17-Year Old 'Wormable' RCE Vulnerability Affecting DNS Servers Fixed
Microsoft released their July 2020 Patch Tuesday updates, fixing 123 CVE-numbered vulnerabilities across 13 products. None of the flaws are being actively exploited, but there are a few critical vulnerabilities like the Remote Code Execution flaw in Windows DNS Servers that require your full attention.
⚡ TL;DR | Go Straight to the July 2020 Patch Tuesday Audit Report.
The most important fix is for a Critical 10.0 rated vulnerability in Windows DNS Servers. This flaw - tracked as CVE-2020-1350 - allows attackers to perform Remote Code Execution and has been named SigRed.
The SigRed vulnerability is wormable, meaning it holds the same risks as EternalBlue in Server Message Block (SMB) and BlueKeep in the Remote Desktop Protocol (RDP).
July 2020 Security Update includes a fix for a wormable RCE vulnerability in Windows DNS Server affecting all versions of Windows server running the DNS Server role. This should be patched quickly. For more information, see: https://t.co/9NZljmGwiY
— Security Response (@msftsecresponse) July 14, 2020
Microsoft also patched open-source software that contains Denial-of-Service (DoS) and Cross-Site Scripting bugs like the .NET implementation of Bond. There is also a security advisory ADV200008 that enables Request Smuggling Filter on IIS server, which could allow the attacker to modify responses and retrieve info from that user.
Critical CVE Codes Fixed in the July 2020 Patch Tuesday Updates
We compiled a list of the most critical vulnerabilities in the July 2020 Microsoft updates.
CVE-Code | Product Name | CVE Vulnerability Description |
---|---|---|
CVE-2020-1421 | Windows LNK RCE | Remote Code Execution Vulnerability |
CVE-2020-1329 | RCE bug .NET Framework, SharePoint Server, Visual Studio | Remote Code Execution Vulnerability |
CVE-2020-1349 | RCE Vulnerability Outlook | Remote Code Execution Vulnerability |
CVE-2020-1374 | Remote Desktop Client RCE Flaw | Remote Code Execution Vulnerability |
CVE-2020-1240 | Microsoft Excel Vulnerability | Remote Code Execution Vulnerability |
CVE-2020-1041 | Hyper-V RemoteFX vGPU | Remote Code Execution Vulnerability |
CVE-2020-1040 | Hyper-V RemoteFX vGPU | Remote Code Execution Vulnerability |
CVE-2020-1032 | Hyper-V RemoteFX vGPU | Remote Code Execution Vulnerability |
CVE-2020-1036 | Hyper-V RemoteFX vGPU | Remote Code Execution Vulnerability |
CVE-2020-1042 | Hyper-V RemoteFX vGPU | Remote Code Execution Vulnerability |
CVE-2020-1043 | Hyper-V RemoteFX vGPU | Remote Code Execution Vulnerability |
Run the July 2020 Patch Tuesday Audit Report
Similar to previous months, we've created an Audit Report that checks if the assets in your network are on the latest Microsoft patch update. It's color-coded to give you an easy and quick overview of which assets are already on the latest Windows update, and which ones still need to be patched. As always, all admins are advised to install these security updates as soon as possible to protect Windows from security risks.
If you haven't already, start your free trial of Lansweeper to run the Microsoft Patch Tuesday Report. Make sure to subscribe via the form below if you want to receive the latest Microsoft Patch reports and bonus network reports.