Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rapid7blogRichard TsangRAPID7BLOG:5C1C01CE46935D3FDB62B946B79E9801
HistoryNov 11, 2020 - 1:03 a.m.

Patch Tuesday - November 2020

2020-11-1101:03:15
Richard Tsang
blog.rapid7.com
174
JSON

Patch Tuesday - November 2020

Jumping right back to a triple digit volume of vulnerabilities resolved, Microsoft covers 112 CVEs this November affecting products ranging from our standard Windows Operating Systems and Microsoft Office products to some new entries such as Azure Sphere.

Microsoft CVE-2020-17087: Windows Kernel Local Elevation of Privilege Vulnerability

Coming as no surprise to anyone, the previously disclosed CVE-2020-17087 zero-day affecting all supported versions of Windows has a patch this month. It is with this same patch that over half of the additional vulnerabilities detailed this month can be remediated, so definitely have your patching cycles ready. CVE-2020-17087 is a buffer overflow vulnerability behind the Windows Kernel Cryptography Driver that gave local attackers the ability to escalate privileges. Luckily, as seen via Rapid7’s AttackerKB analysis “exploitability is at least somewhat more limited than it might appear at first glance.” This does not diminish the need to prioritize Operating System patching because of the next vulnerability up for discussion: CVE-2020-17051.

Microsoft CVE-2020-17051: Windows Network File System Remote Code Execution

CVE-2020-17051 is this month’s highest severity vulnerability sitting at CVSS 9.8. Microsoft describes CVE-2020-17051 as a Remote Code Execution vulnerability affecting Windows Network File System. At the time of writing, information regarding this vulnerability is light but Microsoft has noted that it has low attack complexity and does not require user interaction to exploit. This is aptly represented by the high CVSS score. At this point, this vulnerability is not known to be exploited in the wild.

Browser Vulnerabilities Come Back After An October Break

While it feels like it’s been a while, browser vulnerabilities are still a thing, and this month brought along five vulnerabilities affecting Internet Explorer and Edge browsers (EdgeHTML-based). CVE-2020-17048, CVE-2020-17052, CVE-2020-17053, CVE-2020-17054, and CVE-2020-17058 are all Remote Code Execution vulnerabilities potentially affecting Internet Explorer and/or Microsoft Edge (again, non-Chromium).

As a gentle reminder, Security-Only patches for operating systems that provide a Monthly Rollup or Security-Only update streams do not include browser remediations. Organizations opting for Security-Only patches should be aware that there are separate Cumulative Security Updates for Internet Explorer.

Azure Sphere

Something new and refreshing this month: A keen eye may have noticed 15 vulnerabilities pertaining to a new product category named Azure Sphere. So the question becomes…what needs to be done about them? The quick answer is, luckily, “not much”. Azure Sphere, an IoT Device offering, is updated automatically on a daily cadence when connected to a network. By the time you’re reading this, if you have Azure Sphere IoT devices in your environment (and they are connected to the Internet), these vulnerabilities would have already been resolved.

Patch Tuesday - November 2020Patch Tuesday - November 2020Patch Tuesday - November 2020Patch Tuesday - November 2020

Note: Graph data is reflective of data presented by Microsoft’s CVRF at the time of writing.

