Microsoft Security Bulletin Coverage for Feb 2020

February 11, 2020

SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of February 2020. A list of issues reported, along with SonicWall coverage information are as follows:
CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-0655 Remote Desktop Services Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-0657 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 5885:Malformed-File exe.MP.118
CVE-2020-0658 Windows Common Log File System Driver Information Disclosure Vulnerability
ASPY 5885:Malformed-File exe.MP.118
CVE-2020-0659 Windows Data Sharing Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0660 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-0661 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-0662 Windows Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-0663 Microsoft Edge Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0665 Active Directory Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0666 Windows Search Indexer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0667 Windows Search Indexer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0668 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0669 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0670 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0671 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0672 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0673 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-0674 Scripting Engine Memory Corruption Vulnerability
ASPY 14745:HTTP Client Shellcode Exploit 114
CVE-2020-0675 Windows Key Isolation Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0676 Windows Key Isolation Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0677 Windows Key Isolation Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0678 Windows Error Reporting Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0679 Windows Function Discovery Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0680 Windows Function Discovery Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0681 Remote Desktop Client Remote Code Execution Vulnerability
IPS 14793:Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0681)
CVE-2020-0682 Windows Function Discovery Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0683 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0685 Windows COM Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0686 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0688 Microsoft Exchange Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-0689 Microsoft Secure Boot Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-0691 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0692 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0693 Microsoft Office SharePoint XSS Vulnerability
There are no known exploits in the wild.
CVE-2020-0694 Microsoft Office SharePoint XSS Vulnerability
There are no known exploits in the wild.
CVE-2020-0695 Microsoft Office Online Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2020-0696 Microsoft Outlook Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-0697 Microsoft Office Tampering Vulnerability
There are no known exploits in the wild.
CVE-2020-0698 Windows Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0701 Windows Client License Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0702 Surface Hub Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-0703 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0704 Windows Wireless Network Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0705 Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0706 Microsoft Browser Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0707 Windows IME Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0708 Windows Imaging Library Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-0709 DirectX Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0710 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-0711 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-0712 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-0713 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-0714 DirectX Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0715 Windows Graphics Component Elevation of Privilege Vulnerability
ASPY 5889:Malformed-File exe.MP.122
CVE-2020-0716 Win32k Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0717 Win32k Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0719 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0720 Win32k Elevation of Privilege Vulnerability
ASPY 5890:Malformed-File exe.MP.123
CVE-2020-0721 Win32k Elevation of Privilege Vulnerability
ASPY 5891:Malformed-File exe.MP.124
CVE-2020-0722 Win32k Elevation of Privilege Vulnerability
ASPY 5892:Malformed-File exe.MP.125
CVE-2020-0723 Win32k Elevation of Privilege Vulnerability
ASPY 5893:Malformed-File exe.MP.126
CVE-2020-0724 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0725 Win32k Elevation of Privilege Vulnerability
ASPY 5888:Malformed-File exe.MP.121
CVE-2020-0726 Win32k Elevation of Privilege Vulnerability
ASPY 5888:Malformed-File exe.MP.121
CVE-2020-0727 Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0728 Windows Modules Installer Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0729 LNK Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-0730 Windows User Profile Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0731 Win32k Elevation of Privilege Vulnerability
ASPY 5887:Malformed-File exe.MP.120
CVE-2020-0732 DirectX Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0733 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0734 Remote Desktop Client Remote Code Execution Vulnerability
ASPY 5884:Malformed-File exe.MP.117
CVE-2020-0735 Windows Search Indexer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0736 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0737 Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0738 Media Foundation Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-0739 Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0740 Connected Devices Platform Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0741 Connected Devices Platform Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0742 Connected Devices Platform Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0743 Connected Devices Platform Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0744 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0745 Windows Graphics Component Elevation of Privilege Vulnerability
ASPY 5886:Malformed-File exe.MP.119
CVE-2020-0746 Microsoft Graphics Components Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0747 Windows Data Sharing Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0748 Windows Key Isolation Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0749 Connected Devices Platform Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0750 Connected Devices Platform Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0751 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-0752 Windows Search Indexer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0753 Windows Error Reporting Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0754 Windows Error Reporting Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0755 Windows Key Isolation Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0756 Windows Key Isolation Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-0757 Windows SSH Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-0759 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-0767 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-0792 Windows Graphics Component Elevation of Privilege Vulnerability
There are no known exploits in the wild.