Operating System:

[WIN]

Published:

14 October 2020

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2020.0161
        Microsoft Patch Tuesday update for Windows for October 2020
                              14 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Windows
Operating System:     Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote/Unauthenticated      
                      Administrator Compromise        -- Remote with User Interaction
                      Increased Privileges            -- Existing Account            
                      Access Privileged Data          -- Existing Account            
                      Denial of Service               -- Remote/Unauthenticated      
                      Access Confidential Data        -- Remote/Unauthenticated      
                      Provide Misleading Information  -- Existing Account            
                      Unauthorised Access             -- Existing Account            
Resolution:           Patch/Upgrade
CVE Names:            CVE-2020-16980 CVE-2020-16976 CVE-2020-16975
                      CVE-2020-16974 CVE-2020-16973 CVE-2020-16972
                      CVE-2020-16968 CVE-2020-16967 CVE-2020-16940
                      CVE-2020-16939 CVE-2020-16938 CVE-2020-16936
                      CVE-2020-16935 CVE-2020-16927 CVE-2020-16924
                      CVE-2020-16923 CVE-2020-16922 CVE-2020-16921
                      CVE-2020-16920 CVE-2020-16919 CVE-2020-16916
                      CVE-2020-16915 CVE-2020-16914 CVE-2020-16913
                      CVE-2020-16912 CVE-2020-16911 CVE-2020-16910
                      CVE-2020-16909 CVE-2020-16908 CVE-2020-16907
                      CVE-2020-16905 CVE-2020-16902 CVE-2020-16901
                      CVE-2020-16900 CVE-2020-16899 CVE-2020-16898
                      CVE-2020-16897 CVE-2020-16896 CVE-2020-16895
                      CVE-2020-16894 CVE-2020-16892 CVE-2020-16891
                      CVE-2020-16890 CVE-2020-16889 CVE-2020-16887
                      CVE-2020-16885 CVE-2020-16877 CVE-2020-16876
                      CVE-2020-1243 CVE-2020-1167 CVE-2020-1080
                      CVE-2020-1047 CVE-2020-0764 
Member content until: Friday, November 13 2020
Reference:            ESB-2020.1833
                      ESB-2020.1815
                      ESB-2020.1733.2
                      ESB-2020.1039

OVERVIEW

        
        Microsoft has released its monthly security patch update for the month of October 2020.
        
        This update resolves 53 vulnerabilities across the following products: [1]
        
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for ARM64-based Systems
         Windows 10 Version 1709 for x64-based Systems
         Windows 10 Version 1803 for 32-bit Systems
         Windows 10 Version 1803 for ARM64-based Systems
         Windows 10 Version 1803 for x64-based Systems
         Windows 10 Version 1809 for 32-bit Systems
         Windows 10 Version 1809 for ARM64-based Systems
         Windows 10 Version 1809 for x64-based Systems
         Windows 10 Version 1903 for 32-bit Systems
         Windows 10 Version 1903 for ARM64-based Systems
         Windows 10 Version 1903 for x64-based Systems
         Windows 10 Version 1909 for 32-bit Systems
         Windows 10 Version 1909 for ARM64-based Systems
         Windows 10 Version 1909 for x64-based Systems
         Windows 10 Version 2004 for 32-bit Systems
         Windows 10 Version 2004 for ARM64-based Systems
         Windows 10 Version 2004 for x64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)
         Windows Server 2019
         Windows Server 2019  (Server Core installation)


