Operating System:

[WIN]

Published:

13 February 2020

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2020.0038
        Microsoft Patch Tuesday updates for Windows (February 2020)
                             13 February 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Windows 10
                      Windows 7
                      Windows 8.1
                      Windows RT 8.1
                      Windows Server 2008
                      Windows Server 2008 R2
                      Windows Server 2012
                      Windows Server 2012 R2
                      Windows Server 2016
                      Windows Server 2019
Operating System:     Windows
Impact/Access:        Administrator Compromise        -- Remote with User Interaction
                      Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Increased Privileges            -- Existing Account            
                      Create Arbitrary Files          -- Existing Account            
                      Denial of Service               -- Remote/Unauthenticated      
                      Delete Arbitrary Files          -- Existing Account            
                      Access Confidential Data        -- Existing Account            
                      Reduced Security                -- Existing Account            
Resolution:           Patch/Upgrade
CVE Names:            CVE-2020-0818 CVE-2020-0817 CVE-2020-0792
                      CVE-2020-0757 CVE-2020-0756 CVE-2020-0755
                      CVE-2020-0754 CVE-2020-0753 CVE-2020-0752
                      CVE-2020-0751 CVE-2020-0750 CVE-2020-0749
                      CVE-2020-0748 CVE-2020-0747 CVE-2020-0746
                      CVE-2020-0745 CVE-2020-0744 CVE-2020-0743
                      CVE-2020-0742 CVE-2020-0741 CVE-2020-0740
                      CVE-2020-0739 CVE-2020-0738 CVE-2020-0737
                      CVE-2020-0736 CVE-2020-0735 CVE-2020-0734
                      CVE-2020-0732 CVE-2020-0731 CVE-2020-0730
                      CVE-2020-0729 CVE-2020-0728 CVE-2020-0727
                      CVE-2020-0726 CVE-2020-0725 CVE-2020-0724
                      CVE-2020-0723 CVE-2020-0722 CVE-2020-0721
                      CVE-2020-0720 CVE-2020-0719 CVE-2020-0717
                      CVE-2020-0716 CVE-2020-0715 CVE-2020-0714
                      CVE-2020-0709 CVE-2020-0708 CVE-2020-0707
                      CVE-2020-0705 CVE-2020-0704 CVE-2020-0703
                      CVE-2020-0701 CVE-2020-0698 CVE-2020-0691
                      CVE-2020-0689 CVE-2020-0686 CVE-2020-0685
                      CVE-2020-0683 CVE-2020-0682 CVE-2020-0681
                      CVE-2020-0680 CVE-2020-0679 CVE-2020-0678
                      CVE-2020-0677 CVE-2020-0676 CVE-2020-0675
                      CVE-2020-0672 CVE-2020-0671 CVE-2020-0670
                      CVE-2020-0669 CVE-2020-0668 CVE-2020-0667
                      CVE-2020-0666 CVE-2020-0665 CVE-2020-0662
                      CVE-2020-0661 CVE-2020-0660 CVE-2020-0659
                      CVE-2020-0658 CVE-2020-0657 CVE-2020-0655
Member content until: Saturday, March 14 2020

OVERVIEW

        Microsoft has released its monthly security patch update for the month of February 2020.
        
        This update resolves 81 vulnerabilities across the following products: [1]
        
