CVE-2020-0996 CVE-2020-0995
CVE-2020-0994 CVE-2020-0993 CVE-2020-0992
CVE-2020-0988 CVE-2020-0987 CVE-2020-0985
CVE-2020-0983 CVE-2020-0982 CVE-2020-0981
CVE-2020-0965 CVE-2020-0964 CVE-2020-0962
CVE-2020-0960 CVE-2020-0959 CVE-2020-0958
CVE-2020-0956 CVE-2020-0955 CVE-2020-0953
CVE-2020-0952 CVE-2020-0950 CVE-2020-0949
CVE-2020-0948 CVE-2020-0947 CVE-2020-0946
CVE-2020-0945 CVE-2020-0944 CVE-2020-0942
CVE-2020-0940 CVE-2020-0939 CVE-2020-0938
CVE-2020-0937 CVE-2020-0936 CVE-2020-0934
CVE-2020-0918 CVE-2020-0917 CVE-2020-0913
CVE-2020-0910 CVE-2020-0907 CVE-2020-0889
CVE-2020-0888 CVE-2020-0821 CVE-2020-0794
CVE-2020-0784 CVE-2020-0699 CVE-2020-0687
Member content until: Friday, May 15 2020
Reference: ESB-2020.0938
ASB-2020.0066.2
OVERVIEW
Microsoft has released its monthly security patch update for the month of April 2020.
This includes a fix for the issue in ASB-2020.0066.2, published
25 March 2020 with only mitigation steps available.
That issue was CVE-2020-1020.
A similar issue, CVE-2020-0938, has also been disclosed and patched today,
and last month's mitigation instructions helped against it too.
Another issue, CVE-2020-1027, enables attackers to escalate privileges
to administrator.
This update resolves 66 vulnerabilities across the following products: [1]
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2020-0687 Remote Code Execution Critical
CVE-2020-0699 Information Disclosure Important
CVE-2020-0784 Elevation of Privilege Important
CVE-2020-0794 Denial of Service Important
CVE-2020-0821 Information Disclosure Important
CVE-2020-0888 Elevation of Privilege Important
CVE-2020-0889 Remote Code Execution Important
CVE-2020-0907 Remote Code Execution Critical
CVE-2020-0910 Remote Code Execution Critical
CVE-2020-0913 Elevation of Privilege Important
CVE-2020-0917 Elevation of Privilege Important
CVE-2020-0918 Elevation of Privilege Important
CVE-2020-0934 Elevation of Privilege Important
CVE-2020-0936 Elevation of Privilege Important
CVE-2020-0937 Information Disclosure Important
CVE-2020-0938 Remote Code Execution Critical
CVE-2020-0939 Information Disclosure Important
CVE-2020-0940 Elevation of Privilege Important
CVE-2020-0942 Elevation of Privilege Important
CVE-2020-0944 Elevation of Privilege Important
CVE-2020-0945 Information Disclosure Important
CVE-2020-0946 Information Disclosure Important
CVE-2020-0947 Information Disclosure Important
CVE-2020-0948 Remote Code Execution Critical
CVE-2020-0949 Remote Code Execution Critical
CVE-2020-0950 Remote Code Execution Critical
CVE-2020-0952 Information Disclosure Important
CVE-2020-0953 Remote Code Execution Important
CVE-2020-0955 Information Disclosure Important
CVE-2020-0956 Elevation of Privilege Important
CVE-2020-0958 Elevation of Privilege Important
CVE-2020-0959 Remote Code Execution Important
CVE-2020-0960 Remote Code Execution Important
CVE-2020-0962 Information Disclosure Important
CVE-2020-0964 Remote Code Execution Important
CVE-2020-0965 Remote Code Execution Critical
CVE-2020-0981 Security Feature Bypass Important
CVE-2020-0982 Information Disclosure Important
CVE-2020-0983 Elevation of Privilege Important
CVE-2020-0985 Elevation of Privilege Important
CVE-2020-0987 Information Disclosure Important
CVE-2020-0988 Remote Code Execution Important
CVE-2020-0992 Remote Code Execution Important
CVE-2020-0993 Denial of Service Important
CVE-2020-0994 Remote Code Execution Important
CVE-2020-0995 Remote Code Execution Important
CVE-2020-0996 Elevation of Privilege Important
CVE-2020-0999 Remote Code Execution Important
CVE-2020-1000 Elevation of Privilege Important
CVE-2020-1001 Elevation of Privilege Important
CVE-2020-1003 Elevation of Privilege Important
CVE-2020-1004 Elevation of Privilege Important
CVE-2020-1005 Information Disclosure Important
CVE-2020-1006 Elevation of Privilege Important
CVE-2020-1007 Information Disclosure Important
CVE-2020-1008 Remote Code Execution Important
CVE-2020-1009 Elevation of Privilege Important
CVE-2020-1011 Elevation of Privilege Important
CVE-2020-1014 Elevation of Privilege Important
CVE-2020-1015 Elevation of Privilege Important
CVE-2020-1016 Information Disclosure Important
CVE-2020-1017 Elevation of Privilege Important
CVE-2020-1020 Remote Code Execution Critical
CVE-2020-1027 Elevation of Privilege Important
CVE-2020-1029 Elevation of Privilege Important
CVE-2020-1094 Elevation of Privilege Important
[1]
MITIGATION
Microsoft recommends updating the software with the version made available
on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]
KB4550927, KB4550961, KB4550929, KB4549949, KB4550971
KB4549951, KB4550922, KB4550917, KB4550930, KB4550970
REFERENCES
[1] Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXpaAy2aOgq3Tt24GAQjI5w//cgS+/E5D928r93I3jOYf/wYx6t6+k5Cu
YU+e2O7gAnDyL2yBmwkulqZe5xaWwfEU8O/nPfJteycQjvNCc6PSGnwgvlFeC4K3
RvH11okuHR00yOX3L3oG3hkvZ79V7XUtIN5UH9xLM603jOB/EAzffKgixokM+Mo9
EMICpBFkNte1UcAriQ8R7zrj9lrBkb5z+kVihhKH5mg08JmPpoMZepv04idPLIvK
nPdynPXOPvmTqsVnAN1izoVJfl3uKJ654jxj6SnudVFQvnx1JNGdbNl8CDEcP2+3
wKn40k8ipl4YoYTtCL3J3zDPHfw4eM22Y8vwJfEa19ZrNfs+JL2HYXSmz+CU9TSg
XYh1DLYshIMLIUAzXzHWn/YwVL0zqQFubJCXmQmPUBrxhYOz9WFUd5h0H92Mn0Vc
YYtYyEIQwYn2Zu5oGA3QVLaBrP4Rvklp0FY2o4EqaUiH6bY1DNHW2FpsSchClT/u
vcIxxMa0Fhi8DoAyiyKGgqnWLnCgySSzO7gTt6mU2d+kEvcqyPnKAVT3hUjTChBL
0tBTb8zFD5s8463x+0VHUyiw20+l+JZIwpcXtwNqa9PeA4fr8M4JF07S5VyUDDBQ
rV1Rx/fu3Tcv4vMQbbh7hJMIeTtyq3V+QOaJzUBXe9D5TN3RNT2kfe68Xygp+v7f
gFxZyjWZmqk=
=Nx/9
-----END PGP SIGNATURE-----