Microsoft released the monthly scheduled updates for July 2020. Once again, it’s a huge update bundle addressing over hundred different bugs. Fortunately, it includes no actively exploited flaws, yet it addresses a publicly known bug. Here is a quick review of vulnerabilities Microsoft addressed with the Patch Tuesday July.
Critical Microsoft Vulnerabilities Receiving Patches
This month’s update bundle addressed 18 different critical security flaws. Upon exploitation, all of these could lead to remote code execution by a potential attacker.
One of these includes a privilege escalation vulnerability in the Microsoft Office. The flaw, CVE-2020-1025, existed due to improper validation of OAuth token by Microsoft SharePoint Server and Skype for Business Server. To exploit the flaw, an attacker could maliciously modify the tokens to bypass authentication and gain access.
Likewise, another notable vulnerability CVE-2020-1350 affected the Windows Domain Name System server. It existed due to improper handling of requests by the servers. Hence, an attacker could exploit the bug by sending malicious requests to the server.
Besides, Microsoft also addressed another flaw, CVE-2020-1421, in Windows systems that appeared while processing .LNK files. Regarding this bug, their advisory reads,
The attacker could present to the user a removable drive, or remote share, that contains a malicious .LNK file and an associated malicious binary. When the user opens this drive (or remote share) in Windows Explorer, or any other application that parses the .LNK file, the malicious binary will execute code of the attacker’s choice, on the target system.
Hence, exploiting the bug could let the attacker gain access to the system in the context of the current user. The risk was higher in the cases of victims with admin accounts.
Other Microsoft Patch Tuesday July Updates
Apart from the critical flaws, Microsoft addressed 104 different important severity bugs as well across different products. Exploiting these vulnerabilities could lead to privilege escalation, information disclosure, remote code execution, XSS, and spoofing (in case of CVE-2020-1443).
One of these bugs was important because it became publicly disclosed. This vulnerability, CVE-2020-1463, appeared in the way SharedStream Library handled objects in memory. An attacker could exploit the flaw by running maliciously crafted apps.
Since the patches are out, users must ensure updating their devices at the earliest to avoid any possible attacks.