Nachtrag: Microsoft Sicherheitshinweise Oktober 2020

[English]Kleiner Nachtrag vom Oktober 2020: Microsoft hatte einige Sicherheitshinweise zu Sicherheitsupdates veröffentlicht. Sind hier liegen geblieben, ich stelle sie mal zur Sicherheit hier ein.


Anzeige

**************************************************************************************
Title: Microsoft Security Update Releases
Issued: October 13, 2020
**************************************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2019-1181
* CVE-2019-1182
* CVE-2020-1147
Revision Information:
=====================


Anzeige

* CVE-2019-1181

CVE-2019-1181 | Remote Desktop Services Remote Code Execution Vulnerability-
– Version 2.0
– Reason for Revision: Revised the Security Updates table to add Microsoft Remote
Desktop for Android, Microsoft Remote Desktop for Mac, and Microsoft Remote Desktop
for Mac IoS because these apps are affected by this vulnerability. Microsoft
recommends that customers running any of these apps install the latest security
update to be fully protected from this vulnerability. Please see the FAQ section
for information on how to get these updates.
– Originally posted: August 13, 2020
– Updated: October 13, 2020
– Aggregate CVE Severity Rating: Critical

* CVE-2019-1182

CVE-2019-1182 | Remote Desktop Services Remote Code Execution Vulnerability
– Version 2.0
– Reason for Revision: Revised the Security Updates table to add Microsoft Remote
Desktop for Android, Microsoft Remote Desktop for Mac, and Microsoft Remote Desktop
for Mac IoS because these apps are affected by this vulnerability. Microsoft
recommends that customers running any of these apps install the latest security
update to be fully protected from this vulnerability. Please see the FAQ section
for information on how to get these updates.
– Originally posted: August 13, 2020
– Updated: October 13, 2020
– Aggregate CVE Severity Rating: Critical

* CVE-2020-1147

CVE-2020-1147 | .NET Framework, SharePoint Server, and Visual Studio Remote Code
Execution Vulnerability
– Version 2.0
– Reason for Revision: To comprehensively address CVE-2020-1147, Microsoft has released
the following: October Security Updates for all affected versions of .NET Framework
installed on Windows 10; October 2020 Monthly Rollup updates AND updated versions of
the Security Only updates released in July 2020 for all affected versions of .NET
Framework installed on Windows 8.1, Windows Server 2012 R2, Windows Server 2012,
Windows 7, Windows Server 2008 R2, and Windows Server 2008. Microsoft strongly
recommends that customers install the updates to be fully protected from the
vulnerability. Customers who install the Security Only updates should ensure that
they re-install the updates after October 13. Customers whose systems are configured
to receive automatic updates do not need to take any further action.
– Originally posted: July 14, 2020
– Updated: October 13, 2020
– Aggregate CVE Severity Rating: Critical

**************************************************************************************
Title: Microsoft Security Update Releases
Issued: October 15, 2020
**************************************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2020-16943
* CVE-2020-17022
* CVE-2020-17023
Revision Information:
=====================

* CVE-2020-16943

CVE-2020-16943 | Dynamics 365 Commerce Elevation of Privilege Vulnerability
– Version 2.0
– Reason for Revision: In the Security Updates table, removed the Article and Download
links because an update is not yet available for Dynamics 365 Commerce. Customers
will be notified via a revision to this CVE information when an update becomes
available.
– Originally posted: October 13, 2020
– Updated: October 13, 2020
– Aggregate CVE Severity Rating: Important

* CVE-2020-17022

CVE-2020-17022 | Remote Desktop Services Remote Code Execution Vulnerability
– Version 1.0
– Reason for Revision: Information published.
– Originally posted: October 15, 2020
– Updated: N/A
– Aggregate CVE Severity Rating: Important

* CVE-2020-17023

CVE-2020-17023 | Visual Studio JSON Remote Code Execution Vulnerability
– Version 1.0
– Reason for Revision: Information published.
– Originally posted: October 15, 2020
– Updated: N/A
– Aggregate CVE Severity Rating: Important


Anzeige

Dieser Beitrag wurde unter Sicherheit abgelegt und mit verschlagwortet. Setze ein Lesezeichen auf den Permalink.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Hinweis: Bitte beachtet die Regeln zum Kommentieren im Blog (Erstkommentare und Verlinktes landet in der Moderation, gebe ich alle paar Stunden frei, SEO-Posts/SPAM lösche ich rigoros). Kommentare abseits des Themas bitte unter Diskussion.

Du findest den Blog gut, hast aber Werbung geblockt? Du kannst diesen Blog auch durch eine Spende unterstützen.