VERT Threat Alert: February 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-870 on Wednesday, February 12th. In-The-Wild & Disclosed CVEsCVE-2020-0674A vulnerability exists in the way that Internet Explorer’s scripting engine handles objects in memory. An attacker that successfully exploited this vulnerability would have would have the same access as the currently logged in user. This vulnerability has been publicly exploited.Microsoft has rated this as a 0 (Exploitation Detected) on the latest software release on the Exploitability Index.CVE-2020-0683 / CVE-2020-0686A pair of vulnerabilities exist within the Windows Installer that could allow attackers to add or remove files from a system due to the way that symbolic links are processed within MSI packages. An attacker would need to be logged into the system and have a malicious application designed to target the vulnerability. These vulnerabilities has been publicly disclosed.Microsoft has rated both CVE-2020-0683 and CVE-2020-0686 as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.CVE-2020-0689This publicly disclosed vulnerability in Microsoft Security Boot could allow an attacker by bypass secure boot and load untrusted software. It is important to pay attention to the FAQ for this vulnerability. The update is a standalone update (rare for Windows 10) and requires the November Servicing Stack Update be installed. Additionally, if you are using Windows Defender Credential Guard, multiple reboots will be required.Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.CVE-2020-0706A vulnerability in the handling of cross-origin requests in Microsoft browsers could allow an attacker to identify the origin of all web pages in the targeted browser. Successful exploitation would require that the victim accesses attacker controlled content. The vulnerability was addressed by changing how browsers handle cross-origin requests. This vulnerability has been publicly disclosed.Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.CVE Breakdown by TagWhile historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Other InformationIn addition to the Microsoft vulnerabilities included in the February Security Guidance, an advisory were released today.February 2020 Adobe Flash Security Update [ADV200003]Microsoft has released an advisory for Adobe Security Bulletin APSB20-06. This advisory contains updates for CVE-2020-3757.