Today’s VERT Alert addresses Microsoft’s February 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-870 on Wednesday, February 12th. 

In-The-Wild & Disclosed CVEs

CVE-2020-0674

A vulnerability exists in the way that Internet Explorer’s scripting engine handles objects in memory. An attacker that successfully exploited this vulnerability would have would have the same access as the currently logged in user. This vulnerability has been publicly exploited.

Microsoft has rated this as a 0 (Exploitation Detected) on the latest software release on the Exploitability Index.

CVE-2020-0683 / CVE-2020-0686

A pair of vulnerabilities exist within the Windows Installer that could allow attackers to add or remove files from a system due to the way that symbolic links are processed within MSI packages. An attacker would need to be logged into the system and have a malicious application designed to target the vulnerability. These vulnerabilities has been publicly disclosed.

Microsoft has rated both CVE-2020-0683 and CVE-2020-0686 as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-0689

This publicly disclosed vulnerability in Microsoft Security Boot could allow an attacker by bypass secure boot and load untrusted software. It is important to pay attention to the FAQ for this vulnerability. The update is a standalone update (rare for Windows 10) and requires the November Servicing Stack Update be installed. Additionally, if you are using Windows Defender Credential Guard, multiple reboots will be required.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-0706

A vulnerability in the handling of cross-origin requests in Microsoft browsers could allow an attacker to identify the origin of all web pages in the targeted browser. Successful exploitation would require that the victim accesses attacker controlled content. (Read more...)