Maximilian Leire
Maximilian Leire Max started working for Ordina in 2019 as a security consultant, his preferred domains are red teaming and vulnerability management. He is the co-developer of this blog.

Microsoft Security Update September 2020

Microsoft Security Update September 2020

This Patch Tuesday fixes 129 known vulnerabilities of which 23 are rated as critical.

Software affected by this patch is:

  • Microsoft Windows
  • Edge (EdgeHTML-based and Chromium-based
  • ChakraCore
  • Internet Explorer (IE)
  • SQL Server
  • Office and Office Services and Web Apps
  • Microsoft Dynamics
  • Visual Studio
  • Exchange Server
  • ASP.​NET
  • OneDrive
  • Azure DevOps

If you are using any product of the software above (which you probably are) then make sure you are up to date on the latest vulnerabilities you might be vulnerable to. None of the security issues have been reported to be publicly known or exploited, but since they are public knowledge now you should implement this patch as soon as possible as to not fall victim to these known issues.

CVE-2020-16875 | Microsoft Exchange Memory Corruption

The most notable fix this patch is for this remote code execution vulnerability that impacts Microsoft Exchange servers. It has a CVSS score of 9.1 out of 10 and allows attackers to run arbitrary ( and in case of an attack, most likely malicious) code as the “system” user on the server using a specially crafted mail. As the system user has even more privileges than a local administrator account this is a serious issue. Microsoft has noted that this can only be done by a user who is authenticated on the server which would make an attack far less likely but this is not confirmed by the researcher that found this bug. We recommend all exchange users to check if their version is impacted here and patch as soon as possible if you are running a vulnerable server.

Other Remote Code Execution vulnerabilities

More critical Remote code Execution vulnerabilities have been found in other software as well. One was reported for Microsoft Windows and seven CVE’s where made public for similar issues in Sharepoint. An attacker can execute malicious code using a specifically crafted file in both so this is definitely a case where having well trained employees wary of suspicious files is really important. Obviously this shouldn’t be your only defense so make sure to apply the necessary patches as soon as possible here too.

More info can be found using the links below.

If you need any assistance or have any questions regarding digital security within your company, don’t hesitate to contact us.

Sources: