Latest Security Advisories & Notable Vulnerabilities

In the November 2020 Microsoft security patch release, Microsoft updated its vulnerability information page. Following the new patch information format, below are the CVEs that Trend Micro Deep Security covers in the February 2021 release:

• CVE-2021-24078 - Windows DNS Server Remote Code Execution Vulnerability
  CVSS:3.0 9.8/8.5
  
  
• CVE-2021-24072 - Microsoft SharePoint Server Remote Code Execution Vulnerability
  CVSS:3.0 8.8/7.7
  
  

In the November 2020 Microsoft security patch release, Microsoft updated its vulnerability information page. Following the new patch information format, below are the CVEs that Trend Micro Deep Security covers in the January 2021 release:

• CVE-2021-1713 - Microsoft Excel Remote Code Execution Vulnerability
  CVSS:3.0 7.8/6.8
  
  
• CVE-2021-1707 - Microsoft SharePoint Server Remote Code Execution Vulnerability
  CVSS:3.0 8.8/7.7
  
  
• CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability
  CVSS:3.0 7.8/7.0
  
  
• CVE-2021-1715 - Microsoft Word Remote Code Execution Vulnerability
  CVSS:3.0 7.8/6.8
  
  

In the December 2020 Microsoft security patch release, Microsoft updated its vulnerability information page. Following the new patch information format, below are the CVEs that Trend Micro Deep Security covers:

• CVE-2020-17140 - Windows SMB Information Disclosure Vulnerability
  CVSS:3.0 8.1/7.1
  
  
• CVE-2020-17096 - Scripting Engine Memory Corruption Vulnerability
  CVSS:3.0 7.5/6.5
  
  
• CVE-2020-17121 - Microsoft SharePoint Remote Code Execution Vulnerability
  CVSS:3.0 8.8/7.7
  
  
• CVE-2020-17144 - Microsoft Exchange Remote Code Execution Vulnerability
  CVSS:3.0 8.4/7.6
  
  
• CVE-2020-17152 - Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
  CVSS:3.0 8.8/7.7
  
  
• CVE-2020-17158 - Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
  CVSS:3.0 8.8/7.7
  
  

In the November 2020 Microsoft security patch release, Microsoft updated its vulnerability information page. Following the new patch information format, below are the CVEs that Trend Micro Deep Security covers:

• CVE-2020-17087 - Windows Kernel Local Elevation of Privilege Vulnerability
  CVSS:3.0 7.8/7.2
  
  
• CVE-2020-17052 - Scripting Engine Memory Corruption Vulnerability
  CVSS:3.0 7.5/6.7
  
  
• CVE-2020-17053 - Internet Explorer Memory Corruption Vulnerability
  CVSS:3.0 7.5/6.7
  
  
• CVE-2020-17051 - Windows Network File System Remote Code Execution Vulnerability
  CVSS:3.0 9.8/8.5
  
  
• CVE-2020-17056 - Windows Network File System Remote Code Execution Vulnerability
  CVSS:3.0 5.5/4.8
  
  

Microsoft addresses several vulnerabilities in its October security bulletin. Trend Micro Deep Security covers the following:

• CVE-2020-16915 - Media Foundation Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This memory corruption vulnerability exists in the mishandling of objects in memory by the Windows Media Foundation. Attackers looking to take advantage of this vulnerability must convince a user to a webpage that hosts an exploit to this vulnerability.



• CVE-2020-16922 - Windows Spoofing Vulnerability
  Risk Rating: Important
  
  This spoofing vulnerability exists in the validation of file signatures. When the vulnerability is successfully exploited, it will allow loading of potentially malicious files.



• CVE-2020-16896 - Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
  Risk Rating: Important
  
  This information disclousre vulnerability exists in the RDP when it checks specially crafted requests. When the vulnerability is successfully exploited, an attacker could gain information to further attacks to the vulnerable machine.

Microsoft addresses several vulnerabilities in its September security bulletin. Trend Micro Deep Security covers the following:

• CVE-2020-0664 - Active Directory Information Disclosure Vulnerability
  Risk Rating: Important
  
  This information disclosure vulnerability exists in the mishandling of objects in memory by the Active Directory integrated DNS (ADIDNS). Attackers looking to take advantage of this vulnerability must be authenticated to send a specially crafted request to the ADIDNS service.



