Today’s VERT Alert addresses Microsoft’s October 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-909 on Wednesday, October 14th.

In-The-Wild & Disclosed CVEs

CVE-2020-16938

This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose information. Specifically, the vulnerability would allow read access to kernel space memory from a user mode process.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16885

A vulnerability exists in the Windows Storage VSP Driver that would allow a local attacker with the ability to execute code to elevate their privileges via a flaw in the driver’s handling of file operations.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16901

This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose information. Specifically, the vulnerability would allow read access to kernel space memory from a user mode process.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16908

A flaw in Windows Setup’s handling of directories could allow an authenticated attacker to execute code with SYSTEM privileges. There are no patches for this vulnerability as it only exists within the software that Microsoft releases to upgrade a system. According to Microsoft all feature update bundles have been refreshed with patched binaries and the flaw no longer exists.

Microsoft has rated this as a 2 (Exploitation Less Likely) on the latest software release on the Exploitability Index.

CVE-2020-16909

A vulnerability in Windows Error Reporting could allow a local attacker to gain elevated levels of access to sensitive information and system functionality via (Read more...)