IMPACT

        
        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2020-0764   Elevation of Privilege   Important
         CVE-2020-1047   Elevation of Privilege   Important
         CVE-2020-1080   Elevation of Privilege   Important
         CVE-2020-1167   Remote Code Execution    Important
         CVE-2020-1243   Denial of Service        Important
         CVE-2020-16876  Elevation of Privilege   Important
         CVE-2020-16877  Elevation of Privilege   Important
         CVE-2020-16885  Elevation of Privilege   Important
         CVE-2020-16887  Elevation of Privilege   Important
         CVE-2020-16889  Information Disclosure   Important
         CVE-2020-16890  Elevation of Privilege   Important
         CVE-2020-16891  Remote Code Execution    Critical
         CVE-2020-16892  Elevation of Privilege   Important
         CVE-2020-16894  Remote Code Execution    Important
         CVE-2020-16895  Elevation of Privilege   Important
         CVE-2020-16896  Information Disclosure   Important
         CVE-2020-16897  Information Disclosure   Important
         CVE-2020-16898  Remote Code Execution    Critical
         CVE-2020-16899  Denial of Service        Important
         CVE-2020-16900  Elevation of Privilege   Important
         CVE-2020-16901  Information Disclosure   Important
         CVE-2020-16902  Elevation of Privilege   Important
         CVE-2020-16905  Elevation of Privilege   Important
         CVE-2020-16907  Elevation of Privilege   Important
         CVE-2020-16908  Elevation of Privilege   Important
         CVE-2020-16909  Elevation of Privilege   Important
         CVE-2020-16910  Security Feature Bypass  Important
         CVE-2020-16911  Remote Code Execution    Critical
         CVE-2020-16912  Elevation of Privilege   Important
         CVE-2020-16913  Elevation of Privilege   Important
         CVE-2020-16914  Information Disclosure   Important
         CVE-2020-16915  Remote Code Execution    Critical
         CVE-2020-16916  Elevation of Privilege   Important
         CVE-2020-16919  Information Disclosure   Important
         CVE-2020-16920  Elevation of Privilege   Important
         CVE-2020-16921  Information Disclosure   Important
         CVE-2020-16922  Spoofing                 Important
         CVE-2020-16923  Remote Code Execution    Critical
         CVE-2020-16924  Remote Code Execution    Important
         CVE-2020-16927  Denial of Service        Important
         CVE-2020-16935  Elevation of Privilege   Important
         CVE-2020-16936  Elevation of Privilege   Important
         CVE-2020-16938  Information Disclosure   Important
         CVE-2020-16939  Elevation of Privilege   Important
         CVE-2020-16940  Elevation of Privilege   Important
         CVE-2020-16967  Remote Code Execution    Critical
         CVE-2020-16968  Remote Code Execution    Critical
         CVE-2020-16972  Elevation of Privilege   Important
         CVE-2020-16973  Elevation of Privilege   Important
         CVE-2020-16974  Elevation of Privilege   Important
         CVE-2020-16975  Elevation of Privilege   Important
         CVE-2020-16976  Elevation of Privilege   Important
         CVE-2020-16980  Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]
        
         KB4579311, KB4580353, KB4580347, KB4580346, KB4580330
         KB4580358, KB4577668, KB4580328, KB4577049, KB4577671
         KB4577041, KB4580327, KB4580382


REFERENCES

        [1] Microsoft Security Update Guidance
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX4YxouNLKJtyKPYoAQiJJw/9Hh3Xx4W/dL5qfa2yrhRxyn3RYWQmXcDf
BcN89+/ZibUPxuyih0vWxpd8HDCoYKHdOS4D1bhNoP4g6dqWCUJscp0pyflvSw0L
H+gGNrv00SWYjWJPYBRXs0ibdQbV7sNErbP8eDgZ6/KLk/kCFmkVo1uldZIrE9L8
vxtFEiXzaA81W7qSNV9lVhKxdaEGAHbSD1LYfPNWruSUOIsocJhxLiFW5HpkPEpZ
T1oG8UYR2aOAxiro7SPC0Rv5OXLuBgzSV7/zbM1dLZwNHsgRLfn5H48aO+AcwpYR
nRmv4A0wUSqzqWzKn6igUB3Az6yNohslMAf1F1EyF3m7cVpbODA2BjCDENl7NAdW
S1D1QcfF+31hSVjGSzJyMGMXIMN8CMNgnFZym8XMunxxjtwofXBsYz4OBB5jtsuD
ZOn+VKBUKqhuIZ8rWoSJFJeu4WQTyH9vRGtNOdUp3BTzjlf6fNiPlL019OISgqgO
579hwa6owH6pUHT1Wh/sB86rYnubtJEVvZDgtz5JpNaWMLtTPdHdOg/oJ28lNnir
Fm1PLuENbtVujov2ffVaRxr/Vjfy8KSQD+AtLMeln8DEU3nroYf8ctH+CCfSqvE9
c3pyYzn/VMFaC/b2QfMEzsAVJGok4kqpnkwKDnaxU4BT9CIfA/Qu3NPDKxopScYt
fms3/gFqins=
=AJFQ
-----END PGP SIGNATURE-----