• CVE-2020-0856 - Active Directory Information Disclosure Vulnerability
  Risk Rating: Important
  
  This information disclosure vulnerability exists in the mishandling of objects in memory by the Active Directory integrated DNS (ADIDNS). Attackers looking to take advantage of this vulnerability must be authenticated to send a specially crafted request to the ADIDNS service.

Microsoft addresses several vulnerabilities in its August security bulletin. Trend Micro Deep Security covers the following:

• CVE-2020-1570 - Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the handling of objects in memory by Internet Explorer. Attackers looking to take advantage of this vulnerability could persuade a user to visit a website that hosts an exploit to this vulnerability, or through an ActiveX control in an MS Office document.



• CVE-2020-1380 - Scripting Engine Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in handling of objects in memory by the scripting engine of Internet Explorer. Attackers successful in exploiting this vulnerability may gain the same user rights as the current user.



• CVE-2020-1567 - MSHTML Engine Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the validation of input by the MSHTML engine. Attackers looking to take advantage of this vulnerability could persuade a user to open a specially crafted file.



• CVE-2020-1574 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the handling of objects in memory by the Windows Codec Library.



• CVE-2020-1585 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the handling of objects in memory by the Windows Codec Library.



• CVE-2020-1577 - DirectWrite Information Disclosure Vulnerability
  Risk Rating: Important
  
  This information disclosure vulnerability exists in the improper disclosure of contents of the DirectWrite memory. Attackers looking to exploit this vulnerability could find ways to convince a user of a vulnerable machine to connect to a malicious website.

Microsoft addresses several vulnerabilities in its July security bulletin. Trend Micro Deep Security covers the following:

• CVE-2020-1436 - Windows Font Library Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the improper handling of specially crafted fonts by the Windows font library. Attackers looking to take advantage of this vulnerability could persuade a user to click on a link that will lead to a specially crafted website that hosts an exploit to this vulnerability, or through a file-sharing session where the attacker sends a specially crafted document.



• CVE-2020-1421 - LNK Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the processing of .LNK files by Windows. Attackers looking to take advantage of this vulnerability could persuade a user to access a file through a remote shared folder or removable drive.



• CVE-2020-1400 - Jet Database Engine Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the handling of objects in memory by the Windows Jet Database engine. Attackers looking to take advantage of this vulnerability could persuade a user to open a specially crafted file.



• CVE-2020-1355 - Windows Font Driver Host Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the way the handling of memory by the Windows Font Driver Host.



• CVE-2020-1374 - Remote Desktop Client Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the Windows Remote Desktop Client. Attackers looking to exploit this vulnerability must find a way to control the server and convince a user to connect to it.



• CVE-2020-1403 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the way the handling of objects in memory by the VBScript engine. Attackers looking to exploit this vulnerability could find ways to convince a user of a vulnerable machine to connect to a malicious website.

Microsoft addresses several vulnerabilities in its June security bulletin. Trend Micro Deep Security covers the following:

• CVE-2020-1213 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the improper accessing of objects in memory by VBScript engine. Attackers looking to take advantage of this vulnerability could persuade a user to click on a link that will lead to a specially crafted website that hosts an exploit to this vulnerability.



• CVE-2020-1214 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the handling of objects in memory by VBScript engine. Attackers looking to take advantage of this vulnerability could persuade a user to click on a link that will lead to a specially crafted website that hosts an exploit to this vulnerability.



• CVE-2020-1260 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the handling of objects in memory by VBScript engine. Attackers looking to take advantage of this vulnerability could persuade a user to click on a link that will lead to a specially crafted website that hosts an exploit to this vulnerability.



• CVE-2020-1215 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the way the handling of objects in memory by the VBScript engine. Attackers looking to exploit this vulnerability could find ways to convince a user of a vulnerable machine to connect to a malicious website.



• CVE-2020-1216 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the way the handling of objects in memory by the VBScript engine. Attackers looking to exploit this vulnerability could find ways to convince a user of a vulnerable machine to connect to a malicious website.



• CVE-2020-1230 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the way the handling of objects in memory by the VBScript engine. Attackers looking to exploit this vulnerability could find ways to convince a user of a vulnerable machine to connect to a malicious website.



