As part of the October Update Tuesday, Microsoft has eliminated 87 vulnerabilities in their products, including 11 critical vulnerabilities and 21 remote code execution (RCE) issues. The fixed bugs affected Windows itself, Office, Office Services and Web Apps, Visual Studio, Azure Functions, Azure Sphere, .NET Framework, Microsoft Dynamics, Exchange Server, Windows Codecs Library, and so on.
It is reported that, according to experts, none of the vulnerabilities were under attack.
The most dangerous problem of this month was a mistake CVE-2020-16898, which is an RCE bug in the Windows TCP / IP stack that scored 9.8 out of 10 on the CVSS vulnerability rating scale.
The vulnerability could allow an attacker to take full control of a Windows machine by sending malicious ICMPv6 Router Advertisement packets over a network connection. The vulnerability was discovered by Microsoft engineers themselves and are vulnerable to it, including Windows 10 and Windows Server 2019.
If the installation of updates is impossible for some reason, it is strongly recommended to use at least workarounds to fix the bug, including temporarily disabling ICMPv6 RDNSS support.
Company experts McAfee note that such a problem may have the potential of a worm, that is, hackers will be able to launch attacks that will spread from one vulnerable computer to another without human intervention.
Researchers from SophosLabs have published a video demonstrating how the vulnerability can be used to provoke a blue screen of death (BSoD) and named the bug Ping of Death.
Another dangerous vulnerability of this month that deserves special mention is CVE-2020-16947that allows remote code execution in Outlook. Microsoft claims that this error can be exploited by tricking a user into opening a specially crafted file in a vulnerable version of Microsoft Outlook (that is, getting a malicious email from attackers is enough).
“The attack vector here is the preview panel, so you can get hurt without even opening the letter, – explains Dustin Childs of the Zero Day Initiative. – The vulnerability is related to the parsing of HTML content in emails. Although Microsoft rated this issue an XI out of 2, we already have a working proof-of-concept. Please fix this bug as soon as possible. "
Also worth mentioning is the RCE bug in Windows Hyper-V (CVE-2020-16891), scored 8.8 points on the CVSS scale. The problem is related to incorrect validation of the imput from the authenticated user in the guest operating system. By exploiting this issue, an attacker could run a specially crafted program in the guest OS, forcing the Hyper-V host's OS to execute arbitrary code.
Two more critical RCE flaws (CVE-2020-16967 and CVE-2020-16968) affect the Windows Camera Codec Pack, allowing an attacker to send a malicious file to a victim that, when opened, would cause arbitrary code to execute in the context of the current user.