Automox Patch Tuesday Breakdown: September 2020

Welcome to September’s Patch Tuesday breakdown.

This month, Microsoft has released fixes for 129 vulnerabilities. Of these, 23 patches are rated as critical and seven as important. Windows admins are going to have their hands full this month, especially given the trend of 100-plus patching updates we’ve seen for the last several months.

For September, Adobe and Mozilla have also released a number of patches with critical and high severity ratings. As the remote work trend continues to grow, many organizations are finding that managing endpoints with legacy, on-premise solutions is an inefficient approach. And with such heavy patching loads coming out every month, the need for speed and efficiency is becoming even more pronounced.

Managing and protecting remote endpoints is a growing concern for many organizations, and adapting to changes in the digital environment can be a challenge. This pattern of massive security updates is showing no signs of slowing down, and keeping up with the latest patches is key to endpoint protection.

You can view a full list of the latest patches and updates from Microsoft and other third-party applications in our Patch Tuesday Index.

Critical Updates From Microsoft

Microsoft released nearly two dozen critical updates this month. In particular, Microsoft is patching several remote code execution (RCE) vulnerabilities in Microsoft Sharepoint and Microsoft Sharepoint Server. These include:

  • CVE-2020-1452
  • CVE-2020-1453
  • CVE-2020-1576
  • CVE-2020-1200
  • CVE-2020-1210
  • CVE-2020-1595
  • CVE-2020-1460

CVE-2020-1452, 1453, 1576, 1200, 1210, and 1595 are all critical vulnerabilities that exist in Microsoft Sharepoint. These RCE vulnerabilities can be exploited in a number of different ways but all can lead to arbitrary code execution. Variations of the attack such as CVE-2020-1595 (API specific), reflect the importance of patching this vulnerability to reduce the threat surface available to malicious threat actors.

CVE-2020-0908 and CVE-2020-0922 are also particularly noteworthy RCE vulnerabilities. Attackers can seek to exploit -0908, a vulnerability in Windows Text Service Module, simply by tricking users into visiting a website hosting malicious user content or advertisements. Similarly, -0922 can be exploited by convincing a user to visit a site with malicious Javascript.

Another area of interest is CVE-2020-16874; this is a remote code execution vulnerability found in Visual Studio and affects multiple versions -- including those which date back to 2012. Attackers can attempt to exploit this vulnerability by convincing a user to open a maliciously crafted file with an affected version of Visual Studio. If the attack is successful and the target user is logged in with administrative privileges, the attacker can seize control of the victim system and gain the ability to install programs, create new accounts with full user rights and view or change data.

Other critical updates for this month include:

  • CVE-2020-16875 - Microsoft Exchange Memory Corruption Vulnerability
  • CVE-2020-1252 - Windows Remote Code Execution Vulnerability
  • CVE-2020-1285 - GDI+ Remote Code Execution Vulnerability
  • CVE-2020-16857 - Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
  • CVE-2020-16862 - Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
  • CVE-2020-0997 - Windows Camera Codec Pack Remote Code Execution Vulnerability
  • CVE-2020-1129 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability
  • CVE-2020-1319 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability
  • CVE-2020-0878 - Microsoft Browser Memory Corruption Vulnerability
  • CVE-2020-1508 - Windows Media Audio Decoder Remote Code Execution Vulnerability
  • CVE-2020-1593 - Windows Media Audio Decoder Remote Code Execution Vulnerability
  • CVE-2020-1172 - Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-1057 - Scripting Engine Memory Corruption Vulnerability

More Updates For September

There are a slew of new updates from Adobe this month. In particular, Adobe has released 11 fixes for Adobe Experience Manager, alongside five updates for InDesign and two for Framemaker. There are eight critical security updates to contend with in Experience Manager, and the fixes for InDesign and Framemaker include critical updates as well.

This Patch Tuesday also brings a number of high-severity updates for Mozilla Firefox, Firefox ESR, and Firefox for Android.

The impact of any exploitation of these vulnerabilities, no matter their criticality, could open any organization up to the release of private information, easy lateral movement through a network, or the hijacking of critical information, all due to the heavy use of these tools in marketing and its unfettered access to critical information. It is important to patch these vulnerabilities as soon as possible.

A vulnerability with a high likelihood of exploitation may not always get a critical CVSS rating, however, these kinds of vulnerabilities can also open the door to other types of attacks. Managing endpoints and ensuring patches are deployed as quickly as possible is a critical element of cyber hygiene.

About Automox Automated Patch Management

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, macOS, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.