Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2020.0121 Microsoft patch day for Extended Support Update products for July 2020 15 July 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Extended Support Update products Operating System: Windows Impact/Access: Administrator Compromise -- Remote/Unauthenticated Execute Arbitrary Code/Commands -- Remote with User Interaction Increased Privileges -- Existing Account Access Privileged Data -- Existing Account Overwrite Arbitrary Files -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2020-1468 CVE-2020-1438 CVE-2020-1437 CVE-2020-1436 CVE-2020-1435 CVE-2020-1430 CVE-2020-1428 CVE-2020-1427 CVE-2020-1421 CVE-2020-1419 CVE-2020-1412 CVE-2020-1410 CVE-2020-1409 CVE-2020-1408 CVE-2020-1407 CVE-2020-1403 CVE-2020-1402 CVE-2020-1401 CVE-2020-1400 CVE-2020-1397 CVE-2020-1396 CVE-2020-1390 CVE-2020-1389 CVE-2020-1384 CVE-2020-1374 CVE-2020-1373 CVE-2020-1371 CVE-2020-1365 CVE-2020-1360 CVE-2020-1359 CVE-2020-1354 CVE-2020-1351 CVE-2020-1350 CVE-2020-1346 CVE-2020-1333 CVE-2020-1267 CVE-2020-1085 CVE-2020-1043 CVE-2020-1042 CVE-2020-1041 CVE-2020-1040 CVE-2020-1036 CVE-2020-1032 Member content until: Friday, August 14 2020 Reference: ASB-2020.120 OVERVIEW Microsoft has released its monthly security patch update for the month of July 2020. This includes the "SIGRed" wormable vulnerability for Windows Server 2008 Extended Support Update (ESU), which should be patched "right away". [2] This update resolves 44 vulnerabilities across the following products: [1] Internet Explorer 9 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity ADV200008 Tampering Important CVE-2020-1032 Remote Code Execution Critical CVE-2020-1036 Remote Code Execution Critical CVE-2020-1040 Remote Code Execution Critical CVE-2020-1041 Remote Code Execution Critical CVE-2020-1042 Remote Code Execution Critical CVE-2020-1043 Remote Code Execution Critical CVE-2020-1085 Elevation of Privilege Important CVE-2020-1267 Denial of Service Important CVE-2020-1333 Elevation of Privilege Important CVE-2020-1346 Elevation of Privilege Important CVE-2020-1350 Remote Code Execution Critical CVE-2020-1351 Information Disclosure Important CVE-2020-1354 Elevation of Privilege Important CVE-2020-1359 Elevation of Privilege Important CVE-2020-1360 Elevation of Privilege Important CVE-2020-1365 Elevation of Privilege Important CVE-2020-1371 Elevation of Privilege Important CVE-2020-1373 Elevation of Privilege Important CVE-2020-1374 Remote Code Execution Critical CVE-2020-1384 Elevation of Privilege Important CVE-2020-1389 Information Disclosure Important CVE-2020-1390 Elevation of Privilege Important CVE-2020-1396 Elevation of Privilege Important CVE-2020-1397 Information Disclosure Important CVE-2020-1400 Remote Code Execution Important CVE-2020-1401 Remote Code Execution Important CVE-2020-1402 Elevation of Privilege Important CVE-2020-1403 Remote Code Execution Moderate CVE-2020-1407 Remote Code Execution Important CVE-2020-1408 Remote Code Execution Important CVE-2020-1409 Remote Code Execution Critical CVE-2020-1410 Remote Code Execution Critical CVE-2020-1412 Remote Code Execution Important CVE-2020-1419 Information Disclosure Important CVE-2020-1421 Remote Code Execution Critical CVE-2020-1427 Elevation of Privilege Important CVE-2020-1428 Elevation of Privilege Important CVE-2020-1430 Elevation of Privilege Important CVE-2020-1435 Remote Code Execution Critical CVE-2020-1436 Remote Code Execution Critical CVE-2020-1437 Elevation of Privilege Important CVE-2020-1438 Elevation of Privilege Important CVE-2020-1468 Information Disclosure Important [1] MITIGATION Microsoft recommends applying the CVE-2020-1350 patch or mitigation "right away". [2] Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1] KB4565529, KB4565536, KB4565354, KB4565353, KB4565524 KB4565479, KB4565539 REFERENCES [1] Security Update Guide https://portal.msrc.microsoft.com/en-us/security-guidance [2] CVE-2020-1350 (SIGRed) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXw5lJ+NLKJtyKPYoAQgVOA//VmlAWYydZVW2Aog1GJZ4JvN+JQ7w69H4 irhSKsI2QBfca92fnRp8hfdW6sjSXvP6z8rBKoRcxxMCJPkMNLAXqKb/E4RkJtM1 Z1ygupUWwT4R3Md2/ziIrY70LHs1JzZrFhGRUzJAmtd6ruJNMP6gt0Zd5cwxpWOO nDYYE2Ol3zrVqHqGD8Wg3jQJWsovoaW19IU3jDD6KmZwi5sq1cCWBu5gzeEIoSdi 3IM4N+5M86PmXA3k+APnBwkllFytqFB/WdWtq9r5nZo/x23EKplqfvvVVWnivxer CoMGKB8EsYKZRm3fvGNOMmkQLQzcfnU4TtyGdTgL37FEhL3fKo6B74aowOyDGGAr 2+c/4Kxn7HWw1N3bQNSqzebxfege2BIpbWYitOkHUCx8C/VB1TOyokmPTCc4CdZ5 MYRmpreFgx8rDkirLPWusNvQwrYBYqxQc30d8eDrBsJCfffnVn4+OY6jjPw3drQK eiPfkqzvxFBh9zeVAJV2vfAGgFeLqERSZg9x3CgAlsnZ2OaXbTvDYjphMOza/ead X7qzl4qjystNIrOquFJFP9IhnXl4vllevR8rxE7Bp7xXpDwSe9/aCy21uRQbQqku qZ4tx4kGDetbq/s/BWVFqq2bSlfTo6b6ULAEUNbuZPrTVqNFlmfRzwYLeZU4nBUs xXPNztjJVJM= =tVim -----END PGP SIGNATURE-----