Microsoft Released Another Large “August 2020” Security Update

• Another “Tuesday Patch” has landed, fixing critical and important bugs on a set of MS products.
• Microsoft has fixed a total of 120 vulnerabilities, most of which are privilege escalation flaws.
• One of the flaws is being under active exploitation, although no PoC has been published online.

Microsoft has made big “Tuesday” patches a standard now, as this month’s update is bringing a whopping 120 bug fixes. The critical flaws that were identified this time were 32 in number, which is pretty high on its own. So, applying the update as soon as possible should be a priority for all system administrators out there, especially during the slow-down period that we’re going through right now.

Microsoft doubles down on that by warning that one of the fixed critical vulnerabilities is currently being exploited in the wild.

The elements that received the most critical fixes are the following:

Microsoft Media Foundation – CVE-2020-1379, CVE-2020-1477, CVE-2020-1492, CVE-2020-1525, and CVE-2020-1554. These are all memory corruption flaws that can potentially lead to arbitrary remote code execution. The attacker would have to craft a malicious web page or document to exploit any of these flaws, so some social engineering that goes into tricking the target would also be required.

Microsoft Scripting Engine – CVE-2020-1380 and CVE-2020-1555. The former concerns the active exploitation, even though there is no proof of concept available out there. Both flaws are memory corruption vulnerabilities that can lead to arbitrary remote code execution.

Microsoft Netlogon Remote Protocol – CVE-2020-1472. A remote code execution flaw that could be exploited through a specially crafted app on a machine that's connected to the target network. The patch plugs the hole, but users are also advised to deploy DC (Domain Controller) enforcement mode in addition to updating.

Apart from the above, there are fixes in the .NET framework (CVE-2020-1046), media engines (CVE-2020-1379, CVE-2020-1477, CVE-2020-1492, CVE-2020-1525, CVE-2020-1554) and media codecs (CVE-2020-1560, CVE-2020-1574, CVE-2020-1585), scripting engines (CVE-2020-1555, CVE-2020-1567, CVE-2020-1570), and the PDF renderer of the Edge web browser (CVE-2020-1568).

As for the types of flaws, the elevation of privilege tops the list with 60 vulnerabilities, remote code execution comes second with 35, information disclosure type counts 16, and spoofing stops at nine.

And for those still stuck with Windows 7, the CVE-2020-1337 vulnerability, which is classified as “important,” is another addition to the set of potential entry points to your system. To make this worse, this flaw has received special attention and coverage during the recent Black Hat USA 2020.