Today’s VERT Alert addresses Microsoft’s July 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-895 on Wednesday, July 15th.

In-The-Wild & Disclosed CVEs 

CVE-2020-1463

A vulnerability in the SharedStream Library could allow a locally authenticated attacker to run a malicious application in order to elevate their privileges.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

Tag
CVE Count
CVEs
Windows Update Stack
3
CVE-2020-1424, CVE-2020-1346, CVE-2020-1392
Windows Hyper-V
6
CVE-2020-1032, CVE-2020-1036, CVE-2020-1040, CVE-2020-1041, CVE-2020-1043, CVE-2020-1042
Skype for Business
1
CVE-2020-1025
Windows Subsystem for Linux
1
CVE-2020-1423
Microsoft JET Database Engine
3
CVE-2020-1400, CVE-2020-1401, CVE-2020-1407
Microsoft Windows
51
CVE-2020-1350, CVE-2020-1418, CVE-2020-1420, CVE-2020-1421, CVE-2020-1422, CVE-2020-1347, CVE-2020-1352, CVE-2020-1353, CVE-2020-1354, CVE-2020-1356, CVE-2020-1359, CVE-2020-1363, CVE-2020-1365, CVE-2020-1366, CVE-2020-1370, CVE-2020-1371, CVE-2020-1372, CVE-2020-1373, CVE-2020-1374, CVE-2020-1375, CVE-2020-1384, CVE-2020-1385, CVE-2020-1386, CVE-2020-1387, CVE-2020-1390, CVE-2020-1391, CVE-2020-1393, CVE-2020-1394, CVE-2020-1395, CVE-2020-1398, CVE-2020-1399, CVE-2020-1402, CVE-2020-1404, CVE-2020-1405, CVE-2020-1406, CVE-2020-1410, CVE-2020-1413, CVE-2020-1427, CVE-2020-1428, CVE-2020-1429, CVE-2020-1430, CVE-2020-1431, CVE-2020-1434, CVE-2020-1437, CVE-2020-1438, CVE-2020-1463, CVE-2020-1249, CVE-2020-1267, CVE-2020-1333, CVE-2020-1085, CVE-2020-1330
Microsoft Malware Protection Engine
1
CVE-2020-1461
Microsoft Edge
2
CVE-2020-1433, CVE-2020-1462
Windows WalletService
5
CVE-2020-1344, CVE-2020-1361, CVE-2020-1362, CVE-2020-1364, CVE-2020-1369
.NET Framework
1
CVE-2020-1147
Microsoft OneDrive
1
CVE-2020-1465
Visual Studio
2
CVE-2020-1416, CVE-2020-1481
Windows Kernel
10
CVE-2020-1336, CVE-2020-1419, CVE-2020-1357, CVE-2020-1358, CVE-2020-1367, CVE-2020-1388, CVE-2020-1389, CVE-2020-1396, CVE-2020-1411, CVE-2020-1426
Microsoft Graphics Component
11
CVE-2020-1351, CVE-2020-1355, CVE-2020-1381, CVE-2020-1382, CVE-2020-1397, CVE-2020-1408, CVE-2020-1409, CVE-2020-1412, CVE-2020-1435, CVE-2020-1436, CVE-2020-1468
Internet Explorer
1
CVE-2020-1432
Windows Shell
4
CVE-2020-1360, CVE-2020-1368, CVE-2020-1414, CVE-2020-1415
Open Source Software
1
CVE-2020-1469
Microsoft Office
10
CVE-2020-1349, CVE-2020-1439, CVE-2020-1442, CVE-2020-1445, CVE-2020-1446, CVE-2020-1447, CVE-2020-1448, CVE-2020-1449, CVE-2020-1458, CVE-2020-1240
Microsoft Scripting Engine
1
CVE-2020-1403
Microsoft Office SharePoint
7
CVE-2020-1342, CVE-2020-1456, (Read more...)