Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2020.0054
Microsoft Patch Tuesday updates for Windows (March 2020)
11 March 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Windows 10
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Operating System: Windows
Impact/Access: Administrator Compromise -- Existing Account
Execute Arbitrary Code/Commands -- Remote with User Interaction
Increased Privileges -- Existing Account
Access Privileged Data -- Existing Account
Create Arbitrary Files -- Existing Account
Denial of Service -- Existing Account
Read-only Data Access -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-0898 CVE-2020-0897 CVE-2020-0896
CVE-2020-0887 CVE-2020-0885 CVE-2020-0883
CVE-2020-0882 CVE-2020-0881 CVE-2020-0880
CVE-2020-0879 CVE-2020-0877 CVE-2020-0876
CVE-2020-0874 CVE-2020-0871 CVE-2020-0869
CVE-2020-0868 CVE-2020-0867 CVE-2020-0866
CVE-2020-0865 CVE-2020-0864 CVE-2020-0863
CVE-2020-0861 CVE-2020-0860 CVE-2020-0859
CVE-2020-0858 CVE-2020-0857 CVE-2020-0854
CVE-2020-0853 CVE-2020-0849 CVE-2020-0845
CVE-2020-0844 CVE-2020-0843 CVE-2020-0842
CVE-2020-0841 CVE-2020-0840 CVE-2020-0834
CVE-2020-0822 CVE-2020-0820 CVE-2020-0819
CVE-2020-0814 CVE-2020-0810 CVE-2020-0809
CVE-2020-0808 CVE-2020-0807 CVE-2020-0806
CVE-2020-0804 CVE-2020-0803 CVE-2020-0802
CVE-2020-0801 CVE-2020-0800 CVE-2020-0799
CVE-2020-0798 CVE-2020-0797 CVE-2020-0793
CVE-2020-0791 CVE-2020-0788 CVE-2020-0787
CVE-2020-0786 CVE-2020-0785 CVE-2020-0783
CVE-2020-0781 CVE-2020-0780 CVE-2020-0779
CVE-2020-0778 CVE-2020-0777 CVE-2020-0776
CVE-2020-0775 CVE-2020-0774 CVE-2020-0773
CVE-2020-0772 CVE-2020-0771 CVE-2020-0770
CVE-2020-0769 CVE-2020-0763 CVE-2020-0762
CVE-2020-0690 CVE-2020-0684 CVE-2020-0645
Member content until: Friday, April 10 2020
OVERVIEW
Microsoft has released its monthly security patch update for the month of March 2020.
This update resolves 78 vulnerabilities across the following products: [1]
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2020-0645 Tampering Important
CVE-2020-0684 Remote Code Execution Critical
CVE-2020-0690 Elevation of Privilege Important
CVE-2020-0762 Elevation of Privilege Important
CVE-2020-0763 Elevation of Privilege Important
CVE-2020-0769 Elevation of Privilege Important
CVE-2020-0770 Elevation of Privilege Important
CVE-2020-0771 Elevation of Privilege Important
CVE-2020-0772 Elevation of Privilege Important
CVE-2020-0773 Elevation of Privilege Important
CVE-2020-0774 Information Disclosure Important
CVE-2020-0775 Information Disclosure Important
CVE-2020-0776 Elevation of Privilege Important
CVE-2020-0777 Elevation of Privilege Important
CVE-2020-0778 Elevation of Privilege Important
CVE-2020-0779 Elevation of Privilege Important
CVE-2020-0780 Elevation of Privilege Important
CVE-2020-0781 Elevation of Privilege Important
CVE-2020-0783 Elevation of Privilege Important
CVE-2020-0785 Elevation of Privilege Important
CVE-2020-0786 Denial of Service Important
CVE-2020-0787 Elevation of Privilege Important
CVE-2020-0788 Elevation of Privilege Important
CVE-2020-0791 Elevation of Privilege Important
CVE-2020-0793 Elevation of Privilege Important
CVE-2020-0797 Elevation of Privilege Important
CVE-2020-0798 Elevation of Privilege Important
CVE-2020-0799 Elevation of Privilege Important
CVE-2020-0800 Elevation of Privilege Important
