September 2020 - Microsoft Releases Security Patches
Advisory Date: 08 de сентября de 2020
DESCRIPTION
Microsoft addresses several vulnerabilities in its September security bulletin. Trend Micro Deep Security covers the following:
- CVE-2020-0664 - Active Directory Information Disclosure Vulnerability
Risk Rating: Important
This information disclosure vulnerability exists in the mishandling of objects in memory by the Active Directory integrated DNS (ADIDNS). Attackers looking to take advantage of this vulnerability must be authenticated to send a specially crafted request to the ADIDNS service. - CVE-2020-0856 - Active Directory Information Disclosure Vulnerability
Risk Rating: Important
This information disclosure vulnerability exists in the mishandling of objects in memory by the Active Directory integrated DNS (ADIDNS). Attackers looking to take advantage of this vulnerability must be authenticated to send a specially crafted request to the ADIDNS service.
INFORMATION EXPOSURE
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection are also protected from attacks using these vulnerabilities.
| Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | Vulnerability Protection Compatibility |
| CVE-2020-0856 | 1010494 | Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0856) | 08-Sep-20 | YES |
| CVE-2020-0664 | 1010491 | Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0664) | 08-Sep-20 | YES |