Microsoft has issued its very first patch update for 8 months fixing fewer than 100 CVEs, although 6 are associated to publicly disclosed bugs and will have to have prioritizing.
October’s Patch Tuesday yesterday dealt with 87 vulnerabilities such as 11 rated critical.
Quite a few industry experts pointed to CVE-2020-16898, which has a CVSS score of 9.8, as a precedence.
“This is a distant code execution vulnerability in Microsoft’s TCP/IP stack. The vulnerability is in the way the Windows TCP/IP stack handles ICMPv6 Router Ad packets,” described Recorded Foreseeable future senior security architect, Allan Liska.
“For productive exploitation of this vulnerability, all an attacker has to do is send out a specially crafted ICMPv6 Router Ad packet to a remote Windows laptop. This vulnerability impacts Windows 10 and Windows Server 2019 and really should be patched promptly.”
Somewhere else, 5 of the six bugs have an effect on Windows 10 and similar server editions: CVE-2020-16908, CVE-2020-16909, CVE-2020-16901, CVE-2020-16885 and CVE-2020-16938. The sixth affects the .Internet Framework (CVE-2020-16937).
Todd Schell, senior product or service manager at Ivanti, also pointed to CVE-2020-16947, a vulnerability in Microsoft Outlook which could let distant code execution just by viewing a specifically crafted email.
“The Preview Pane is an attack vector here, so you do not even need to open the mail to be impacted,” he added. “The flaw exists within just the parsing of HTML content in an email. Patch this just one immediately. It will be an beautiful concentrate on for danger actors.”
Yet another RCE flaw, this time in Windows Hyper-V, is CVE-2020-16891.
“This patch corrects a bug that enables an attacker to run a specifically crafted program on an afflicted guest OS to execute arbitrary code on the host OS. A guest OS escape like this would also be quite attractive to risk actors,” claimed Schell.
Microsoft also released a preview of its new update information this month. It’s designed to supply a much more intuitive format so sysadmins can get to the risk-based mostly data they need to have quicker, together with exploited and publicly disclosed vulnerabilities.
Some elements of this report are sourced from: