High Threat Security Alert (A20-11-04): Multiple Vulnerabilities in Microsoft Products (November 2020)

Description:

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:

https://support.microsoft.com/en-us/help/20201110/security-update-deployment-information-november-10-2020

The proof-of-concept exploit against elevation of privilege vulnerability (CVE-2020-17087) in Microsoft's Windows kernel has been observed. The vulnerability affects Windows Servers 2008 R2 or later and Windows 7 or later. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• Internet Explorer 11
• Microsoft Edge (EdgeHTML-based)
• Microsoft Windows 7, 8.1, RT 8.1, 10
• Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
• Microsoft Windows Server, version 1903, version 1909, version 2004, version 20H2
• Microsoft Office 2010, 2013, 2013 RT, 2016, 2019, 2019 for Mac
• Microsoft Office Online Server
• Microsoft Office Web Apps 2013
• Microsoft Excel 2010, 2013, 2013 RT, 2016
• Microsoft Word 2010, 2013, 2013 RT, 2016
• Microsoft Exchange Server 2013, 2016, 2019
• Microsoft 365 Apps for Enterprise
• Microsoft Dynamics 365 (on-premises) version 8.2, 9.0
• Microsoft Dynamics CRM 2015 (on-premises) version 7.0
• Microsoft SharePoint Foundation 2010, 2013
• Microsoft SharePoint Enterprise Server 2013, 2016
• Microsoft SharePoint Server 2010, 2019
• Microsoft Teams
• Microsoft Visual Studio 2017, 2019
• Azure DevOps Server
• Azure Sphere
• ChakraCore
• Visual Studio Code

Impact:

Depending on the vulnerability exploited, a successful attack could lead to remote code execution, elevation of privilege, denial of service, information disclosure, security feature bypass, spoofing and tampering.

Recommendation:

Patches for affected products are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

https://msrc.microsoft.com/update-guide/en-us/releaseNote/2020-Nov
https://www.hkcert.org/my_url/en/alert/20111101
https://us-cert.cisa.gov/ncas/current-activity/2020/11/10/microsoft-releases-november-2020-security-updates
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1325
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1599
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16981 (to CVE-2020-16994)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16997 (to CVE-2020-17001)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17004 (to CVE-2020-17007)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17010 (to CVE-2020-17021)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17024 (to CVE-2020-17038)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17040 (to CVE-2020-17049)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17051 (to CVE-2020-17058)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17060 (to CVE-2020-17071)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17073 (to CVE-2020-17079)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17081 (to CVE-2020-17088)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17090
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17091
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17100 (to CVE-2020-17102)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17104 (to CVE-2020-17110)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17113