CVE-2020-0801 Remote Code Execution Critical
CVE-2020-0802 Elevation of Privilege Important
CVE-2020-0803 Elevation of Privilege Important
CVE-2020-0804 Elevation of Privilege Important
CVE-2020-0806 Elevation of Privilege Important
CVE-2020-0807 Remote Code Execution Critical
CVE-2020-0808 Elevation of Privilege Important
CVE-2020-0809 Remote Code Execution Critical
CVE-2020-0810 Elevation of Privilege Important
CVE-2020-0814 Elevation of Privilege Important
CVE-2020-0819 Elevation of Privilege Important
CVE-2020-0820 Information Disclosure Important
CVE-2020-0822 Elevation of Privilege Important
CVE-2020-0834 Elevation of Privilege Important
CVE-2020-0840 Elevation of Privilege Important
CVE-2020-0841 Elevation of Privilege Important
CVE-2020-0842 Elevation of Privilege Important
CVE-2020-0843 Elevation of Privilege Important
CVE-2020-0844 Elevation of Privilege Important
CVE-2020-0845 Elevation of Privilege Important
CVE-2020-0849 Elevation of Privilege Important
CVE-2020-0853 Information Disclosure Important
CVE-2020-0854 Elevation of Privilege Important
CVE-2020-0857 Elevation of Privilege Important
CVE-2020-0858 Elevation of Privilege Important
CVE-2020-0859 Information Disclosure Important
CVE-2020-0860 Elevation of Privilege Important
CVE-2020-0861 Information Disclosure Important
CVE-2020-0863 Information Disclosure Important
CVE-2020-0864 Elevation of Privilege Important
CVE-2020-0865 Elevation of Privilege Important
CVE-2020-0866 Elevation of Privilege Important
CVE-2020-0867 Elevation of Privilege Important
CVE-2020-0868 Elevation of Privilege Important
CVE-2020-0869 Remote Code Execution Critical
CVE-2020-0871 Information Disclosure Important
CVE-2020-0874 Information Disclosure Important
CVE-2020-0876 Information Disclosure Important
CVE-2020-0877 Elevation of Privilege Important
CVE-2020-0879 Information Disclosure Important
CVE-2020-0880 Information Disclosure Important
CVE-2020-0881 Remote Code Execution Critical
CVE-2020-0882 Information Disclosure Important
CVE-2020-0883 Remote Code Execution Critical
CVE-2020-0885 Information Disclosure Important
CVE-2020-0887 Elevation of Privilege Important
CVE-2020-0896 Elevation of Privilege Important
CVE-2020-0897 Elevation of Privilege Important
CVE-2020-0898 Elevation of Privilege Important
MITIGATION
Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]
KB4541510, KB4541505, KB4541509, KB4540681, KB4538461
KB4540670, KB4540689, KB4540673, KB4540693, KB4540694
REFERENCES
[1] Microsoft Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXmhdA2aOgq3Tt24GAQiz5w//Sj4YIqIpHSpUqICqkMEwIwCaEHbZ3/cN
EwAr+4vB0QLA7wyjgL5/Y4j6NAcmhvHzWCm+aHI+5P5YTwfLSaPQZlqmA1g0v/Nu
vfqhVRoF5m33WjdlAupxcLZumFzsZW9jBdJU2qWZR+775gFzp4H+jLUdkzxr5PAK
eYWsdF5vG7r/zmGoUAdqNNLeTat9952rIk5rYX2VLtCQ0fdh0TfgtCOC2SGdLB9U
GVx6I+j5dUKO6fBC5F1PhyqFTxp0QmzduE8uAtX/DkSgHdtA/gXEtKnTtdBUnv6q
wS8Wp2BEkHQsXuu3IAWqKJ0sJkH+Ls3xvDGgTQhJbs15dsWS4AzJ3AwawL3MFbma
ZoIDQHhpqxEG6yykQhmJLN9lSpM5iIwVGia/fuD1vqiTjpNIbK9hFSTid1LwX0E/
8i0P/eislDvSYkItGUVDeLsbuWlllZCAvt8VmFVGIUzdT4nPUdCpz53DU8TuCsfz
K2bxtNwjQcAHj41M83rHY8aPgt1w1A2oKN1hJgLOriJKOvmZGt/ZSRJChrukLwrA
qrco4O47i2276pAJFa4x+RpZ83bF78egVXRpEJ7cGOa5QINrezwvINQdgaR/ICUW
g+lHL1BZoUDq+QIj3p9naU0vWkko8bGLWtWpZwuJJ4oCsZ+O4c9/J9vG7CmXFnYf
6RR6TRYeGFo=
=ol9O
-----END PGP SIGNATURE-----