Rewterz Threat Alert – APT34 (OilRig) Fresh Campaign – IoCs
December 9, 2020Rewterz Threat Alert – Stolen FireEye Red Team Tool Countermeasures
December 9, 2020Rewterz Threat Alert – APT34 (OilRig) Fresh Campaign – IoCs
December 9, 2020Rewterz Threat Alert – Stolen FireEye Red Team Tool Countermeasures
December 9, 2020Severity
High
Analysis Summary
Microsoft has recently patched 58 vulnerabilities in multiple products.
Tag | CVE ID | CVE Title | Severity |
---|---|---|---|
Azure DevOps | CVE-2020-17145 | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | Important |
Azure DevOps | CVE-2020-17135 | Azure DevOps Server Spoofing Vulnerability | Important |
Azure SDK | CVE-2020-17002 | Azure SDK for C Security Feature Bypass Vulnerability | Important |
Azure SDK | CVE-2020-16971 | Azure SDK for Java Security Feature Bypass Vulnerability | Important |
Azure Sphere | CVE-2020-17160 | Azure Sphere Security Feature Bypass Vulnerability | Important |
Microsoft Dynamics | CVE-2020-17147 | Dynamics CRM Webclient Cross-site Scripting Vulnerability | Important |
Microsoft Dynamics | CVE-2020-17133 | Microsoft Dynamics Business Central/NAV Information Disclosure | Important |
Microsoft Dynamics | CVE-2020-17158 | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | Critical |
Microsoft Dynamics | CVE-2020-17152 | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | Critical |
Microsoft Edge | CVE-2020-17153 | Microsoft Edge for Android Spoofing Vulnerability | Moderate |
Microsoft Edge | CVE-2020-17131 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Exchange Server | CVE-2020-17143 | Microsoft Exchange Information Disclosure Vulnerability | Important |
Microsoft Exchange Server | CVE-2020-17144 | Microsoft Exchange Remote Code Execution Vulnerability | Important |
Microsoft Exchange Server | CVE-2020-17141 | Microsoft Exchange Remote Code Execution Vulnerability | Important |
Microsoft Exchange Server | CVE-2020-17117 | Microsoft Exchange Remote Code Execution Vulnerability | Critical |
Microsoft Exchange Server | CVE-2020-17132 | Microsoft Exchange Remote Code Execution Vulnerability | Critical |
Microsoft Exchange Server | CVE-2020-17142 | Microsoft Exchange Remote Code Execution Vulnerability | Critical |
Microsoft Graphics Component | CVE-2020-17137 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-17098 | Windows GDI+ Information Disclosure Vulnerability | Important |
Microsoft Office | CVE-2020-17130 | Microsoft Excel Security Feature Bypass Vulnerability | Important |
Microsoft Office | CVE-2020-17128 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-17129 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-17124 | Microsoft PowerPoint Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-17123 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-17119 | Microsoft Outlook Information Disclosure Vulnerability | Important |
Microsoft Office | CVE-2020-17125 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-17127 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-17126 | Microsoft Excel Information Disclosure Vulnerability | Important |
Microsoft Office | CVE-2020-17122 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office SharePoint | CVE-2020-17115 | Microsoft SharePoint Spoofing Vulnerability | Moderate |
Microsoft Office SharePoint | CVE-2020-17120 | Microsoft SharePoint Information Disclosure Vulnerability | Important |
Microsoft Office SharePoint | CVE-2020-17121 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
Microsoft Office SharePoint | CVE-2020-17118 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
Microsoft Office SharePoint | CVE-2020-17089 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-17136 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-16996 | Kerberos Security Feature Bypass Vulnerability | Important |
Microsoft Windows | CVE-2020-17138 | Windows Error Reporting Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-17092 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-17139 | Windows Overlay Filter Security Feature Bypass Vulnerability | Important |
Microsoft Windows | CVE-2020-17103 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-17134 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
Microsoft Windows DNS | ADV200013 | Microsoft Guidance for Addressing Spoofing Vulnerability in DNS Resolver | Important |
Visual Studio | CVE-2020-17148 | Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability | Important |
Visual Studio | CVE-2020-17159 | Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | Important |
Visual Studio | CVE-2020-17156 | Visual Studio Remote Code Execution Vulnerability | Important |
Visual Studio | CVE-2020-17150 | Visual Studio Code Remote Code Execution Vulnerability | Important |
Windows Backup Engine | CVE-2020-16960 | Windows Backup Engine Elevation of Privilege Vulnerability | Important |
Windows Backup Engine | CVE-2020-16958 | Windows Backup Engine Elevation of Privilege Vulnerability | Important |
Windows Backup Engine | CVE-2020-16959 | Windows Backup Engine Elevation of Privilege Vulnerability | Important |
Windows Backup Engine | CVE-2020-16961 | Windows Backup Engine Elevation of Privilege Vulnerability | Important |
Windows Backup Engine | CVE-2020-16964 | Windows Backup Engine Elevation of Privilege Vulnerability | Important |
Windows Backup Engine | CVE-2020-16963 | Windows Backup Engine Elevation of Privilege Vulnerability | Important |
Windows Backup Engine | CVE-2020-16962 | Windows Backup Engine Elevation of Privilege Vulnerability | Important |
Windows Error Reporting | CVE-2020-17094 | Windows Error Reporting Information Disclosure Vulnerability | Important |
Windows Hyper-V | CVE-2020-17095 | Hyper-V Remote Code Execution Vulnerability | Critical |
Windows Lock Screen | CVE-2020-17099 | Windows Lock Screen Security Feature Bypass Vulnerability | Important |
Windows Media | CVE-2020-17097 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important |
Windows SMB | CVE-2020-17096 | Windows NTFS Remote Code Execution Vulnerability | Important |
Windows SMB | CVE-2020-17140 | Windows SMB Information Disclosure Vulnerability | Important |
Impact
- Code Execution
- Information Disclosure
- Privilege Escalation
- Security Bypass
- Memory Corruption
- Cross-site Scripting
Affected Vendors
Microsoft
Affected Products
- Microsoft Dynamics
- Microsoft Edge
- Microsoft Exchange Server
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office SharePoint
- Microsoft Windows
- Microsoft Windows DNS
- Visual Studio
- Windows Backup Engine
- Windows Error Reporting
- Windows Hyper-V
- Windows Lock Screen
- Windows Media
- Windows SMB
- Azure Sphere
- Azure SDK
- Azure DevOps
Remediation
- Microsoft has released updates that patch these vulnerabilities. Update these products to latest patched versions.