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for ARM64-based Systems
         Windows 10 Version 1709 for x64-based Systems
         Windows 10 Version 1803 for 32-bit Systems
         Windows 10 Version 1803 for ARM64-based Systems
         Windows 10 Version 1803 for x64-based Systems
         Windows 10 Version 1809 for 32-bit Systems
         Windows 10 Version 1809 for ARM64-based Systems
         Windows 10 Version 1809 for x64-based Systems
         Windows 10 Version 1903 for 32-bit Systems
         Windows 10 Version 1903 for ARM64-based Systems
         Windows 10 Version 1903 for x64-based Systems
         Windows 10 Version 1909 for 32-bit Systems
         Windows 10 Version 1909 for ARM64-based Systems
         Windows 10 Version 1909 for x64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for Itanium-Based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)
         Windows Server 2019
         Windows Server 2019  (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2020-0655   Remote Code Execution    Important
         CVE-2020-0657   Elevation of Privilege   Important
         CVE-2020-0658   Information Disclosure   Important
         CVE-2020-0659   Elevation of Privilege   Important
         CVE-2020-0660   Denial of Service        Important
         CVE-2020-0661   Denial of Service        Important
         CVE-2020-0662   Remote Code Execution    Critical
         CVE-2020-0665   Elevation of Privilege   Important
         CVE-2020-0666   Elevation of Privilege   Important
         CVE-2020-0667   Elevation of Privilege   Important
         CVE-2020-0668   Elevation of Privilege   Important
         CVE-2020-0669   Elevation of Privilege   Important
         CVE-2020-0670   Elevation of Privilege   Important
         CVE-2020-0671   Elevation of Privilege   Important
         CVE-2020-0672   Elevation of Privilege   Important
         CVE-2020-0675   Information Disclosure   Important
         CVE-2020-0676   Information Disclosure   Important
         CVE-2020-0677   Information Disclosure   Important
         CVE-2020-0678   Elevation of Privilege   Important
         CVE-2020-0679   Elevation of Privilege   Important
         CVE-2020-0680   Elevation of Privilege   Important
         CVE-2020-0681   Remote Code Execution    Critical
         CVE-2020-0682   Elevation of Privilege   Important
         CVE-2020-0683   Elevation of Privilege   Important
         CVE-2020-0685   Elevation of Privilege   Important
         CVE-2020-0686   Elevation of Privilege   Important
         CVE-2020-0689   Security Feature Bypass  Important
         CVE-2020-0691   Elevation of Privilege   Important
         CVE-2020-0698   Information Disclosure   Important
         CVE-2020-0701   Elevation of Privilege   Important
         CVE-2020-0703   Elevation of Privilege   Important
         CVE-2020-0704   Elevation of Privilege   Important
         CVE-2020-0705   Information Disclosure   Important
         CVE-2020-0707   Elevation of Privilege   Important
         CVE-2020-0708   Remote Code Execution    Important
         CVE-2020-0709   Elevation of Privilege   Important
         CVE-2020-0714   Information Disclosure   Important
         CVE-2020-0715   Elevation of Privilege   Important
         CVE-2020-0716   Information Disclosure   Important
         CVE-2020-0717   Information Disclosure   Important
         CVE-2020-0719   Elevation of Privilege   Important
         CVE-2020-0720   Elevation of Privilege   Important
         CVE-2020-0721   Elevation of Privilege   Important
         CVE-2020-0722   Elevation of Privilege   Important
         CVE-2020-0723   Elevation of Privilege   Important
         CVE-2020-0724   Elevation of Privilege   Important
         CVE-2020-0725   Elevation of Privilege   Important
         CVE-2020-0726   Elevation of Privilege   Important
         CVE-2020-0727   Elevation of Privilege   Important
         CVE-2020-0728   Information Disclosure   Important
         CVE-2020-0729   Remote Code Execution    Critical
         CVE-2020-0730   Elevation of Privilege   Important
         CVE-2020-0731   Elevation of Privilege   Important
         CVE-2020-0732   Elevation of Privilege   Important
         CVE-2020-0734   Remote Code Execution    Critical
         CVE-2020-0735   Elevation of Privilege   Important
         CVE-2020-0736   Information Disclosure   Important
         CVE-2020-0737   Elevation of Privilege   Important
         CVE-2020-0738   Remote Code Execution    Critical
         CVE-2020-0739   Elevation of Privilege   Important
         CVE-2020-0740   Elevation of Privilege   Important
         CVE-2020-0741   Elevation of Privilege   Important
         CVE-2020-0742   Elevation of Privilege   Important
         CVE-2020-0743   Elevation of Privilege   Important
         CVE-2020-0744   Information Disclosure   Important
         CVE-2020-0745   Elevation of Privilege   Important
         CVE-2020-0746   Information Disclosure   Important
         CVE-2020-0747   Elevation of Privilege   Important
         CVE-2020-0748   Information Disclosure   Important
         CVE-2020-0749   Elevation of Privilege   Important
         CVE-2020-0750   Elevation of Privilege   Important
         CVE-2020-0751   Denial of Service        Important
         CVE-2020-0752   Elevation of Privilege   Important
         CVE-2020-0753   Elevation of Privilege   Important
         CVE-2020-0754   Elevation of Privilege   Important
         CVE-2020-0755   Information Disclosure   Important
         CVE-2020-0756   Information Disclosure   Important
         CVE-2020-0757   Elevation of Privilege   Important
         CVE-2020-0792   Elevation of Privilege   Important
         CVE-2020-0817   Remote Code Execution    Critical
         CVE-2020-0818   Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version made available on
        the Microsoft Update Catalogue for the following Knowledge Base articles. [1]
        
         KB4537762, KB4537813, KB4537822, KB4502496, KB4524244
         KB4537820, KB4537789, KB4537764, KB4537803, KB4532691
         KB4532693, KB4537814, KB4537821, KB4537810, KB4537794
         KB4537776


REFERENCES

        [1] Microsoft Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXkSxSGaOgq3Tt24GAQjDQg//QJUmb2itS820ay1HQq0Wipu/GezmrS9S
pLyTjnJ5/of0HK7pWQJeUI4v6lIjWFgMeiBrnnNoo4i3f7bOTEa3i5CAgFBBz7O6
ZW8YGg+T0twV1oMVbi9kuyyo/R9qaBcaouKJH9cvS59c484pWDSadVfAFFumQ4NZ
F5Cni51ycn7yRKz8D//Ozxa6tkIxqBX4clIFTYLVSZi8JfiRaWVTR3SVV2i3TvV4
Ngy/kgpIqA2eOxP2bkc+gH3naKeDhWLkpNxrrd8TIem0hxJmXjiVnL6hKDsyfaGB
jkbgOw6ggcWpVFZBmLvoYGhs8OdO39N19AaOCE6iyUbCwhL+fso0ExtERZjy6mOD
M+nFowqBCyrBHWujOYiae3mq7tBE4HVPYI8GWXwaOXgt4r+aHY/8T9UDbCPpeC2x
rKW9oIsWCK8VhvWXBatCT72jkD5VHo4tZpRef8AXSB+mjzEa5EZsk1Y/AtAGXAjn
pVwopGU4r3BHJKiih7ZjlO3MlCVfoUFUnmNgQGRt4tNq0lHffBhd0BPJMlkrSGQQ
mN25KiRXbNmaDcFhJOVIfa0hi9BgAFJwEmioX00xKvArc5yprKJ2boJxchGxaD2D
oQjOeFUrQ0doCIcMVXDTGi9Br41uquxEV2Yfhm4zjKeTL8Vvk9cVwqu9V4+D8vOD
cIvjM8DBWBU=
=SJtp
-----END PGP SIGNATURE-----