Microsoft Security Bulletin Coverage for October 2020

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of October 2020. A list of issues reported, along with SonicWall coverage information are as follows:

CVE-2020-16896 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
IPS 15203:Windows Remote Desktop Protocol Information Disclosure (CVE-2020-16896)

CVE-2020-16898 Windows TCP/IP Remote Code Execution Vulnerability
IPS 2416:Windows TCP/IP Remote Code Execution (CVE-2020-16898)

CVE-2020-16899 Windows TCP/IP Denial of Service Vulnerability
IPS 2427:Windows TCP/IP DoS (CVE-2020-16899)

CVE-2020-16907 Win32k Elevation of Privilege Vulnerability
ASPY 108:Malformed-File exe.MP.158

CVE-2020-16913 Win32k Elevation of Privilege Vulnerability
ASPY 5998:Malformed-File exe.MP.159

CVE-2020-16915 Media Foundation Memory Corruption Vulnerability
IPS 15202:Windows Media Foundation Memory Corruption Vulnerability (CVE-2020-16915)

CVE-2020-16922 Windows Spoofing Vulnerability
ASPY 5999:Malformed-File cat.MP.1

Following vulnerabilities do not have exploits in the wild :
CVE-2020-0764 Windows Storage Services Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-1047 Windows Hyper-V Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-1080 Windows Hyper-V Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-1167 Microsoft Graphics Components Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-1243 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-16863 Windows Remote Desktop Service Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-16876 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16877 Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16885 Windows Storage VSP Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16886 PowerShellGet Module WDAC Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-16887 Windows Network Connections Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16889 Windows KernelStream Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16890 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16891 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16892 Windows Image Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16894 Windows NAT Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16895 Windows Error Reporting Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16897 NetBT Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16900 Windows Event System Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16901 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16902 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16904 Azure Functions Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16905 Windows Error Reporting Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16908 Windows Setup Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16909 Windows Error Reporting Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16910 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-16911 GDI+ Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16912 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16914 Windows GDI+ Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16916 Windows COM Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16918 Base3D Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16919 Windows Enterprise App Management Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16920 Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16921 Windows Text Services Framework Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16923 Microsoft Graphics Components Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16924 Jet Database Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16927 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-16928 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16929 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16930 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16931 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16932 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16933 Microsoft Word Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-16934 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16935 Windows COM Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16936 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16937 .NET Framework Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16938 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16939 Group Policy Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16940 Windows – User Profile Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16941 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16942 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16943 Dynamics 365 Commerce Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16944 Microsoft SharePoint Reflective XSS Vulnerability
There are no known exploits in the wild.
CVE-2020-16945 Microsoft Office SharePoint XSS Vulnerability
There are no known exploits in the wild.
CVE-2020-16946 Microsoft Office SharePoint XSS Vulnerability
There are no known exploits in the wild.
CVE-2020-16947 Microsoft Outlook Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16948 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16949 Microsoft Outlook Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-16950 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16951 Microsoft SharePoint Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16952 Microsoft SharePoint Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16953 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16954 Microsoft Office Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16955 Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16956 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2020-16957 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16967 Windows Camera Codec Pack Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16968 Windows Camera Codec Pack Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16969 Microsoft Exchange Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16972 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16973 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16974 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16975 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16976 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16977 Visual Studio Code Python Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16978 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2020-16980 Windows iSCSI Target Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16995 Network Watcher Agent Virtual Machine Extension for Linux Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17003 Base3D Remote Code Execution Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.