Related

kaspersky 3
threatpost 2
veracode 2
osv 3
github 2
thn 4
krebs 1
cve 7
prion 7
zdi 3
mscve 7
checkpoint_advisories 4
cisa_kev 2
nessus 12
mskb 17
githubexploit 1
attackerkb 2
qualysblog 3
googleprojectzero 1
avleonov 1
kaspersky
kaspersky
KLA11997 Multiple vulnerabilities in Microsoft Browser
2020-11-10 00:00:00
KLA12003 Multiple vulnerabilities in Microsoft Products (ESU)
2020-11-10 00:00:00
KLA12004 Multiple vulnerabilities in Microsoft Windows
2020-11-10 00:00:00
threatpost
threatpost
Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
2020-11-10 21:12:21
Unpatched Windows Zero-Day Exploited in the Wild for Sandbox Escape
2020-11-02 14:57:02
veracode
veracode
Arbitrary Code Execution
2020-11-12 05:20:14
Arbitrary Code Execution
2021-08-03 04:29:43
osv
osv
Out-of-bounds Write in ChakraCore
2021-08-02 17:25:58
Out-of-bounds Write in ChakraCore
2021-08-02 17:26:11
CVE-2020-17054
2020-11-11 07:15:16
github
github
Out-of-bounds Write in ChakraCore
2021-08-02 17:25:58
Out-of-bounds Write in ChakraCore
2021-08-02 17:26:11
thn
thn
Microsoft Releases Windows Security Updates For Critical Flaws
2020-11-11 10:09:00
WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild
2020-11-02 09:43:00
New Chrome Zero-Day Under Active Attacks – Update Your Browser
2020-11-03 09:33:00
krebs
krebs
Patch Tuesday, November 2020 Edition
2020-11-11 01:56:41
cve
cve
CVE-2020-17058
2020-11-11 07:15:00
CVE-2020-17051
2020-11-11 07:15:00
CVE-2020-17048
2020-11-11 07:15:00
prion
prion
Memory corruption
2020-11-11 07:15:00
Remote code execution
2020-11-11 07:15:00
Memory corruption
2020-11-11 07:15:00
zdi
zdi
Microsoft Chakra Array Iterator Type Confusion Remote Code Execution Vulnerability
2020-11-11 00:00:00
Microsoft Internet Explorer array Out-Of-Bounds Write Remote Code Execution Vulnerability
2020-11-11 00:00:00
Microsoft Internet Explorer array Use-After-Free Remote Code Execution Vulnerability
2020-11-11 00:00:00
mscve
mscve
Microsoft Browser Memory Corruption Vulnerability
2020-11-10 08:00:00
Chakra Scripting Engine Memory Corruption Vulnerability
2020-11-10 08:00:00
Windows Network File System Remote Code Execution Vulnerability
2020-11-10 08:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Network File System Remote Code Execution (CVE-2020-17051)
2020-11-10 00:00:00
Microsoft Internet Explorer Memory Corruption (CVE-2020-17053)
2020-11-10 00:00:00
Microsoft Windows Kernel Local Elevation of Privilege (CVE-2020-17087)
2020-11-04 00:00:00
cisa_kev
cisa_kev
Microsoft Windows Kernel Privilege Escalation Vulnerability
2021-11-03 00:00:00
Google Chrome FreeType Heap Buffer Overflow Vulnerability
2021-11-03 00:00:00
nessus
nessus
Security Updates for Internet Explorer (November 2020)
2020-11-10 00:00:00
KB4586805: Windows 7 and Windows Server 2008 R2 November 2020 Security Update
2020-11-10 00:00:00
KB4586781: Windows 10 Version 2004 November 2020 Security Update
2020-11-10 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: November 10, 2020
2020-11-10 08:00:00
November 10, 2020—KB4586793 (OS Build 17763.1577) - EXPIRED
2020-11-10 08:00:00
November 10, 2020—KB4586827 (Monthly Rollup)
2020-11-10 08:00:00
githubexploit
githubexploit
Exploit for Incorrect Conversion between Numeric Types in Microsoft
2021-07-02 16:03:16
attackerkb
attackerkb
CVE-2020-17087 Windows Kernel local privilege escalation 0day
2020-11-11 00:00:00
CVE-2020-15999 Chrome Freetype 0day
2020-11-03 00:00:00
qualysblog
qualysblog
January 2021 Patch Tuesday – 83 Vulnerabilities, 10 Critical, One Zero Day, Adobe
2021-01-12 20:01:43
November 2020 Patch Tuesday – 112 Vulnerabilities, 17 Critical, Windows Codecs, Network File System, Workstation, Adobe
2020-11-10 20:52:34
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
googleprojectzero
googleprojectzero
In-the-Wild Series: October 2020 0-day discovery
2021-03-18 00:00:00
avleonov
avleonov
Vulristics Vulnerability Score, Automated Data Collection and Microsoft Patch Tuesdays Q4 2020
2021-01-11 01:50:44
JSON
Related for RAPID7BLOG:5C1C01CE46935D3FDB62B946B79E9801
kaspersky3threatpost2veracode2osv3github2thn4krebs1cve7prion7zdi3mscve7checkpoint_advisories4cisa_kev2nessus12mskb17githubexploit1attackerkb2qualysblog3googleprojectzero1avleonov1