• CVE-2020-1301 - Microsoft Windows SMB Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the improper handling of certain requests by the Microsoft Server Message Block 1.0 (SMBv1) server. Attackers looking to exploit this vulnerability must find a way to convince a user to open a specially crafted file.



• CVE-2020-1219 - Microsoft Browser Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft browsers. Attackers looking to exploit this vulnerability must find a way to convince a user to open a website that contains the exploit.



• CVE-2020-1284 - Windows SMBv3 Client/Server Denial of Service Vulnerability
  Risk Rating: Important
  
  This denial of service vulnerability exists in the handling of certain requests by the Microsoft Server Message Block 3.1.1 (SMBv3) server. Attackers looking to exploit this vulnerability must find a way to convince a user to open a specially crafted file.

Microsoft addresses several vulnerabilities in its May security bulletin. Trend Micro Deep Security covers the following:

• CVE-2020-1062 - Internet Explorer Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the improper accessing of objects in memory by Internet Explorer. Attackers looking to take advantage of this vulnerability could persuade a user to click on a link that will lead to a specially crafted website that hosts an exploit to this vulnerability.



• CVE-2020-1060 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the handling of objects in memory by VBScript engine. Attackers looking to take advantage of this vulnerability could persuade a user to click on a link that will lead to a specially crafted website that hosts an exploit to this vulnerability.



• CVE-2020-1058 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the handling of objects in memory by VBScript engine. Attackers looking to take advantage of this vulnerability could persuade a user to click on a link that will lead to a specially crafted website that hosts an exploit to this vulnerability.



• CVE-2020-1035 - VBScript Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the way the handling of objects in memory by the VBScript engine. Attackers looking to exploit this vulnerability could find ways to convince a user of a vulnerable machine to connect to a malicious website.



• CVE-2020-1118 - Microsoft Windows Transport Layer Security Denial of Service Vulnerability
  Risk Rating: Important
  
  This denial of service vulnerability exists in the improper handling of certain key exchanges in the Windows implementation of Transport Layer Security (TLS). Attackers looking to exploit this vulnerability could find ways to send a specially crafted request that could trigger a machine reboot.



• CVE-2020-1153 - Microsoft Graphics Components Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by the Microsoft Graphics Components. Attackers looking to exploit this vulnerability must find a way to convince a user to open a specially crafted file.



• CVE-2020-1096 - Microsoft Edge PDF Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by the Microsoft Edge PDF Reader. Attackers looking to exploit this vulnerability must find a way to convince a user to open a specially crafted file.



• CVE-2020-1028 - Media Foundation Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by the Microsoft Edge PDF Reader. Attackers looking to exploit this vulnerability must find a way to convince a user to open a specially crafted file.



• CVE-2020-1126 - Media Foundation Memory Corruption Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by the Microsoft Edge PDF Reader. Attackers looking to exploit this vulnerability must find a way to convince a user to open a specially crafted file.



• CVE-2020-1150 - Media Foundation Memory Corruption Vulnerability
  Risk Rating: Important
  
  This memory corruption vulnerability exists in the improper handling of objects in memory by the Windows Media Foundation. There are multiple ways for attackers to exploit this vulnerability.



• CVE-2020-1051 - Jet Database Engine Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by the Windows Jet Database Engine. Attackers looking to exploit this vulnerability must find a way for a user to open a specially crafted file.



• CVE-2020-1174 - Jet Database Engine Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by the Windows Jet Database Engine. Attackers looking to exploit this vulnerability must find a way for a user to open a specially crafted file.



• CVE-2020-1175 - Jet Database Engine Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by the Windows Jet Database Engine. Attackers looking to exploit this vulnerability must find a way for a user to open a specially crafted file.



• CVE-2020-1176 - Jet Database Engine Remote Code Execution Vulnerability
  Risk Rating: Important
  
  This remote code execution vulnerability exists in the improper handling of objects in memory by the Windows Jet Database Engine. Attackers looking to exploit this vulnerability must find a way for a user to open a specially crafted file.



• CVE-2020-1102 - Microsoft SharePoint Remote Code Execution Vulnerability
  Risk Rating: Critical
  
  This remote code execution vulnerability exists in the failure to check source markup of an application package by the Microsoft SharePoit. Attackers looking to exploit this vulnerability must find a way for a user to open a specially crafted file.